ComboFix 10-08-21.06 - Butterfly 2010-08-22 11:50:44.7.2 - x86 NETWORK
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1029.18.1022.754 [GMT 2:00]
Spuštěný z: c:\documents and settings\Butterfly\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Butterfly\Plocha\CFScript.txt
AV: avast! Antivirus *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
FILE ::
"c:\windows\system32\d3d8caps.dat"
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\32788R22FWJFW(2)
c:\32788r22fwjfw(2)\badclsid.c
c:\32788r22fwjfw(2)\catchme.cfxxe
c:\32788r22fwjfw(2)\clsid.c
c:\32788r22fwjfw(2)\cmd.cfxxe
c:\32788r22fwjfw(2)\ComboFix-Download.cfxxe
c:\32788r22fwjfw(2)\Creg.dat
c:\32788r22fwjfw(2)\CregC.dat
c:\32788r22fwjfw(2)\dd.cfxxe
c:\32788r22fwjfw(2)\ddsDo.sed
c:\32788r22fwjfw(2)\Dnl.dat
c:\32788r22fwjfw(2)\DPF.str
c:\32788r22fwjfw(2)\dumphive.cfxxe
c:\32788r22fwjfw(2)\embedded.sed
c:\32788r22fwjfw(2)\ERDNT.e_e
c:\32788r22fwjfw(2)\ERDNTDOS.LOC
c:\32788r22fwjfw(2)\ERDNTWIN.LOC
c:\32788r22fwjfw(2)\ERUNT.cfxxe
c:\32788r22fwjfw(2)\ERUNT.LOC
c:\32788r22fwjfw(2)\extract.cfxxe
c:\32788r22fwjfw(2)\FileKill.cfxxe
c:\32788r22fwjfw(2)\Fin.dat
c:\32788r22fwjfw(2)\grep.cfxxe
c:\32788r22fwjfw(2)\gsar.cfxxe
c:\32788r22fwjfw(2)\handle.cfxxe
c:\32788r22fwjfw(2)\image001.gif
c:\32788r22fwjfw(2)\License(2)\Curl - license.txt
c:\32788r22fwjfw(2)\License(2)\dumphive-license.txt
c:\32788r22fwjfw(2)\License(2)\EXTRACT.TXT
c:\32788r22fwjfw(2)\License(2)\FI - license.txt
c:\32788r22fwjfw(2)\License(2)\mtee.txt.txt
c:\32788r22fwjfw(2)\License(2)\ncmd.cfxxe
c:\32788r22fwjfw(2)\License(2)\pv_5_2_2.zip
c:\32788r22fwjfw(2)\License(2)\streamtools.zip
c:\32788r22fwjfw(2)\License(2)\UnxUtilsDist.html
c:\32788r22fwjfw(2)\License(2)\Zip - license.txt
c:\32788r22fwjfw(2)\LocalService.dat
c:\32788r22fwjfw(2)\LocalServiceNetworkRestricted.dat
c:\32788r22fwjfw(2)\LocalSystemNetworkRestricted.dat
c:\32788r22fwjfw(2)\mbr.cfxxe
c:\32788r22fwjfw(2)\mtee.cfxxe
c:\32788r22fwjfw(2)\mynul.dat
c:\32788r22fwjfw(2)\N_(2)\1026
c:\32788r22fwjfw(2)\N_(2)\1192
c:\32788r22fwjfw(2)\N_(2)\12581
c:\32788r22fwjfw(2)\N_(2)\17556
c:\32788r22fwjfw(2)\N_(2)\26115
c:\32788r22fwjfw(2)\N_(2)\26503
c:\32788r22fwjfw(2)\N_(2)\26627
c:\32788r22fwjfw(2)\N_(2)\5515
c:\32788r22fwjfw(2)\ndis_combofix.dat
