Trojan.Crypt.XPACK.Gen

Detected Items

1. Detected Files: %SYSDIR%\kamsoft.exe MD5: 4DF9503C6A687A8BC50E16D8214A3195 Size:106383 MD5: F62C01216B0CC964A6F07E4402D3836F Size:106664 MD5: 0CDF473E884A37C74D242269D6C3EBE4 Size:112132 MD5: 11C34DFAAB5358DB16230F210B734748 Size:106626 MD5: B4C6863DB885BD3A28D99F167CCC5F36 Size:111636 MD5: 37DAB149B765A9FAC41073B88AB435B3 Size:106363 MD5: CE72A8A7E5431A1A4EA0E58258EF5E7D Size:110417 MD5: 4DE148D0B30BD8F54D8A5BDB81F94013 Size:99461 MD5: D7156B77F36F9523E99F483DE1B4F4C2 Size:106451 %USERPROFILE%\ADMIN.EXE MD5: 151E22803A50C8C5DEE75CD3E1B795E4 Size:10239 MD5: B332E6273C0F8DABC6F5C77DFEE85628 Size:10238 %SYSDIR%\ckvo.exe MD5: 8C591A736F646867F8DA3F60ECE5DA31 Size:101730 MD5: 8E2CEE770E0AB11D29CD15E113461B3D Size:91848 MD5: 41EBEC6352AB53B49B2D33C93302D8FA Size:104382 MD5: 982199BEB3BD230B95EF9C6AC1C22C3B Size:100837 MD5: 74B0037E4C69779467D32B5364EBCF52 Size:107673 MD5: 5ACFAA3F96C54670780488F5E415CC57 Size:105096 MD5: ABF976346536FC18F68B3D190BB69AC5 Size:104594 MD5: 32CD3D7C05892EC773A1E3A228D1437C Size:106249 MD5: E79E67FEA973E1925630EF8F6B7BDA74 Size:98383 MD5: 1F4FA2250EA2CFA15386A7016CADFCEC Size:106524 MD5: 2434D32C5CB16CC7CF646BB48B3B1371 Size:104448 MD5: AEA19441D4708EBF458B4557A04A9B15 Size:100495 and more.... %USERPROFILE%\MARCELO.EXE MD5: 813A0B33EC9DF329DDA1FD663C00C637 Size:9286 %DESKTOP%\ID Security Suite\ID USB Lock Key\Admin.exe MD5: 6DA01007FE504458B52B066C172B07E1 Size:738332 %TEMP%\as8ffpas.dll MD5: 6E67D9C326AFCE81084642D52EA11D87 Size:26754 j:\Save\Steinberg Cubase SX 3.0 DVDRip\Cubase SX3 Dongle Crack\Cubase SX3 Dongle Crack\SYNSOACC.dll MD5: F5435AC6E89BDAF3A2E5BE6F6F01B86B Size:400384 %SYSDIR%\urretnd.exe MD5: 5370779138561476F9F390E1864F1DED Size:106047 %SYSDIR%\afmain1.dll MD5: 2D4FA926A436262D1237B2A71906D9FE Size:78848 %SYSDIR%\j3ewro.exe MD5: B10092AE8BA2439173CACEB9DF265EAD Size:121452 MD5: 9C0A0EA0C3B048C6CC84632788E92F91 Size:107133 MD5: 5B15D269888A3F42BAAB35197533A2B6 Size:116341 %SYSDIR%\kav320.dll MD5: A7C4A2E56F335E3EE8F631FDC6345D13 Size:84992 MD5: 264FD161342797F3F9C3BF53A5A7916B Size:84992 MD5: 2E103FD6605E86F1D641CBCFF843398B Size:84992 %TEMP%\winlogin.exe MD5: 53F312EEC1B179735D19906B807A8C61 Size:15000 %SYSDIR%\PRUNNET.EXE MD5: DDFCAE620452F63BB14FB821EE442CA1 Size:94272 %USERPROFILE%\so7.exe MD5: 36C672E15741B1E2ECC65AFFC83FB6C8 Size:23552 MD5: F8CFF1E76DC6F1AA57C4DF6D295CAE00 Size:22016 %SystemDiskRoot%\WINDOWS\system32\wsivs.exe MD5: EC466ACA21D17646D291E8BF52529D75 Size:82040 %WINDIR%\msauc.exe MD5: 5B528F6CC31DCB0FB41EA9A075135696 Size:90624 MD5: F1631DE889EDBA0F285EC548D041C04A Size:74752 %TEMP%\wJQs.exe MD5: 05500348A3B5B21B6C8AFDC22248D0B9 Size:71680 %SystemDiskRoot%\ABBYY FineReader 8.0 Professional Edition\fr8pro_patch.exe MD5: CDF850855E6CBB6347915BFA2A5175BF Size:207958 %WINDIR%\rbvrvzw.exe MD5: 3BDDCF54A9947FB4EE7219751FED6636 Size:172032 %SystemDiskRoot%\winhet.exe MD5: 2D4CCACED33E2D951BD293C00494B55E Size:31184 %PROGRAMFILES%\L2Walker\L2Walker.exe MD5: 7A9A231FA6AB491D971B7DFC992356ED Size:1240576 %DESKTOP%\anni1062008.VIDEO12033.dvd.com MD5: EBCF75A0C4DD59C04D8C75EFE3E62248 Size:51356 e:\WPI\Install\KeyGen\XnView-keygen.exe MD5: E9148A0605A5FA5459F5D439CDF15E48 Size:224768 d:\_INSTALL\_win\Office\Visio_2003\Activator\Anti-MSOPA.exe MD5: 60D5753FDB794DB7325BBEAAF5B5EF99 Size:67481 f:\91m.com MD5: AA7031D4BA9917E7D2834DDAB6663942 Size:122164 %SystemDiskRoot%\RESTORE\S-1-5-21-1482476501-1644491937-682003330-1013\sweet.exe MD5: 3F1C48C4CA2C2DEC8A580C9AB20327AA Size:119296 e:\TEMP\1 Million serials of softwares (C) atb !\3D Chess 2.5\keygen.exe MD5: 7D2C58F589E0AA10EE3DB159024A1DC4 Size:10397 %APPDATA%\bhfilheshhb\bhfilheshhb.exe MD5: 26D2D81A069273FE6B158229320A3173 Size:232960 %PROGRAMFILES%\Movavi VideoSuite 4.4\Suite.exe MD5: 703D33D0368AAD29C15FBB3BA3CB687C Size:1097750 %SYSDIR%\olhrwef.exe MD5: 3BF04D4E80874421498D6178BE1F82D6 Size:110834 MD5: 8408938FB85E1222B2C3148E66276459 Size:109489 MD5: 577ECFDFCFFAA2C96E73B2795BF2AA44 Size:110883 MD5: 391505103998830BAF3E0FD90104FD4D Size:110929 %SYSDIR%\Isass.exe MD5: 5D4B55A5D582A141AB291B5C7CE49337 Size:9728 %SYSDIR%\kva8wr.exe MD5: 14BB6140D57531A6BF26C16D2093C4EE Size:170115 %SYSDIR%\amvo.exe MD5: 18D802631F3646FBA767F740062C9145 Size:97814 MD5: 8226FA4F3591CEA78C35F3740134828B Size:100130 MD5: 9AD9F871AD8AF599B100DCB785818E18 Size:118315 MD5: DFD9D9358D60433A3FC0BBABF9E0B6BA Size:109568 MD5: 8947DAA52B67160BC22879291A342E0D Size:121184 MD5: C3C86CD378BB7578E0E747CF5B89F433 Size:106296 MD5: 3014C6E462CF0586F3682252A6985F0F Size:104367 MD5: 386464835926E1CA343420AD43629A32 Size:122535 MD5: DB22BFA89ECD47AC88D74C3ED06ADCC7 Size:104269 %SYSDIR%\nmdfgds0.dll MD5: 60D7DD53BACC6C990302F611D76AE1E4 Size:95744 %SYSDIR%\ckvo.exe MD5: B2D05E9E3D50CC06E06F2B07F88A486E Size:92425 MD5: C96976CA961EAF9EDCD6DD762D5C49FA Size:90956 MD5: 2A8ED5A9C98D798F0960ACE8D8229A73 Size:98851 MD5: B609AA7F4E31E8F09A1B8549A2988FE0 Size:99947 MD5: 2FBD8E2565777934474BB0C4A9275596 Size:93415 MD5: B980C86CECCE50F798DBE647BDFA9A9C Size:89559 MD5: 0A7B94596E0F3A3378385BE7C6E9DCD5 Size:102893 MD5: 041EFA4A03577449472AEB4F4DB1A31A Size:99549 MD5: E87942A0B27B6488499D1D0FD860EB3D Size:104028 MD5: 38EF3BC250CDF5C7B835B1BCF20E63A8 Size:90911 MD5: AE1B0A8537F8D394F4E17A15322A2454 Size:102919 %SystemDiskRoot%\1rfw8hjr.com MD5: 30DA40AE8852AC1D14E66694A7A1B8FF Size:87748 %SYSDIR%\kavo.exe MD5: 0BAF84CFF87B3B9F6A14BEABB2AFB14C Size:111594 %SYSDIR%\inet32.exe MD5: 3C3280E4F5261DACEF5097E88162D895 Size:22230 %SYSDIR%\ieupdates.exe MD5: F07823C56238E5130788CCC2796DF25E Size:72704 %SYSDIR%\rttrwq.exe MD5: 091EA09CD4AF6EE64B9EA0D012EC023C Size:103893 %SYSDIR%\prvxxwli.dll MD5: 245EA3371AE4513DF16F566CCEAD81E4 Size:92672 %SYSDIR%\gkkdmkvj.dll MD5: D436C6E5489313261DAEE25CDCA7AED7 Size:92672 %SYSDIR%\dqdemvas.dll MD5: 2A65EDCCF04A32BD04EC1C0208019999 Size:103552 %TEMP%\winxcJUEvwYB.exe MD5: 9512FA5316CE971D66EE5E5CBDFEBF4A Size:21504 %USERPROFILE%\FACTURATION.EXE MD5: BC776C54883D0AAF9EF04063AA54B973 Size:10238 %TEMP%\gdmfp99.dll MD5: 38BD3AE059609513F2E2F850E71F2F3B Size:25734 %WINDIR%\Help\halls.exe MD5: 6656D7FB7D871AD0F56496CB17AEE943 Size:618496 %SYSDIR%\ckvo0.dll MD5: 11087A693CFE6FFC1700223482EC5D28 Size:77312 %TEMP%\vol.dll MD5: DF86B1CCC02225D2FA4F73A4E65A524E Size:25857 E:\hry\Building&Co\BuildingAndCo.exe MD5: 504B90865EA530BD9F67EE78D66B0538 Size:3514368 %USERPROFILE%\RENDSZERGAZDA.EXE MD5: E329D7E59B3524E2061F5815642ABF99 Size:10309 g:\Setups\Multimedia\Amadis Video Converter Suite v3.7.3\keygen.exe MD5: 862B5D32324C7C5EBAD81523C1DFDE2B Size:215040 %SystemDiskRoot%\v.com MD5: 57F7ADF4582E0F752D907C14D85D6316 Size:102536 %SystemDiskRoot%\qwc.exe MD5: 18FD0671DE0B122D113056AD95BA23CD Size:103810 %SystemDiskRoot%\nlblkhq.com MD5: 7F3751004249C95D78164EDD62D6299F Size:101835 %SystemDiskRoot%\je26200.com MD5: 136B3FE59F122DD07AAA6676CBCA6B45 Size:103570 %SystemDiskRoot%\jdhc2x2.com MD5: BE8A32D1FB15E527D0AB647D2AE82CC4 Size:93385 %TEMP%\zeoceupj.dll MD5: 4784A1433990C6D377AB0A58F6E7C00E Size:26805 %TEMP%\xen.dll MD5: 52B95D04D1420156FF3E9A66EF36CDDE Size:27006 %TEMP%\w.dll MD5: 7879934F0BFEC09429F72748F1ABCF04 Size:30208 %TEMP%\lihtdlbe.dll MD5: C0007FF2DC342230153DB18D0EAC9E0F Size:26840 %TEMP%\k.dll MD5: 28DB489AFCFAD9D7B2B5E8A6E8A22705 Size:26214 %TEMP%\fp.dll MD5: 9FA28393E3556B16D1EA935D9E4D7810 Size:25853 %TEMP%\5x.dll MD5: EC6DCB1D867102EA0A7956227FEB155C Size:29751 %TEMP%\4h.dll MD5: E5E526C9F18D5123FEE05BC901037655 Size:26501 d:\Temp\Updates\Hack\Windows Hack Package\Windows Activations\WPA_Kill1.exe MD5: 886933061FB560EF250BF68BBD46AB7C Size:56305 d:\Temp\Updates\DVD-Tools\All Slysoft softwares updated until 20080427 [h33t] [Original]\AnyDVD HD 6.4.1.2\Cleaners for AnyDVD\SlySoft Shredder v1.1 (Doc).exe MD5: 7009C042AB273F08269AF540844F149B Size:239616 %SystemDiskRoot%\Temp\FCZ\Diverse\Software Cracken - Anleitungen und Tools\ProgszuCrack\Programme zum Cracken\Unsafedisc 2.05\Safedisc_v2_05_30_Rebuilder.EXE MD5: A45F343A575102BE373CCF0B0BAEF742 Size:7680 %SystemDiskRoot%\Temp\FCZ\Diverse\Software Cracken - Anleitungen und Tools\ProgszuCrack\Programme zum Cracken\Unsafedisc 2.05\Safedisc_v2_05_30_Dumper.EXE MD5: FF801DCDD7139D355FE30BA56F8F17AB Size:8192 %SYSDIR%\kavo1.dll MD5: E8E2E63E59226E16BEFBF9941B4F3D40 Size:147456 %SYSDIR%\splm\lmfunit32.dll MD5: 3C1873903793D6F36A2FE5FCB59FB642 Size:229376 D:\games\Cars\start.exe MD5: 2C0A353ED340B075EC3FFC00BD09123A Size:16384 %DESKTOP%\CDMA_Workshop_2[1].7\CDMA Workshop 2.7\cdma workshop.exe MD5: 6E4AA3D87CB3B35DBDEF34B5F268A374 Size:1003520 %SYSDIR%\bss.dll MD5: 6C126A3421F9807B948A416A55BACBA6 Size:3584 %SYSDIR%\jxybrinq.dll MD5: 930DC0D2D1F91AB1D596E1B853D5D3F7 Size:81408 %SYSDIR%\cvhghccy.dll MD5: 59E80B41019687488613D683FEE61EFE Size:81408 %SYSDIR%\vamsoft.exe MD5: 2A6D6EC79D104275F1E11DE1FF04495E Size:122140 MD5: 0C051FC05B8852D234B39C6177BDF664 Size:122031 MD5: 11749E5FB0B18A91AE064C9708195E45 Size:106805 %SYSDIR%\DXQC.EXE MD5: 61798814E7E4639B9D2CF1B9180B6884 Size:19968 %SYSDIR%\ciuytr1.dll MD5: 9764654245210252B9E9FD964F56D1F4 Size:85504 %SYSDIR%\ntbios.dll MD5: 7563ECDB81CC7692FB43945452ACC5B5 Size:61952 MD5: FA9D2DDD1814D91D42A228F02FEDC587 Size:64512 %SYSDIR%\Rhosts32.exe MD5: 68F16A2A92C66FD76E1BB07E9A934869 Size:205312 %SYSDIR%\drivers\svchost.exe MD5: B13D650CA62D72276A499BA876691991 Size:49152 %WINDIR%\fxstaller.exe MD5: 7ADECF393369756B8CC6B49C0DFA5C13 Size:52746 %USERPROFILE%\service2.exe MD5: 305FC63501C592089D3986860C5F4CB5 Size:22016 MD5: 68386E4D6A61FEF92B37C9B17D6C82CB Size:24064 %USERPROFILE%\ADMINISTRATOR.EXE MD5: 8424098FA92AF40B319E08F4B7C85CA7 Size:10308 %SYSDIR%\senses.dll MD5: 633251942D2541F62074DC8099AA081B Size:59904 %SYSDIR%\khfDuRlK.dll MD5: CCFF885F5F12A11D7B18D60CC2588546 Size:43008 %SYSDIR%\tuvSlmKB.dll MD5: 0C98667BBCF1D11FE382EB4397BB4C0F Size:37376 %DESKTOP%\DX + Crack\CrackDx.exe MD5: C62E943667D3C6DEB6888D4ED733B0B7 Size:47616 %SystemDiskRoot%\xlk9.com MD5: 83636A8E90B433ED7C297E3B5E7AFB3E Size:105018 %SystemDiskRoot%\Video\DeCSS\DeCSS.exe MD5: 6BADB8C211B7BCAE31362CB0453CB869 Size:30208 %WINDIR%\system\VMwareService.exe MD5: 743132B629B3F160AA640DDE052D4151 Size:23552 %SYSDIR%\pqpiksym.exe MD5: BE7B04F3127794523FF233B3EA8218F4 Size:36352 %SYSDIR%\msansspc.dll MD5: 6818841E30942365BB61C6FA9C286895 Size:23040 %USERPROFILE%\MCA.EXE MD5: 0A070C0192D93C6744FB041A4D0324FF Size:10224 %WINDIR%\2.exe MD5: AA6C8894B9E91F3DA7A9F32D0935C900 Size:116154 %SYSDIR%\optyhww0.dll MD5: 7630BBAFF6B7F10EC6D7451C793CBA29 Size:89600 %SYSDIR%\cltmon.exe MD5: CF639391BBB8C0C0DAB5651A6E9730A5 Size:146944 %PROGRAMFILES%\Tencent\QQ\Qiao2008.dll MD5: B374BF4297B2AE0C92D3AD2F66FB9078 Size:416256 %SYSDIR%\vonooquegec.exe MD5: DD08D994A6F2DCCD90D6ACC3C18C4680 Size:134656 %SYSDIR%\tavo0.dll MD5: A60583E8FF026877F3A2F7E1057D11A4 Size:81408 %SYSDIR%\tavo.exe