c:\32788r22fwjfw(2)\netsvc.bad.dat
c:\32788r22fwjfw(2)\netsvc.dat
c:\32788r22fwjfw(2)\netsvc.vista.dat
c:\32788r22fwjfw(2)\netsvc.xp.dat
c:\32788r22fwjfw(2)\NetworkService.dat
c:\32788r22fwjfw(2)\NirCmd.cfxxe
c:\32788r22fwjfw(2)\NirCmd.chm
c:\32788r22fwjfw(2)\NirCmdC.cfxxe
c:\32788r22fwjfw(2)\NlsLanguageDefault
c:\32788r22fwjfw(2)\OsVer
c:\32788r22fwjfw(2)\pausep.cfxxe
c:\32788r22fwjfw(2)\PEV.cfxxe
c:\32788r22fwjfw(2)\Policies.dat
c:\32788r22fwjfw(2)\powp.dat
c:\32788r22fwjfw(2)\prep.done
c:\32788r22fwjfw(2)\Purity.dat
c:\32788r22fwjfw(2)\RCLink.dat
c:\32788r22fwjfw(2)\REGDACL.sed
c:\32788r22fwjfw(2)\RegDo.sed
c:\32788r22fwjfw(2)\region.dat
c:\32788r22fwjfw(2)\rogues.dat
c:\32788r22fwjfw(2)\run2.sed
c:\32788r22fwjfw(2)\Rust.str
c:\32788r22fwjfw(2)\safeboot.dat
c:\32788r22fwjfw(2)\safeboot.def.dat
c:\32788r22fwjfw(2)\safeboot.def.vista.dat
c:\32788r22fwjfw(2)\Safeboot.def.w7.dat
c:\32788r22fwjfw(2)\sed.cfxxe
c:\32788r22fwjfw(2)\Set.txt
c:\32788r22fwjfw(2)\setpath.cfxxe
c:\32788r22fwjfw(2)\srizbi.md5
c:\32788r22fwjfw(2)\svc_wht.dat
c:\32788r22fwjfw(2)\svchost.dat
c:\32788r22fwjfw(2)\svchost.vista.dat
c:\32788r22fwjfw(2)\svchost.w7.dat
c:\32788r22fwjfw(2)\svchost.w7.x64.dat
c:\32788r22fwjfw(2)\SWREG.cfxxe
c:\32788r22fwjfw(2)\swsc.cfxxe
c:\32788r22fwjfw(2)\swxcacls.cfxxe
c:\32788r22fwjfw(2)\system_ini.dat
c:\32788r22fwjfw(2)\tail.cfxxe
c:\32788r22fwjfw(2)\toolbar.sed
c:\32788r22fwjfw(2)\VInfo
c:\32788r22fwjfw(2)\VInfo2
c:\32788r22fwjfw(2)\Vipev.dat
c:\32788r22fwjfw(2)\vistaMcode.dat
c:\32788r22fwjfw(2)\vistareg.dat
c:\32788r22fwjfw(2)\vun.dat
c:\32788r22fwjfw(2)\VwinTemp.dacl
c:\32788r22fwjfw(2)\w2kreg.dat
c:\32788r22fwjfw(2)\w7Mcode.dat
c:\32788r22fwjfw(2)\w7reg.dat
c:\32788r22fwjfw(2)\XP.mac
c:\32788r22fwjfw(2)\xpmcode.dat
c:\32788r22fwjfw(2)\xpreg.dat
c:\32788r22fwjfw(2)\zDomain.dat
c:\32788r22fwjfw(2)\zhsvc.dat
c:\32788r22fwjfw(2)\zip.cfxxe
C:\32788R22FWJFW.2.tmp
c:\32788r22fwjfw.2.tmp\Assoc.cmd
c:\32788r22fwjfw.2.tmp\Auto-RC.cmd
c:\32788r22fwjfw.2.tmp\av.cmd
c:\32788r22fwjfw.2.tmp\av.vbs
c:\32788r22fwjfw.2.tmp\AWF.cmd
c:\32788r22fwjfw.2.tmp\badclsid.c
c:\32788r22fwjfw.2.tmp\Boot-Rk.cmd
c:\32788r22fwjfw.2.tmp\Boot.bat
c:\32788r22fwjfw.2.tmp\BootDrv.vbs
c:\32788r22fwjfw.2.tmp\BootSect.dll
c:\32788r22fwjfw.2.tmp\c.bat
c:\32788r22fwjfw.2.tmp\Catch-sub.cmd
c:\32788r22fwjfw.2.tmp\catchme.cfxxe
c:\32788r22fwjfw.2.tmp\CF-Script.cmd
c:\32788r22fwjfw.2.tmp\clsid.c
c:\32788r22fwjfw.2.tmp\cmd.cfxxe
c:\32788r22fwjfw.2.tmp\Combobatch.bat
c:\32788r22fwjfw.2.tmp\ComboFix-Download.cfxxe
c:\32788r22fwjfw.2.tmp\Create.cmd
c:\32788r22fwjfw.2.tmp\Creg.dat
c:\32788r22fwjfw.2.tmp\CregC.cmd
c:\32788r22fwjfw.2.tmp\CregC.dat
c:\32788r22fwjfw.2.tmp\CSet.cmd
c:\32788r22fwjfw.2.tmp\dd.cfxxe
c:\32788r22fwjfw.2.tmp\ddsDo.sed
c:\32788r22fwjfw.2.tmp\DelClsid.bat
c:\32788r22fwjfw.2.tmp\DelClsid64.bat
c:\32788r22fwjfw.2.tmp\Dnl.dat
c:\32788r22fwjfw.2.tmp\DPF.str
c:\32788r22fwjfw.2.tmp\DrvRun.vbs
c:\32788r22fwjfw.2.tmp\dumphive.cfxxe
c:\32788r22fwjfw.2.tmp\embedded.sed
c:\32788r22fwjfw.2.tmp\ERDNT.e_e
c:\32788r22fwjfw.2.tmp\ERDNTDOS.LOC
c:\32788r22fwjfw.2.tmp\ERDNTWIN.LOC
c:\32788r22fwjfw.2.tmp\ERUNT.cfxxe
c:\32788r22fwjfw.2.tmp\ERUNT.LOC
c:\32788r22fwjfw.2.tmp\Exe.reg
c:\32788r22fwjfw.2.tmp\extract.cfxxe
c:\32788r22fwjfw.2.tmp\FD-SV.cmd
c:\32788r22fwjfw.2.tmp\ffdefstr.dll
c:\32788r22fwjfw.2.tmp\FileKill.cfxxe
c:\32788r22fwjfw.2.tmp\files.pif
c:\32788r22fwjfw.2.tmp\Fin.dat
c:\32788r22fwjfw.2.tmp\FIND3M.bat
c:\32788r22fwjfw.2.tmp\FIXLSP.bat
c:\32788r22fwjfw.2.tmp\FKMGen.cmd
c:\32788r22fwjfw.2.tmp\GetHive.cmd
c:\32788r22fwjfw.2.tmp\grep.cfxxe
c:\32788r22fwjfw.2.tmp\gsar.cfxxe
c:\32788r22fwjfw.2.tmp\handle.cfxxe
c:\32788r22fwjfw.2.tmp\hidec.exe
c:\32788r22fwjfw.2.tmp\history.bat
c:\32788r22fwjfw.2.tmp\hwid.pif
c:\32788r22fwjfw.2.tmp\CHCP.bat
c:\32788r22fwjfw.2.tmp\iexplore.exe
c:\32788r22fwjfw.2.tmp\image001.gif
c:\32788r22fwjfw.2.tmp\Install-RC.cmd
c:\32788r22fwjfw.2.tmp\katch.cmd
c:\32788r22fwjfw.2.tmp\Kill-All.cmd
c:\32788r22fwjfw.2.tmp\Lang.bat
c:\32788r22fwjfw.2.tmp\License\Curl - license.txt
c:\32788r22fwjfw.2.tmp\License\dumphive-license.txt
c:\32788r22fwjfw.2.tmp\License\EXTRACT.TXT
c:\32788r22fwjfw.2.tmp\License\FI - license.txt
c:\32788r22fwjfw.2.tmp\License\iexplore.exe
c:\32788r22fwjfw.2.tmp\License\mtee.txt.txt
c:\32788r22fwjfw.2.tmp\License\ncmd.cfxxe
c:\32788r22fwjfw.2.tmp\License\pv_5_2_2.zip
c:\32788r22fwjfw.2.tmp\License\streamtools.zip
c:\32788r22fwjfw.2.tmp\License\UnxUtilsDist.html
c:\32788r22fwjfw.2.tmp\License\UnxUtilsDist.pif