MD5: C3CD967803949A913FD471803C51322D Size:122238 %WINDIR%\services.exe MD5: 5C507334C44E9C649E320C36E6237840 Size:39936 %SYSDIR%\amvo0.dll MD5: 5A801AF9B59EFEDAC196952B9F0CDEE7 Size:70656 %SYSDIR%\x.exe MD5: 19A590C10C8FC24B6E9AFAD57CF37F6E Size:28639 %SYSDIR%\GOYCJL.EXE MD5: 740A8D0F58EC423F0F1D3BA6A74BB2B8 Size:19456 %TEMP%\winasnet.exe MD5: 961E3D24A80EAAFECEE7DA6C1B3F6566 Size:11776 %WINDIR%\Avguard.exe MD5: 68B02134D3996CE9E47753F3622BB219 Size:100864 %SystemDiskRoot%\Downloads\\Ashampoo Burning Studio\Ashampoo Burning Studio\Ashampoo Cover Studio 1.01\keygen.exe MD5: 40F79119B65B6E364EF1EE19E6A79CE5 Size:218624 %SystemDiskRoot%\tknapl.exe MD5: 37604AFF09742F9E0E0277F0B7CAAA19 Size:100289 %SystemDiskRoot%\b.com MD5: 80D8EFB9BF0C136BCFFFB2297849FC34 Size:103965 %SYSDIR%\cvsdfw.exe MD5: 1A563F1119F789F308151A0B8239432D Size:106094
2. Detected Files with variable Filenames: MD5: C416C117009ECF57C79A510CEE549505 Size: 78848 %SYSDIR%\afmain1.dll %SystemDiskRoot%\System Volume Information\_restore{5DF4CDFD-197F-427D-A915-E59E45EA702D}\RP216\A0428712.dll %SystemDiskRoot%\System Volume Information\_restore{5DF4CDFD-197F-427D-A915-E59E45EA702D}\RP216\A0427597.dll %SYSDIR%\afmain0.dll %SYSDIR%\afmain0.dll.ren %SYSDIR%\afmain2.dll MD5: 1B8030A0D3F7A578E83DB3C06F8112D6 Size: 107882 i:\w98.com %SystemDiskRoot%\w98.com %SystemDiskRoot%\System Volume Information\_restore{48C7C769-9B0A-4EB1-8A03-B3B8EAA9EFAE}\RP564\A0049494.com d:\w98.com %TEMP%\help.exe %SYSDIR%\olhrwef.exe %SystemDiskRoot%\System Volume Information\_restore{2572E2A5-EC87-4B50-A4C0-584183E102E4}\RP547\A0043361.exe %SystemDiskRoot%\System Volume Information\_restore{2572E2A5-EC87-4B50-A4C0-584183E102E4}\RP545\A0043342.com d:\System Volume Information\_restore{46C4F50D-0ECB-4B33-AFA1-AE1A6069AFA1}\RP165\A0155791.com d:\System Volume Information\_restore{46C4F50D-0ECB-4B33-AFA1-AE1A6069AFA1}\RP163\A0155678.com d:\System Volume Information\_restore{46C4F50D-0ECB-4B33-AFA1-AE1A6069AFA1}\RP161\A0153678.com and next 35 variations. MD5: 5EA1A96D5360B55BC205C3231FC6F4D8 Size: 105411 i:\o1.com %SystemDiskRoot%\o1.com d:\System Volume Information\_restore{5DF4CDFD-197F-427D-A915-E59E45EA702D}\RP179\A0362967.com d:\System Volume Information\_restore{5DF4CDFD-197F-427D-A915-E59E45EA702D}\RP179\A0362954.com d:\System Volume Information\_restore{5DF4CDFD-197F-427D-A915-E59E45EA702D}\RP179\A0362940.com d:\System Volume Information\_restore{5DF4CDFD-197F-427D-A915-E59E45EA702D}\RP179\A0361942.com d:\o1.com %SystemDiskRoot%\System Volume Information\_restore{5DF4CDFD-197F-427D-A915-E59E45EA702D}\RP179\A0362965.com %SystemDiskRoot%\System Volume Information\_restore{5DF4CDFD-197F-427D-A915-E59E45EA702D}\RP179\A0362952.com %SystemDiskRoot%\System Volume Information\_restore{5DF4CDFD-197F-427D-A915-E59E45EA702D}\RP179\A0362938.com %SystemDiskRoot%\System Volume Information\_restore{5DF4CDFD-197F-427D-A915-E59E45EA702D}\RP179\A0361940.com and next 1 variations. MD5: 034135FAFB28C0043BC72F703F66444D Size: 108869 i:\gy.exe %SystemDiskRoot%\gy.exe %SystemDiskRoot%\System Volume Information\_restore{48C7C769-9B0A-4EB1-8A03-B3B8EAA9EFAE}\RP564\A0049493.exe e:\System Volume Information\_restore{9148A65B-C656-4470-8F21-BF39D0237565}\RP113\A0705992.exe %SystemDiskRoot%\System Volume Information\_restore{9148A65B-C656-4470-8F21-BF39D0237565}\RP113\A0705991.exe %SYSDIR%\olhrwef.exe %SystemDiskRoot%\System Volume Information\_restore{2572E2A5-EC87-4B50-A4C0-584183E102E4}\RP544\A0043338.exe %SystemDiskRoot%\System Volume Information\_restore{2572E2A5-EC87-4B50-A4C0-584183E102E4}\RP543\A0043289.exe d:\gy.exe d:\System Volume Information\_restore{63A4945D-5EBF-4682-9870-D32280407B10}\RP405\A0107015.exe d:\System Volume Information\_restore{63A4945D-5EBF-4682-9870-D32280407B10}\RP405\A0106985.exe and next 17 variations. MD5: 451F18694BBC49150683FE7B2BAC5322 Size: 105097 i:\6fnlpetp.exe i:\2u.com %SystemDiskRoot%\6fnlpetp.exe %SystemDiskRoot%\2u.com %SYSDIR%\kamsoft.exe d:\System Volume Information\_restore{63A4945D-5EBF-4682-9870-D32280407B10}\RP388\A0105483.com d:\System Volume Information\_restore{63A4945D-5EBF-4682-9870-D32280407B10}\RP388\A0105460.com %SystemDiskRoot%\nyh9ok.exe f:\2u.com MD5: 2E0C5B3798BC2735DE44329BD2AC7BBB Size: 123392 %SYSDIR%\yuxinjxd.dll %SYSDIR%\oodfip.dll %SYSDIR%\ticjocuy.dll %SYSDIR%\oiggtn.dll %SYSDIR%\ixgqmj.dll %SYSDIR%\ohusltdg.dll %SYSDIR%\ebvuia.dll %SYSDIR%\cipifbim.dll %SYSDIR%\iyailifj.dll %SYSDIR%\ertdtn.dll %SYSDIR%\daeiue.dll and next 6 variations. MD5: F682CE6DDFE240DE2AE286FA2708D1E8 Size: 125440 %SYSDIR%\xjuofvcp.dll %SYSDIR%\sywvhqow.dll %SYSDIR%\iaulsl.dll %SYSDIR%\gepems.dll %SYSDIR%\ueiydv.dll %SYSDIR%\gudguqdm.dll %USERPROFILE%\Configuraes locais\Temp\lydbzk.dll %SYSDIR%\cytebduv.dll %SYSDIR%\ydekhv.dll %SYSDIR%\vepbqumr.dll %SYSDIR%\hrdvhu.dll and next 38 variations. MD5: 68B3F51B130D7E638C6D02C4408CBE0E Size: 126976 %SYSDIR%\wybfwxgy.dll %SYSDIR%\dgjwtw.dll %SYSDIR%\bfktty.dll %SYSDIR%\zvuhre.dll %SYSDIR%\ftemcw.dll %SYSDIR%\uwbpgd.dll %SYSDIR%\orhwxw.dll %SYSDIR%\lujprw.dll %SYSDIR%\wtxvhiln.dll %SYSDIR%\sldjye.dll %SYSDIR%\wvmujh.dll and next 3 variations. MD5: 371EF88D9B256FFCE67326D48F255B29 Size: 82944 %SYSDIR%\uvshasxc.dll %USERPROFILE%\Configuraes locais\Temp\crjlkuir.dll %SYSDIR%\dpkoesok.dll %SYSDIR%\djfyrleo.dll %SYSDIR%\udfedayh.dll %SYSDIR%\qibsxlyp.dll %SYSDIR%\cvyugqst.dll %SYSDIR%\ufjneelp.dll %SYSDIR%\hbksnbgu.dll %SYSDIR%\hpsgxnga.dll %SYSDIR%\apvyeohw.dll and next 6 variations. MD5: CFE55160B6F068BABA137F87E39D9EA9 Size: 80896 %SYSDIR%\rkhrjklq.dll %SYSDIR%\loxjjfrp.dll %SYSDIR%\hbufmrhc.dll %SYSDIR%\rxqctbth.dll %SYSDIR%\sqqbwwya.dll %SYSDIR%\twlbrvkm.dll %SYSDIR%\adaglaug.dll %SYSDIR%\hkbchkyj.dll MD5: BC5608F24F84CAA779C9DE75C55FF29D Size: 57856 %SYSDIR%\qoMgdeDt.dll %SYSDIR%\tuvWqNFw.dll %SYSDIR%\iifgHwxV.dll MD5: 8B5BA50F65D3F25D52F2453A94E0C1EA Size: 89088 %SYSDIR%\ptrtnonv.dll %SYSDIR%\jcdfsmjo.dll %SYSDIR%\mkpskgcb.dll %SYSDIR%\gwmxqoyl.dll %SYSDIR%\ehbyigvj.dll MD5: D86512793C972FF76B4CBF055ABC87E6 Size: 128000 %SYSDIR%\oeefcuwi.dll %SYSDIR%\aonbcb.dll %SYSDIR%\azktey.dll %SYSDIR%\mrchykpi.dll %SYSDIR%\hllcfk.dll %SYSDIR%\otbrjyri.dll %SYSDIR%\tmylrjxc.dll %SYSDIR%\dbifro.dll %SYSDIR%\lverga.dll %SYSDIR%\xijnqw.dll.ren %SYSDIR%\ssuxsl.dll and next 4 variations. MD5: 285854B666CA73FCB61D2942EF2B2FBE Size: 133120 %SYSDIR%\lmpyiuwj.dll %SYSDIR%\aoopob.dll %SYSDIR%\wmunez.dll %SYSDIR%\tqpltv.dll %SYSDIR%\vfjenjry.dll %SYSDIR%\uyitcdox.dll %SYSDIR%\fouitd.dll %SYSDIR%\vsgukujn.dll %SYSDIR%\tthqckvx.dll %SYSDIR%\syoomv.dll %SYSDIR%\rpjxhlfc.dll and next 25 variations. MD5: D35CEEE9DE061293F93ABD75C7F0F1AF Size: 126464 %SYSDIR%\iydpbchy.dll %SYSDIR%\fattko.dll %SYSDIR%\acwdxn.dll %SYSDIR%\ynmort.dll %SYSDIR%\xbsmrmbn.dll %SYSDIR%\nbnjqb.dll %SYSDIR%\xgoxyrtn.dll %SYSDIR%\nudzvs.dll %SYSDIR%\pmgxqq.dll %SYSDIR%\scupyr.dll %SYSDIR%\ppjhhhko.dll and next 15 variations. MD5: 98C1ABB8E66C1EBA0DD6EB8B94B4EEED Size: 78848 %SYSDIR%\ijtuntju.dll %SYSDIR%\gatcenom.dll %SYSDIR%\qupgjgor.dll %SYSDIR%\bblkdqbv.dll %SYSDIR%\ubqeqivi.dll MD5: 0805AD1D572568C7E01073E439E17FEB Size: 58880 %SYSDIR%\byXQGxUN.dll %SYSDIR%\hgGywVPI.dll %SYSDIR%\fccbCrOe.dll MD5: 7CC3CE764BB7D4DF72E3BA626B28211B Size: 124928 %SYSDIR%\acnqvjvf.dll %SYSDIR%\vrpobt.dll %SYSDIR%\zhyktc.dll %SYSDIR%\rfpchags.dll %SYSDIR%\uoqwvusa.dll %SYSDIR%\rnpwcplq.dll %SYSDIR%\fwtett.dll %SYSDIR%\VRDHQO.DLL %SYSDIR%\hpiyct.dll %SYSDIR%\uhybtcjo.dll %SYSDIR%\lrsqzl.dll and next 10 variations. MD5: D1FAEDE9491A838D5AB5BB942FF2266B Size: 250191 i:\ut\rar\fixant5\fixant5.exe i:\ut\fixant5\fixant5.exe d:\ut\fixant5\fixant5.exe MD5: 97F758D6FB7257C6785B283FF24D692E Size: 129536 %SYSDIR%\mkfght0.dll %SYSDIR%\mkfght1.dll %SYSDIR%\mkfght0.dll.ren MD5: 0F84110E42DF356E45F3973B4A04D18E Size: 95744 %SYSDIR%\nmdfgds0.dll %SYSDIR%\nmdfgds1.dll %SystemDiskRoot%\System Volume Information\_restore{5DF4CDFD-197F-427D-A915-E59E45EA702D}\RP220\A0438045.dll %SystemDiskRoot%\System Volume Information\_restore{5DF4CDFD-197F-427D-A915-E59E45EA702D}\RP220\A0438042.dll %SystemDiskRoot%\System Volume Information\_restore{5DF4CDFD-197F-427D-A915-E59E45EA702D}\RP219\A0438004.dll %SystemDiskRoot%\System Volume Information\_restore{5DF4CDFD-197F-427D-A915-E59E45EA702D}\RP218\A0437953.dll %SYSDIR%\nmdfgds2.dll %SYSDIR%\nmdfgds0.dll.ren %SystemDiskRoot%\System Volume Information\_restore{9148A65B-C656-4470-8F21-BF39D0237565}\RP111\A0704974.DLL %SystemDiskRoot%\System Volume Information\_restore{9148A65B-C656-4470-8F21-BF39D0237565}\RP111\A0704966.dll %SystemDiskRoot%\System Volume Information\_restore{9148A65B-C656-4470-8F21-BF39D0237565}\RP111\A0703934.dll and next 3 variations. MD5: E08418FAEFDF6AF372D784503A51F667 Size: 110003 %SystemDiskRoot%\x2csvg.exe %SystemDiskRoot%\System Volume Information\_restore{48C7C769-9B0A-4EB1-8A03-B3B8EAA9EFAE}\RP564\A0049492.exe %SYSDIR%\olhrwef.exe e:\System Volume Information\_restore{8C132C4D-45B6-4804-A9F2-1107236773E9}\RP172\A0105609.exe e:\System Volume Information\_restore{8C132C4D-45B6-4804-A9F2-1107236773E9}\RP171\A0104528.exe d:\x2csvg.exe d:\System Volume Information\_restore{46C4F50D-0ECB-4B33-AFA1-AE1A6069AFA1}\RP155\A0134698.cmd d:\System Volume Information\_restore{46C4F50D-0ECB-4B33-AFA1-AE1A6069AFA1}\RP155\A0134687.exe d:\System Volume Information\_restore{46C4F50D-0ECB-4B33-AFA1-AE1A6069AFA1}\RP155\A0134672.cmd d:\System Volume Information\_restore{46C4F50D-0ECB-4B33-AFA1-AE1A6069AFA1}\RP155\A0134644.exe d:\System Volume Information\_restore{46C4F50D-0ECB-4B33-AFA1-AE1A6069AFA1}\RP155\A0134621.cmd and next 4 variations. MD5: FE083730F249A59CB5D44B7493719C8D Size: 107692 %SystemDiskRoot%\bd3q0qix.exe e:\System Volume Information\_restore{9148A65B-C656-4470-8F21-BF39D0237565}\RP113\A0706000.exe %SystemDiskRoot%\System Volume Information\_restore{9148A65B-C656-4470-8F21-BF39D0237565}\RP113\A0705999.exe %SystemDiskRoot%\System Volume Information\_restore{9148A65B-C656-4470-8F21-BF39D0237565}\RP113\A0705998.exe %SYSDIR%\vamsoft.exe MD5: CE421A6F2283A744C75DE7556DEA0A21 Size: 78848 %SYSDIR%\afmain1.dll %SYSDIR%\afmain0.dll %SystemDiskRoot%\System Volume Information\_restore{9148A65B-C656-4470-8F21-BF39D0237565}\RP109\A0686737.DLL MD5: 2442A205BD02A96F67EA01D46D56FD7C Size: 44544 %SYSDIR%\ddcDwuRh.dll %SYSDIR%\yayXOfDV.dll %SYSDIR%\ddccDSIC.dll %SYSDIR%\wvUmlIAs.dll %SYSDIR%\ddcDttrO.dll %DESKTOP%\Programs\backups\backup-20090117-011229-828.dll %DESKTOP%\Programs\backups\backup-20090115-085352-958.dll %DESKTOP%\Programs\backups\backup-20090115-085254-359.dll %SYSDIR%\nnnlJCTk.dll %SYSDIR%\iifgGAPh.dll MD5: 04B2D685213470D4302C0A91789B9D1D Size: 125952 %SYSDIR%\asboww.dll %SYSDIR%\gjrljsoo.dll %SYSDIR%\bbmdtq.dll %SYSDIR%\rmmrsx.dll %SYSDIR%\vmhqac.dll %SYSDIR%\zhobtu.dll %SYSDIR%\ymveidoj.dll %SYSDIR%\jgaqsapk.dll %SYSDIR%\umpyez.dll %SYSDIR%\todtzo.dll %SYSDIR%\ajondbgw.dll