c:\32788r22fwjfw.2.tmp\License\Zip - license.txt
c:\32788r22fwjfw.2.tmp\List-B.bat
c:\32788r22fwjfw.2.tmp\List-C.bat
c:\32788r22fwjfw.2.tmp\List-D.bat
c:\32788r22fwjfw.2.tmp\List.bat
c:\32788r22fwjfw.2.tmp\lnkread.vbs
c:\32788r22fwjfw.2.tmp\LocalService.dat
c:\32788r22fwjfw.2.tmp\LocalServiceNetworkRestricted.dat
c:\32788r22fwjfw.2.tmp\LocalSystemNetworkRestricted.dat
c:\32788r22fwjfw.2.tmp\mbr.cfxxe
c:\32788r22fwjfw.2.tmp\md5sum.pif
c:\32788r22fwjfw.2.tmp\md5sum00.pif
c:\32788r22fwjfw.2.tmp\MoveIt.bat
c:\32788r22fwjfw.2.tmp\mtee.cfxxe
c:\32788r22fwjfw.2.tmp\mynul.dat
c:\32788r22fwjfw.2.tmp\n.pif
c:\32788r22fwjfw.2.tmp\N_\18681
c:\32788r22fwjfw.2.tmp\N_\19493
c:\32788r22fwjfw.2.tmp\N_\19682
c:\32788r22fwjfw.2.tmp\N_\26863
c:\32788r22fwjfw.2.tmp\N_\2802
c:\32788r22fwjfw.2.tmp\N_\30139
c:\32788r22fwjfw.2.tmp\N_\7231
c:\32788r22fwjfw.2.tmp\N_\953
c:\32788r22fwjfw.2.tmp\ncmd.com
c:\32788r22fwjfw.2.tmp\ND_.bat
c:\32788r22fwjfw.2.tmp\ndis_combofix.dat
c:\32788r22fwjfw.2.tmp\netsvc.bad.dat
c:\32788r22fwjfw.2.tmp\netsvc.dat
c:\32788r22fwjfw.2.tmp\netsvc.vista.dat
c:\32788r22fwjfw.2.tmp\netsvc.xp.dat
c:\32788r22fwjfw.2.tmp\NetworkService.dat
c:\32788r22fwjfw.2.tmp\NirCmd.cfxxe
c:\32788r22fwjfw.2.tmp\NirCmd.chm
c:\32788r22fwjfw.2.tmp\NircmdB.exe
c:\32788r22fwjfw.2.tmp\NirCmdC.cfxxe
c:\32788r22fwjfw.2.tmp\NT-OS.cmd
c:\32788r22fwjfw.2.tmp\OSid.vbs
c:\32788r22fwjfw.2.tmp\OsVer
c:\32788r22fwjfw.2.tmp\P.cmd
c:\32788r22fwjfw.2.tmp\pausep.cfxxe
c:\32788r22fwjfw.2.tmp\PEV.cfxxe
c:\32788r22fwjfw.2.tmp\pev.exe
c:\32788r22fwjfw.2.tmp\Policies.dat
c:\32788r22fwjfw.2.tmp\powp.dat
c:\32788r22fwjfw.2.tmp\prep.done
c:\32788r22fwjfw.2.tmp\Prep.inf
c:\32788r22fwjfw.2.tmp\Purity.dat
c:\32788r22fwjfw.2.tmp\pv.com
c:\32788r22fwjfw.2.tmp\pv.exe
c:\32788r22fwjfw.2.tmp\RCLink.dat
c:\32788r22fwjfw.2.tmp\REGDACL.sed
c:\32788r22fwjfw.2.tmp\RegDo.sed
c:\32788r22fwjfw.2.tmp\region.dat
c:\32788r22fwjfw.2.tmp\RegScan.cmd
c:\32788r22fwjfw.2.tmp\RegScan64.cmd
c:\32788r22fwjfw.2.tmp\restore_pt.vbs
c:\32788r22fwjfw.2.tmp\Rkey.cmd
c:\32788r22fwjfw.2.tmp\rogues.dat
c:\32788r22fwjfw.2.tmp\run2.sed
c:\32788r22fwjfw.2.tmp\Rust.str
c:\32788r22fwjfw.2.tmp\safeboot.dat
c:\32788r22fwjfw.2.tmp\safeboot.def.dat
c:\32788r22fwjfw.2.tmp\safeboot.def.vista.dat