and next 9 variations. MD5: F8CDD467DB602ACCCEF388F722D5754A Size: 85504 %SystemDiskRoot%\System Volume Information\_restore{48C7C769-9B0A-4EB1-8A03-B3B8EAA9EFAE}\RP564\A0049491.dll %SYSDIR%\vbsdfe1.dll %SYSDIR%\vbsdfe0.dll %SystemDiskRoot%\System Volume Information\_restore{5DF4CDFD-197F-427D-A915-E59E45EA702D}\RP199\A0386744.dll %SystemDiskRoot%\System Volume Information\_restore{5DF4CDFD-197F-427D-A915-E59E45EA702D}\RP199\A0385751.dll MD5: CEB79A080C6E28D1FDA133BF41BF7BFA Size: 85504 %SystemDiskRoot%\System Volume Information\_restore{48C7C769-9B0A-4EB1-8A03-B3B8EAA9EFAE}\RP564\A0049490.dll %SYSDIR%\vbsdfe0.dll MD5: 12E83598FBDB1F17D721490C6F4583E3 Size: 104123 d:\xlk9.com %SystemDiskRoot%\xlk9.com %SYSDIR%\ckvo.exe MD5: 952BF2015CFF211220F511D2477AE082 Size: 100108 d:\nfdmg.com %SystemDiskRoot%\nfdmg.com MD5: 9FFCA5614A1032B0709ECAB67DF10F49 Size: 96047 d:\39lpji.com %SystemDiskRoot%\39lpji.com MD5: 1CD278E5935F16916C468DB8AA304248 Size: 104625 d:\2fiji.com %SystemDiskRoot%\2fiji.com MD5: A8873109EB1DB91C54C3829EB4933F79 Size: 101500 d:\08dgu.com %SystemDiskRoot%\08dgu.com %SYSDIR%\ckvo.exe MD5: B6AC4F026400713954E8E2A56EF7B2C4 Size: 78848 %SystemDiskRoot%\System Volume Information\_restore{5DF4CDFD-197F-427D-A915-E59E45EA702D}\RP220\A0439038.dll %SystemDiskRoot%\System Volume Information\_restore{5DF4CDFD-197F-427D-A915-E59E45EA702D}\RP220\A0438043.dll %SystemDiskRoot%\System Volume Information\_restore{5DF4CDFD-197F-427D-A915-E59E45EA702D}\RP219\A0438013.dll %SYSDIR%\afmain0.dll %SYSDIR%\afmain1.dll %SYSDIR%\afmain2.dll %SystemDiskRoot%\System Volume Information\_restore{9148A65B-C656-4470-8F21-BF39D0237565}\RP111\A0704977.dll %SystemDiskRoot%\System Volume Information\_restore{9148A65B-C656-4470-8F21-BF39D0237565}\RP111\A0703940.dll %SystemDiskRoot%\System Volume Information\_restore{9148A65B-C656-4470-8F21-BF39D0237565}\RP111\A0702927.DLL %SystemDiskRoot%\System Volume Information\_restore{9148A65B-C656-4470-8F21-BF39D0237565}\RP110\A0702719.DLL %SystemDiskRoot%\System Volume Information\_restore{9148A65B-C656-4470-8F21-BF39D0237565}\RP110\A0702575.DLL and next 3 variations. MD5: 17C0481A8C9E2EC6F3A40AA51F091533 Size: 95744 %SystemDiskRoot%\System Volume Information\_restore{5DF4CDFD-197F-427D-A915-E59E45EA702D}\RP216\A0428735.dll %SYSDIR%\nmdfgds1.dll %SYSDIR%\nmdfgds0.dll %SYSDIR%\nmdfgds2.dll MD5: DC7AF302ED5D66430A1BE33D97359ECB Size: 69632 %SystemDiskRoot%\System Volume Information\_restore{5DF4CDFD-197F-427D-A915-E59E45EA702D}\RP199\A0383735.dll %SystemDiskRoot%\System Volume Information\_restore{5DF4CDFD-197F-427D-A915-E59E45EA702D}\RP199\A0382720.dll %SystemDiskRoot%\System Volume Information\_restore{5DF4CDFD-197F-427D-A915-E59E45EA702D}\RP199\A0382689.dll %SystemDiskRoot%\System Volume Information\_restore{5DF4CDFD-197F-427D-A915-E59E45EA702D}\RP199\A0381669.dll %SystemDiskRoot%\System Volume Information\_restore{5DF4CDFD-197F-427D-A915-E59E45EA702D}\RP199\A0379669.dll %SystemDiskRoot%\System Volume Information\_restore{5DF4CDFD-197F-427D-A915-E59E45EA702D}\RP198\A0379633.dll %SYSDIR%\Bitkv1.dll %SYSDIR%\Bitkv0.dll MD5: 115914A52DABB2B93C98839A95C190C7 Size: 9728 %SYSDIR%\ubb.exe %USERPROFILE%\Configuraes locais\Temporary Internet Files\Content.IE5\6BOHAJK3\loaderadv512[1].exe %USERPROFILE%\Configuraes locais\Temporary Internet Files\Content.IE5\UFV4TVMX\loaderadv512[1].exe %USERPROFILE%\Configuraes locais\Temporary Internet Files\Content.IE5\SJ2SGQG4\loaderadv512[1].exe %SystemDiskRoot%\Documents and Settings\DAVI\Configuraes locais\Temporary Internet Files\Content.IE5\8T6BGTY3\loaderadv512[1].exe MD5: 97BC7DB33723BF64CC8C8179C2D43B64 Size: 763904 %ALLUSERS_APPDATA%\Microsoft\Network\DLLs\liopsavpqm.dll %ALLUSERS_APPDATA%\Microsoft\Network\DLLs\gbziwwaygj.dll %ALLUSERS_APPDATA%\Microsoft\Network\DLLs\esjtyhnszr.dll %ALLUSERS_APPDATA%\Microsoft\Network\DLLs\nppmqejojk.dll %ALLUSERS_APPDATA%\Application Data\Microsoft\Network\DLLs\avvppfmhut.dll %ALLUSERS_APPDATA%\Application Data\Microsoft\Network\DLLs\gdxsbfkged.dll %ALLUSERS_APPDATA%\Microsoft\Network\DLLs\yzdefalndh.dll %ALLUSERS_APPDATA%\Microsoft\Network\DLLs\phsfhdlnii.dll %ALLUSERS_APPDATA%\Microsoft\Network\DLLs\lohirnqfjb.dll MD5: 72992562F5A4C3196A96C0ACF8948221 Size: 84992 %SystemDiskRoot%\System Volume Information\_restore{9148A65B-C656-4470-8F21-BF39D0237565}\RP113\A0705990.dll %SystemDiskRoot%\System Volume Information\_restore{9148A65B-C656-4470-8F21-BF39D0237565}\RP113\A0705989.dll %SYSDIR%\kav321.dll %SYSDIR%\kav320.dll %SystemDiskRoot%\Qoobox\Quarantine\C\WINDOWS\system32\kav320.dll.vir MD5: 0E3FC9EB319F4B7AA033CDF0D7F2D8FA Size: 85504 %SystemDiskRoot%\System Volume Information\_restore{9148A65B-C656-4470-8F21-BF39D0237565}\RP113\A0705988.dll %SYSDIR%\ciuytr2.dll %SYSDIR%\ciuytr0.dll MD5: 3FD21EB3004DA2B585F932D3A750D521 Size: 90112 %SystemDiskRoot%\System Volume Information\_restore{9148A65B-C656-4470-8F21-BF39D0237565}\RP113\A0705987.dll %SystemDiskRoot%\System Volume Information\_restore{9148A65B-C656-4470-8F21-BF39D0237565}\RP113\A0705986.dll %SYSDIR%\ciuytr1.dll %SYSDIR%\ciuytr0.dll %SYSDIR%\ciuytr2.dll %SystemDiskRoot%\Qoobox\Quarantine\C\WINDOWS\system32\ciuytr0.dll.vir %SystemDiskRoot%\System Volume Information\_restore{9148A65B-C656-4470-8F21-BF39D0237565}\RP111\A0705962.dll %SystemDiskRoot%\System Volume Information\_restore{9148A65B-C656-4470-8F21-BF39D0237565}\RP111\A0703963.DLL %SystemDiskRoot%\System Volume Information\_restore{9148A65B-C656-4470-8F21-BF39D0237565}\RP111\A0703951.DLL %SystemDiskRoot%\System Volume Information\_restore{9148A65B-C656-4470-8F21-BF39D0237565}\RP111\A0703922.DLL %SystemDiskRoot%\System Volume Information\_restore{9148A65B-C656-4470-8F21-BF39D0237565}\RP111\A0702920.DLL and next 29 variations. MD5: 5D3DDE99638C5E9B8F5F400DD6B17A54 Size: 126464 %SYSDIR%\ddmllrdb.dll %SYSDIR%\eqonax.dll %SYSDIR%\skmovg.dll %SYSDIR%\jmwjfnnt.dll %SYSDIR%\zjrfel.dll %SYSDIR%\wzdckt.dll %SYSDIR%\pfghujxt.dll %SYSDIR%\lngrql.dll %SYSDIR%\wampxv.dll %SYSDIR%\uofogppb.dll %SYSDIR%\iuhlkf.dll and next 5 variations. MD5: 6EB84AA0A98B9DA6D753218D42A432B0 Size: 130560 %SYSDIR%\pntakg.dll %SYSDIR%\edsdcegc.dll %SYSDIR%\gdvcjg.dll %SYSDIR%\repvfi.dll %SYSDIR%\qfrgqhtn.dll %SYSDIR%\ylknmy.dll %SYSDIR%\vnrmsf.dll %SYSDIR%\dopcff.dll %SYSDIR%\xrhgowqr.dll %SYSDIR%\jomfdisi.dll %SYSDIR%\frszbw.dll and next 2 variations. MD5: 01B4963C16F022844E4ED98A225F84CD Size: 600576 D:\\myac_client_skynet\myAC.exe %SystemDiskRoot%\Windows.old\Program Files\myAC_www.deadzone.ru\myAC.exe %SystemDiskRoot%\System Volume Information\_restore{F1E412A0-703B-463F-8CE7-4137B9BAF350}\RP122\A0021030.exe D:\myAC\myAC.exe D:\Distrib Programs\Client\myAC.exe MD5: 14EBB85C1600C07634463F278A386FCD Size: 107385 %SYSDIR%\olhrwef.exe d:\System Volume Information\_restore{63A4945D-5EBF-4682-9870-D32280407B10}\RP406\A0107116.com d:\System Volume Information\_restore{63A4945D-5EBF-4682-9870-D32280407B10}\RP406\A0107071.com %SystemDiskRoot%\w98.com MD5: A173D88F697A640B66D58F6889D02B85 Size: 650521 l:\PROGRAMMI\programmi lavoro\prog. fme funzionante\crack\licgen.exe l:\PROGRAMMI\programmi lavoro\FME cartella originale\fme\safesoftwarefmedesktop2008build5197crackrecoil\Safe.Software.FME.Desktop.2008.build.5197-RECOiL\crack\safe_crack\crack\licgen.exe MD5: C7926ABA862831526A6D6E1B64B8A85A Size: 78848 %SYSDIR%\afmain1.dll %SYSDIR%\afmain0.dll %SYSDIR%\afmain2.dll MD5: 85CCED7D82D6E5F4658B36B5A0360713 Size: 13824 %SYSDIR%\sysmgr.exe %SYSDIR%\system.exe MD5: 8928C6A1CB4AB35354D0512939A3811B Size: 102499 %SYSDIR%\amvo.exe I:\1ce.cmd MD5: DDA8F58BC5F09DAFE48EED10BBFB51FE Size: 30208 %SYSDIR%\iexplore.exe %SYSDIR%\lssas.exe %SYSDIR%\spooIsv.exe %SYSDIR%\csrs.exe %SYSDIR%\logon.exe %SYSDIR%\winIogon.exe %SYSDIR%\explorer.exe MD5: 866C241DE7E786935BEEC877C0000333 Size: 63488 %SYSDIR%\msGDI1.dll %SYSDIR%\dmserv.dll %SYSDIR%\mspdfd.dll %SYSDIR%\msbios.dll MD5: 0CDF473E884A37C74D242269D6C3EBE4 Size: 112132 %SYSDIR%\kamsoft.exe d:\System Volume Information\_restore{46C4F50D-0ECB-4B33-AFA1-AE1A6069AFA1}\RP147\A0116700.bat d:\System Volume Information\_restore{46C4F50D-0ECB-4B33-AFA1-AE1A6069AFA1}\RP147\A0116682.bat d:\System Volume Information\_restore{46C4F50D-0ECB-4B33-AFA1-AE1A6069AFA1}\RP147\A0116664.bat d:\System Volume Information\_restore{46C4F50D-0ECB-4B33-AFA1-AE1A6069AFA1}\RP147\A0116649.bat d:\System Volume Information\_restore{46C4F50D-0ECB-4B33-AFA1-AE1A6069AFA1}\RP147\A0116633.bat d:\i.bat MD5: 2648291F45A6714D24BEF21AC777756F Size: 85504 %SYSDIR%\vbsdfe0.dll %SYSDIR%\vbsdfe2.dll MD5: B4C6863DB885BD3A28D99F167CCC5F36 Size: 111636 %SYSDIR%\kamsoft.exe d:\System Volume Information\_restore{FAE8B37F-8148-4005-900F-A976796C6F67}\RP3262\A0360188.com d:\System Volume Information\_restore{FAE8B37F-8148-4005-900F-A976796C6F67}\RP3262\A0360187.exe d:\o1.com %SystemDiskRoot%\o1.com MD5: C1E5C65885F580535C4EC15734ADE1DD Size: 36864 z:\Games\--=Games (Last Install)=--\Diablo II\Diablo II.exe %SystemDiskRoot%\Games\--=Games (Last Install)=--\Diablo II\Diablo II.exe MD5: A988E91BFA0773F52F001F5B42DC96EA Size: 382970 %WINDIR%\Sys\svc1.exe %SystemDiskRoot%\lsass.exe MD5: 0BBAB0CF94933EF28B3F14531B48A7E9 Size: 2737665 g:\gry\Sega\Happy Tree Friends - False Alarm\HTF.exe %SystemDiskRoot%\Crack\HTF.exe MD5: 49BE17BEF08DB8F9FCBEE2894D78CC6F Size: 64512 %SYSDIR%\mupsnt.dll %SYSDIR%\mscmsr.dll MD5: 009EFAD5BD73621529DCBC4C11EF86B7 Size: 9284 %USERPROFILE%\ADMINISTRADOR.EXE %USERPROFILE%\RENDSZERGAZDA.EXE MD5: 41EBEC6352AB53B49B2D33C93302D8FA Size: 104382 %SYSDIR%\ckvo.exe d:\System Volume Information\_restore{46C4F50D-0ECB-4B33-AFA1-AE1A6069AFA1}\RP146\A0111657.cmd d:\System Volume Information\_restore{46C4F50D-0ECB-4B33-AFA1-AE1A6069AFA1}\RP146\A0111638.cmd d:\System Volume Information\_restore{46C4F50D-0ECB-4B33-AFA1-AE1A6069AFA1}\RP146\A0111616.cmd d:\System Volume Information\_restore{46C4F50D-0ECB-4B33-AFA1-AE1A6069AFA1}\RP146\A0111596.cmd MD5: 37DAB149B765A9FAC41073B88AB435B3 Size: 106363 %SYSDIR%\kamsoft.exe d:\System Volume Information\_restore{46C4F50D-0ECB-4B33-AFA1-AE1A6069AFA1}\RP147\A0113253.com d:\System Volume Information\_restore{46C4F50D-0ECB-4B33-AFA1-AE1A6069AFA1}\RP147\A0113233.com d:\System Volume Information\_restore{46C4F50D-0ECB-4B33-AFA1-AE1A6069AFA1}\RP147\A0113164.com d:\System Volume Information\_restore{46C4F50D-0ECB-4B33-AFA1-AE1A6069AFA1}\RP147\A0113147.com d:\System Volume Information\_restore{46C4F50D-0ECB-4B33-AFA1-AE1A6069AFA1}\RP147\A0112145.com d:\System Volume Information\_restore{46C4F50D-0ECB-4B33-AFA1-AE1A6069AFA1}\RP147\A0112130.com d:\System Volume Information\_restore{46C4F50D-0ECB-4B33-AFA1-AE1A6069AFA1}\RP147\A0112108.com d:\System Volume Information\_restore{46C4F50D-0ECB-4B33-AFA1-AE1A6069AFA1}\RP147\A0112086.com d:\System Volume Information\_restore{46C4F50D-0ECB-4B33-AFA1-AE1A6069AFA1}\RP147\A0112059.com d:\0w.com and next 0 variations. MD5: 