c:\32788r22fwjfw.2.tmp\Safeboot.def.w7.dat
c:\32788r22fwjfw.2.tmp\sed.cfxxe
c:\32788r22fwjfw.2.tmp\Set.txt
c:\32788r22fwjfw.2.tmp\SetEnvmt.bat
c:\32788r22fwjfw.2.tmp\setpath.cfxxe
c:\32788r22fwjfw.2.tmp\SnapShot.cmd
c:\32788r22fwjfw.2.tmp\SRestore.cmd
c:\32788r22fwjfw.2.tmp\srizbi.md5
c:\32788r22fwjfw.2.tmp\SuppScan.cmd
c:\32788r22fwjfw.2.tmp\svc_wht.dat
c:\32788r22fwjfw.2.tmp\SvcDrv.vbs
c:\32788r22fwjfw.2.tmp\svchost.dat
c:\32788r22fwjfw.2.tmp\svchost.vista.dat
c:\32788r22fwjfw.2.tmp\svchost.w7.dat
c:\32788r22fwjfw.2.tmp\svchost.w7.x64.dat
c:\32788r22fwjfw.2.tmp\SWREG.cfxxe
c:\32788r22fwjfw.2.tmp\swreg.exe
c:\32788r22fwjfw.2.tmp\swsc.cfxxe
c:\32788r22fwjfw.2.tmp\swxcacls.cfxxe
c:\32788r22fwjfw.2.tmp\system_ini.dat
c:\32788r22fwjfw.2.tmp\tail.cfxxe
c:\32788r22fwjfw.2.tmp\toolbar.sed
c:\32788r22fwjfw.2.tmp\Update-CF.cmd
c:\32788r22fwjfw.2.tmp\VerCF.bat
c:\32788r22fwjfw.2.tmp\VInfo
c:\32788r22fwjfw.2.tmp\VInfo2
c:\32788r22fwjfw.2.tmp\Vipev.dat
c:\32788r22fwjfw.2.tmp\vistaMcode.dat
c:\32788r22fwjfw.2.tmp\vistareg.dat
c:\32788r22fwjfw.2.tmp\vun.dat
c:\32788r22fwjfw.2.tmp\VwinTemp.dacl
c:\32788r22fwjfw.2.tmp\w_sock.dll
c:\32788r22fwjfw.2.tmp\w2k_sock.dll
c:\32788r22fwjfw.2.tmp\w2kreg.dat
c:\32788r22fwjfw.2.tmp\w7Mcode.dat
c:\32788r22fwjfw.2.tmp\w7reg.dat
c:\32788r22fwjfw.2.tmp\Wmi_rem.vbs
c:\32788r22fwjfw.2.tmp\XP.mac
c:\32788r22fwjfw.2.tmp\xpmcode.dat
c:\32788r22fwjfw.2.tmp\xpreg.dat
c:\32788r22fwjfw.2.tmp\XPSBoot.reg
c:\32788r22fwjfw.2.tmp\zDomain.dat
c:\32788r22fwjfw.2.tmp\zhsvc.dat
c:\32788r22fwjfw.2.tmp\zip.cfxxe
C:\32788R22FWJFW.3.tmp
c:\32788r22fwjfw.3.tmp\Assoc.cmd
c:\32788r22fwjfw.3.tmp\Auto-RC.cmd
c:\32788r22fwjfw.3.tmp\av.cmd
c:\32788r22fwjfw.3.tmp\av.vbs
c:\32788r22fwjfw.3.tmp\AWF.cmd
c:\32788r22fwjfw.3.tmp\badclsid.c
c:\32788r22fwjfw.3.tmp\Boot-Rk.cmd
c:\32788r22fwjfw.3.tmp\Boot.bat
c:\32788r22fwjfw.3.tmp\BootDrv.vbs
c:\32788r22fwjfw.3.tmp\BootSect.dll
c:\32788r22fwjfw.3.tmp\c.bat
c:\32788r22fwjfw.3.tmp\Catch-sub.cmd
c:\32788r22fwjfw.3.tmp\catchme.cfxxe
c:\32788r22fwjfw.3.tmp\CF-Script.cmd
c:\32788r22fwjfw.3.tmp\clsid.c
c:\32788r22fwjfw.3.tmp\cmd.cfxxe
c:\32788r22fwjfw.3.tmp\Combobatch.bat
c:\32788r22fwjfw.3.tmp\ComboFix-Download.cfxxe
c:\32788r22fwjfw.3.tmp\Create.cmd
c:\32788r22fwjfw.3.tmp\Creg.dat
c:\32788r22fwjfw.3.tmp\CregC.cmd