74B0037E4C69779467D32B5364EBCF52 Size: 107673 %SYSDIR%\ckvo.exe d:\System Volume Information\_restore{46C4F50D-0ECB-4B33-AFA1-AE1A6069AFA1}\RP146\A0111696.cmd MD5: 503320426A5B5F90BFB2880874027BBF Size: 78848 %SYSDIR%\afmain2.dll %SYSDIR%\afmain1.dll MD5: CA940A1AEAF5EA4E02923341EB4A8350 Size: 2710 P:\Pchry\FIFA 09\Fifa 09 instal\Crack\rld-fi9k.exe %USERDOCUMENTS%\Nova pasta\Crack\SERIAL!!!!!.exe d:\\FIFA.09.2008.PC\Crack\rld-fi9k.exe d:\daemon\fifa 09\Crack\rld-fi9k.exe %SystemDiskRoot%\Crack\rld-fi9k.exe %PROGRAMFILES%\EA Sports\FIFA 09\rld-fi9k.exe MD5: 5C55430F358758D03C49A0ADA3F0A200 Size: 64512 %SYSDIR%\msfnot.dll %SYSDIR%\helpnt.dll %SYSDIR%\upsmsg.dll MD5: 5B15D269888A3F42BAAB35197533A2B6 Size: 116341 %SYSDIR%\j3ewro.exe %DESKTOP%\? (G)\kk.bat MD5: 2232301024DF4ED810DE7CB3E068D22C Size: 95744 %SYSDIR%\nmdfgds1.dll %SYSDIR%\nmdfgds0.dll %SYSDIR%\nmdfgds2.dll %SystemDiskRoot%\System Volume Information\_restore{2572E2A5-EC87-4B50-A4C0-584183E102E4}\RP542\A0043284.DLL MD5: ADB4F0B6A4318D083430DE360B2B89E5 Size: 107561 %SYSDIR%\olhrwef.exe %SystemDiskRoot%\System Volume Information\_restore{2572E2A5-EC87-4B50-A4C0-584183E102E4}\RP542\A0043285.exe %SystemDiskRoot%\System Volume Information\_restore{2572E2A5-EC87-4B50-A4C0-584183E102E4}\RP542\A0043283.exe %SystemDiskRoot%\System Volume Information\_restore{2572E2A5-EC87-4B50-A4C0-584183E102E4}\RP542\A0043238.exe d:\gy.exe %SystemDiskRoot%\gy.exe MD5: 5ACFAA3F96C54670780488F5E415CC57 Size: 105096 %SYSDIR%\ckvo.exe d:\System Volume Information\_restore{46C4F50D-0ECB-4B33-AFA1-AE1A6069AFA1}\RP144\A0109482.cmd d:\System Volume Information\_restore{46C4F50D-0ECB-4B33-AFA1-AE1A6069AFA1}\RP144\A0109461.cmd d:\System Volume Information\_restore{46C4F50D-0ECB-4B33-AFA1-AE1A6069AFA1}\RP144\A0108474.cmd MD5: CE72A8A7E5431A1A4EA0E58258EF5E7D Size: 110417 %SYSDIR%\kamsoft.exe d:\System Volume Information\_restore{46C4F50D-0ECB-4B33-AFA1-AE1A6069AFA1}\RP147\A0115521.bat d:\System Volume Information\_restore{46C4F50D-0ECB-4B33-AFA1-AE1A6069AFA1}\RP147\A0115501.bat d:\System Volume Information\_restore{46C4F50D-0ECB-4B33-AFA1-AE1A6069AFA1}\RP147\A0115486.bat d:\System Volume Information\_restore{46C4F50D-0ECB-4B33-AFA1-AE1A6069AFA1}\RP147\A0115465.bat d:\System Volume Information\_restore{46C4F50D-0ECB-4B33-AFA1-AE1A6069AFA1}\RP147\A0115450.bat d:\System Volume Information\_restore{46C4F50D-0ECB-4B33-AFA1-AE1A6069AFA1}\RP147\A0114449.bat d:\System Volume Information\_restore{46C4F50D-0ECB-4B33-AFA1-AE1A6069AFA1}\RP147\A0114426.bat d:\System Volume Information\_restore{46C4F50D-0ECB-4B33-AFA1-AE1A6069AFA1}\RP147\A0113424.bat d:\abk.bat MD5: ABF976346536FC18F68B3D190BB69AC5 Size: 104594 %SYSDIR%\ckvo.exe d:\System Volume Information\_restore{46C4F50D-0ECB-4B33-AFA1-AE1A6069AFA1}\RP144\A0110520.cmd d:\System Volume Information\_restore{46C4F50D-0ECB-4B33-AFA1-AE1A6069AFA1}\RP144\A0109517.cmd MD5: 32CD3D7C05892EC773A1E3A228D1437C Size: 106249 %SYSDIR%\ckvo.exe d:\2fiji.com %SystemDiskRoot%\2fiji.com MD5: F23402F8865D18B7BC1B849CFF0D5D75 Size: 7184 h:\kenneths back up\Program Files1\WinRar\SysTools\Plugins\Empty Key.dll %PROGRAMFILES%\WinRar\SysTools\Plugins\Empty Key.dll MD5: B5F42991067DF46ADD7778FD1BEA2D5F Size: 34816 %SYSDIR%\cbXQjgDT.dll %SYSDIR%\tuvUMcaA.dll MD5: 9AF52701C34ABEEE3A1D9DC0D89779B0 Size: 106526 %SYSDIR%\olhrwef.exe %SystemDiskRoot%\Qoobox\Quarantine\C\gfqgq.cmd.vir F:\gfqgq.cmd MD5: 4DE148D0B30BD8F54D8A5BDB81F94013 Size: 99461 %SYSDIR%\kamsoft.exe d:\System Volume Information\_restore{46C4F50D-0ECB-4B33-AFA1-AE1A6069AFA1}\RP147\A0111984.exe d:\lky.exe %SystemDiskRoot%\lky.exe d:\System Volume Information\_restore{5CAAC034-3E9F-4A8E-A3FE-99D20678A761}\RP116\A0024963.exe MD5: B4660F1873C6DE3AF19FC006FF25374C Size: 56832 %SYSDIR%\logon.exe %SYSDIR%\csrs.exe %SYSDIR%\Isass.exe %SYSDIR%\spooIsv.exe MD5: 7E0F15F8840B937B91ADC75BF6C2E0D8 Size: 103973 d:\2fiji.com %SystemDiskRoot%\2fiji.com %SYSDIR%\ckvo.exe MD5: 77C51D308A5B5901FF36BAE9020FA687 Size: 104628 d:\68.exe %SystemDiskRoot%\68.exe MD5: E040816A0671A470F1110DAC81A1BD22 Size: 100569 d:\itsduel.exe %SystemDiskRoot%\itsduel.exe MD5: 7854A2DF74E4357F8951F82605DE6634 Size: 20480 %SystemDiskRoot%\SYST.EXE %SystemDiskRoot%\0xf9.exe %SystemDiskRoot%\asasa.exe %SystemDiskRoot%\System Volume Information\_restore{2E4E5939-96BB-4628-B79A-D92D15F81AB1}\RP8\A0002394.EXE %SystemDiskRoot%\System Volume Information\_restore{2E4E5939-96BB-4628-B79A-D92D15F81AB1}\RP3\A0000304.exe MD5: 3828CBFD039C6C37D2536E296AE83407 Size: 102278 d:\pnt.com F:\pnt.com MD5: CD0B52B6989D8C51EA0387E0A459272C Size: 95744 %SYSDIR%\nmdfgds2.dll %SYSDIR%\nmdfgds0.dll %SystemDiskRoot%\System Volume Information\_restore{9148A65B-C656-4470-8F21-BF39D0237565}\RP109\A0686742.dll MD5: 40BBD1E51E9E01D3C56CEA50FA8F4082 Size: 64552 %DESKTOP%\dk60\DekaronPro.exe %DESKTOP%\6.0New\DekaronPro.exe MD5: 020C95F38238B42F9523082830C7C74B Size: 136192 %SYSDIR%\iacxhu.dll %SYSDIR%\qdpseqwa.dll %SYSDIR%\lnmnis.dll %SYSDIR%\ljvqaw.dll %SYSDIR%\ebloocxu.dll %SYSDIR%\cccpasxv.dll %SYSDIR%\ntetfy.dll %SYSDIR%\kgacmu.dll MD5: 6B0D2E743DE0D5EDC9B20DADB761D888 Size: 133632 %SYSDIR%\avnrta.dll %SYSDIR%\icllqk.dll %SYSDIR%\fcdpli.dll %SYSDIR%\lorpgb.dll %SYSDIR%\sxtajbot.dll %SYSDIR%\gekrfjgc.dll %SYSDIR%\jwjapp.dll %SYSDIR%\gzhacs.dll %SYSDIR%\ysznmd.dll %SYSDIR%\jcmnwj.dll %SYSDIR%\fjdcrl.dll and next 6 variations. MD5: 31F40500AEDD0BAB29C4CDC0586E0061 Size: 334336 %PROGRAMFILES%\Vinagame\Chinh