c:\32788r22fwjfw.3.tmp\CregC.dat
c:\32788r22fwjfw.3.tmp\CSet.cmd
c:\32788r22fwjfw.3.tmp\dd.cfxxe
c:\32788r22fwjfw.3.tmp\ddsDo.sed
c:\32788r22fwjfw.3.tmp\DelClsid.bat
c:\32788r22fwjfw.3.tmp\DelClsid64.bat
c:\32788r22fwjfw.3.tmp\Dnl.dat
c:\32788r22fwjfw.3.tmp\DPF.str
c:\32788r22fwjfw.3.tmp\DrvRun.vbs
c:\32788r22fwjfw.3.tmp\dumphive.cfxxe
c:\32788r22fwjfw.3.tmp\embedded.sed
c:\32788r22fwjfw.3.tmp\ERDNT.e_e
c:\32788r22fwjfw.3.tmp\ERDNTDOS.LOC
c:\32788r22fwjfw.3.tmp\ERDNTWIN.LOC
c:\32788r22fwjfw.3.tmp\ERUNT.cfxxe
c:\32788r22fwjfw.3.tmp\ERUNT.LOC
c:\32788r22fwjfw.3.tmp\Exe.reg
c:\32788r22fwjfw.3.tmp\extract.cfxxe
c:\32788r22fwjfw.3.tmp\FD-SV.cmd
c:\32788r22fwjfw.3.tmp\ffdefstr.dll
c:\32788r22fwjfw.3.tmp\FileKill.cfxxe
c:\32788r22fwjfw.3.tmp\files.pif
c:\32788r22fwjfw.3.tmp\Fin.dat
c:\32788r22fwjfw.3.tmp\FIND3M.bat
c:\32788r22fwjfw.3.tmp\FIXLSP.bat
c:\32788r22fwjfw.3.tmp\FKMGen.cmd
c:\32788r22fwjfw.3.tmp\GetHive.cmd
c:\32788r22fwjfw.3.tmp\grep.cfxxe
c:\32788r22fwjfw.3.tmp\gsar.cfxxe
c:\32788r22fwjfw.3.tmp\handle.cfxxe
c:\32788r22fwjfw.3.tmp\hidec.exe
c:\32788r22fwjfw.3.tmp\history.bat
c:\32788r22fwjfw.3.tmp\hwid.pif
c:\32788r22fwjfw.3.tmp\CHCP.bat
c:\32788r22fwjfw.3.tmp\iexplore.exe
c:\32788r22fwjfw.3.tmp\image001.gif
c:\32788r22fwjfw.3.tmp\Install-RC.cmd
c:\32788r22fwjfw.3.tmp\katch.cmd
c:\32788r22fwjfw.3.tmp\Kill-All.cmd
c:\32788r22fwjfw.3.tmp\Lang.bat
c:\32788r22fwjfw.3.tmp\License\Curl - license.txt
c:\32788r22fwjfw.3.tmp\License\dumphive-license.txt
c:\32788r22fwjfw.3.tmp\License\EXTRACT.TXT
c:\32788r22fwjfw.3.tmp\License\FI - license.txt
c:\32788r22fwjfw.3.tmp\License\iexplore.exe
c:\32788r22fwjfw.3.tmp\License\mtee.txt.txt
c:\32788r22fwjfw.3.tmp\License\ncmd.cfxxe
c:\32788r22fwjfw.3.tmp\License\pv_5_2_2.zip
c:\32788r22fwjfw.3.tmp\License\streamtools.zip
c:\32788r22fwjfw.3.tmp\License\UnxUtilsDist.html
c:\32788r22fwjfw.3.tmp\License\UnxUtilsDist.pif
c:\32788r22fwjfw.3.tmp\License\Zip - license.txt
c:\32788r22fwjfw.3.tmp\List-B.bat
c:\32788r22fwjfw.3.tmp\List-C.bat
c:\32788r22fwjfw.3.tmp\List-D.bat
c:\32788r22fwjfw.3.tmp\List.bat
c:\32788r22fwjfw.3.tmp\lnkread.vbs
c:\32788r22fwjfw.3.tmp\LocalService.dat
c:\32788r22fwjfw.3.tmp\LocalServiceNetworkRestricted.dat
c:\32788r22fwjfw.3.tmp\LocalSystemNetworkRestricted.dat