Do\data\checkmalicious.exe d:\Games\Chinh Do\data\checkmalicious.exe MD5: 5107D14EE2299DC8C1E44A429B8160FA Size: 2479104 e:\RECYCLER\S-1-5-21-839522115-1275210071-2147104195-1003\De1\Autodata3.18crack by Zogldi\part2\ADBCD-cr-XP.exe e:\RECYCLER\S-1-5-21-839522115-1275210071-2147104195-1003\De1\ADBCD-cr-XP.exe %USERPROFILE%\ \3.18\Autodata3.18crack by Zogldi\part2\ADBCD-cr-XP.exe MD5: 4A6B2F7CF2E77A5A5C8F0156D32127B1 Size: 63488 %SYSDIR%\mstest.dll %SYSDIR%\msfnot.dll %SYSDIR%\helpnt.dll MD5: 1C773988D8CD4E5E0EF20472BE71A6B3 Size: 116864 %SYSDIR%\xobnrcnf.dll %SYSDIR%\ramgdg.dll MD5: DE8F26C4B275C2FF96ABE39B0E685C15 Size: 137344 %SYSDIR%\ufperq.dll %SYSDIR%\inqwmpbg.dll MD5: AB76CAC1DDC402CD48AD461FDB577C89 Size: 102912 %SYSDIR%\wircfkfd.dll %SYSDIR%\cswqso.dll MD5: 32A46D18ABB2376675A2DBE3B0A955A8 Size: 108544 %SYSDIR%\tgtuwn.dll %SYSDIR%\htvsmjmh.dll MD5: 5C1C90D1F38B3087912433D0B3224F02 Size: 81408 %SYSDIR%\iishjxgf.dll %SYSDIR%\waduhsmc.dll %SYSDIR%\yevltkhe.dll %SYSDIR%\sfsocapt.dll %SYSDIR%\pervvbll.dll %SYSDIR%\xvyhccjr.dll %SYSDIR%\ulfmkbyu.dll %SYSDIR%\gtecopru.dll %SYSDIR%\ruwdwhjv.dll %SYSDIR%\jgkbxpys.dll MD5: 8039C1713CEB0D3EA89F499E92CD9BC2 Size: 92160 %SYSDIR%\aegtnjqd.dll %SYSDIR%\wjpungkh.dll MD5: 3D17F9FB4DAF367615D4332992859D46 Size: 137728 %TEMP%\85.exe %TEMP%\58.exe %TEMP%\21.exe %TEMP%\16.exe %TEMP%\12.exe %TEMP%\04.exe %TEMP%\00.exe MD5: 9825797D6C30CE1F5895214A9B9D34E6 Size: 108544 %TEMP%\66.exe %TEMP%\48.exe %TEMP%\47.exe %TEMP%\07.exe %TEMP%\06.exe MD5: EA8C050EE2B08514C1E5AC09AD9B2E74 Size: 41984 %SYSDIR%\msqpdxosvdbrsr.dll %WINDIR%\Temp\_avast4_\unp221580888.tmp %WINDIR%\Temp\_avast4_\unp173458916.tmp %PROGRAMFILES%\Alwil Software\Avast4\DATA\moved\msqpdxwqsctmei.dll.vir %PROGRAMFILES%\Alwil Software\Avast4\DATA\moved\msqpdxwqsctmei.dll.9.vir %PROGRAMFILES%\Alwil Software\Avast4\DATA\moved\msqpdxwqsctmei.dll.8.vir %PROGRAMFILES%\Alwil Software\Avast4\DATA\moved\msqpdxwqsctmei.dll.7.vir %PROGRAMFILES%\Alwil Software\Avast4\DATA\moved\msqpdxwqsctmei.dll.6.vir %PROGRAMFILES%\Alwil Software\Avast4\DATA\moved\msqpdxwqsctmei.dll.5.vir %PROGRAMFILES%\Alwil Software\Avast4\DATA\moved\msqpdxwqsctmei.dll.4.vir %PROGRAMFILES%\Alwil Software\Avast4\DATA\moved\msqpdxwqsctmei.dll.37.vir and next 2 variations. MD5: 9150343D1D774CC71F1B0A5D53B1B01A Size: 140288 %SYSDIR%\92427.exe %SYSDIR%\895791.exe %SYSDIR%\81791.exe %SYSDIR%\688885.exe %SYSDIR%\559880.exe %SYSDIR%\52933.exe %SYSDIR%\504821.exe %SYSDIR%\397355.exe %SYSDIR%\301461.exe %SYSDIR%\298482.exe %SYSDIR%\293673.exe and next 2 variations. MD5: 0555E253BA0ED9DEA4B00EAEFBBA0384 Size: 106370 %SYSDIR%\uret463.exe f:\y319s.exe %SystemDiskRoot%\y319s.exe MD5: 0258600BC182BE93EA84343F89E5C5DF Size: 26380 %USERPROFILE%\Ustawienia lokalne\Temp\ddeo5j.dll %TEMP%\ddeo5j.dll MD5: 8FF7E492140761F2963C35134509E13A Size: 56431 d:\Temp\Updates\Hack\Windows Hack Package\Windows Activations\Windows 2003 & XP Anti Product Activation Crack 1.1.exe %DESKTOP%\ClefUSB\Cracks\(app) windows xp KeyGens & Cracks & Appz\Windows 2003 & XP Anti Product Activation Crack 1.1.exe MD5: F28C92953BE28148C52A28C95572C1EB Size: 130048 %SYSDIR%\insnqd.dll %SYSDIR%\wupbui.dll %SYSDIR%\pojhcw.dll %SYSDIR%\ptmrxioa.dll %SYSDIR%\jrlqlq.dll %SYSDIR%\yvbcjlxf.dll %SYSDIR%\hcfumm.dll MD5: 1347D50C3DB7413226010E3F4AC0B0CB Size: 65536 %SYSDIR%\upsmsg.dll %SYSDIR%\helpnt.dll MD5: 312D1163C9F27530847C33B16EA727F8 Size: 54784 %SYSDIR%\nnnlmnoo.dll %SYSDIR%\fccdayxY.dll MD5: 6B5F6CE7B58370A4B8FAB37BEFF34732 Size: 21584 %TEMP%\788.exe %TEMP%\498.exe %TEMP%\166.exe MD5: E9E076F6720127C7FBD6E64A1EA528AE Size: 119110 h:\System Volume Information\_restore{6E3850FF-63B6-46AB-B456-38422CED47D4}\RP150\A0036869.com h:\System Volume Information\_restore{CD0B2D52-1099-4716-A6D8-776E6417C3B5}\RP167\A0064564.com h:\System Volume Information\_restore{CD0B2D52-1099-4716-A6D8-776E6417C3B5}\RP162\A0058101.com h:\System Volume Information\_restore{CD0B2D52-1099-4716-A6D8-776E6417C3B5}\RP103\A0024338.com h:\System Volume Information\_restore{2358C5E7-B017-4786-BB7F-9F741F1F10E2}\RP180\A0079419.com h:\System Volume Information\_restore{2358C5E7-B017-4786-BB7F-9F741F1F10E2}\RP180\A0079370.com h:\System Volume Information\_restore{2358C5E7-B017-4786-BB7F-9F741F1F10E2}\RP179\A0079316.com MD5: FDD7B06E6DEE92368448734EE2FD794A Size: 85504 %SYSDIR%\ciuytr0.dll %SYSDIR%\ciuytr2.dll MD5: C93A1CC819E6FE0DDCA0F99483971BD2 Size: 410624 %USERPROFILE%\fXNgbv\He_148406\Lvdew.exe %USERPROFILE%\fXNgbv\081217MHFc[Zbg\081217MHFc[Zbg\X^[HP\\HP\N.exe MD5: 5D34F102F351ABCB9AB04BE30E4A877A Size: 138752 %SYSDIR%\335290.exe %SYSDIR%\738767.exe

Detecting items list:

1. Files by Name %sysdir%\WinCtrl32.dll
2. Files by MD5 MD5: 6576E48743B01B3B971FD949DBE17DA5 Size: 44544 MD5: F8D72E18AB71DFF4D0BA18107AB12E2E Size: 888608 MD5: EE08437286607F61FEB13B88B1C5F016 Size: 52736 MD5: 4DDD1A1987C7AC6AAAC1BC712AA60136 Size: 52224 MD5: CCD720C095A79C326F692F20AEC971CF Size: 972276 MD5: BA1F9FD96008985EFB4A8E81DD38D6EE Size: 1665 MD5: 2104ED8646F315074F655B17D67B2BC9 Size: 135750 MD5: 73D1CF362A1CFDB5E7B02EF96AE9C89A Size: 355328 MD5: A2FCED0123C92267EB76F535865898A9 Size: 1665
3. Files by CLSID or Name CLSID=BB4C402F-882A-4526-8C08-51278EA437C1
4. Registry Values HKCU\Software\Microsoft\Windows\CurrentVersion\Run ValueName=cdoosoft

• O podpoře
• Nápověda
• Průvodce
• FAQ
• Řešení falešných poplachů
• Tipy

• Databáze softwaru
• O spywaru