c:\32788r22fwjfw.3.tmp\mbr.cfxxe
c:\32788r22fwjfw.3.tmp\md5sum.pif
c:\32788r22fwjfw.3.tmp\md5sum00.pif
c:\32788r22fwjfw.3.tmp\MoveIt.bat
c:\32788r22fwjfw.3.tmp\mtee.cfxxe
c:\32788r22fwjfw.3.tmp\mynul.dat
c:\32788r22fwjfw.3.tmp\n.pif
c:\32788r22fwjfw.3.tmp\N_\12633
c:\32788r22fwjfw.3.tmp\N_\19275
c:\32788r22fwjfw.3.tmp\N_\19738
c:\32788r22fwjfw.3.tmp\N_\22739
c:\32788r22fwjfw.3.tmp\N_\23325
c:\32788r22fwjfw.3.tmp\N_\24510
c:\32788r22fwjfw.3.tmp\N_\30046
c:\32788r22fwjfw.3.tmp\N_\9739
c:\32788r22fwjfw.3.tmp\ncmd.com
c:\32788r22fwjfw.3.tmp\ND_.bat
c:\32788r22fwjfw.3.tmp\ndis_combofix.dat
c:\32788r22fwjfw.3.tmp\netsvc.bad.dat
c:\32788r22fwjfw.3.tmp\netsvc.dat
c:\32788r22fwjfw.3.tmp\netsvc.vista.dat
c:\32788r22fwjfw.3.tmp\netsvc.xp.dat
c:\32788r22fwjfw.3.tmp\NetworkService.dat
c:\32788r22fwjfw.3.tmp\NirCmd.cfxxe
c:\32788r22fwjfw.3.tmp\NirCmd.chm
c:\32788r22fwjfw.3.tmp\NircmdB.exe
c:\32788r22fwjfw.3.tmp\NirCmdC.cfxxe
c:\32788r22fwjfw.3.tmp\NlsLanguageDefault
c:\32788r22fwjfw.3.tmp\NT-OS.cmd
c:\32788r22fwjfw.3.tmp\OSid.vbs
c:\32788r22fwjfw.3.tmp\OsVer
c:\32788r22fwjfw.3.tmp\P.cmd
c:\32788r22fwjfw.3.tmp\pausep.cfxxe
c:\32788r22fwjfw.3.tmp\PEV.cfxxe
c:\32788r22fwjfw.3.tmp\pev.exe
c:\32788r22fwjfw.3.tmp\Policies.dat
c:\32788r22fwjfw.3.tmp\powp.dat
c:\32788r22fwjfw.3.tmp\prep.done
c:\32788r22fwjfw.3.tmp\Prep.inf
c:\32788r22fwjfw.3.tmp\Purity.dat
c:\32788r22fwjfw.3.tmp\pv.com
c:\32788r22fwjfw.3.tmp\pv.exe
c:\32788r22fwjfw.3.tmp\RCLink.dat
c:\32788r22fwjfw.3.tmp\REGDACL.sed
c:\32788r22fwjfw.3.tmp\RegDo.sed
c:\32788r22fwjfw.3.tmp\region.dat
c:\32788r22fwjfw.3.tmp\RegScan.cmd
c:\32788r22fwjfw.3.tmp\RegScan64.cmd
c:\32788r22fwjfw.3.tmp\restore_pt.vbs
c:\32788r22fwjfw.3.tmp\Rkey.cmd
c:\32788r22fwjfw.3.tmp\rogues.dat
c:\32788r22fwjfw.3.tmp\run2.sed
c:\32788r22fwjfw.3.tmp\Rust.str
c:\32788r22fwjfw.3.tmp\safeboot.dat
c:\32788r22fwjfw.3.tmp\safeboot.def.dat
c:\32788r22fwjfw.3.tmp\safeboot.def.vista.dat
c:\32788r22fwjfw.3.tmp\Safeboot.def.w7.dat
c:\32788r22fwjfw.3.tmp\sed.cfxxe
c:\32788r22fwjfw.3.tmp\Set.txt
c:\32788r22fwjfw.3.tmp\SetEnvmt.bat
c:\32788r22fwjfw.3.tmp\setpath.cfxxe
c:\32788r22fwjfw.3.tmp\SnapShot.cmd
c:\32788r22fwjfw.3.tmp\SRestore.cmd
c:\32788r22fwjfw.3.tmp\srizbi.md5
c:\32788r22fwjfw.3.tmp\SuppScan.cmd
c:\32788r22fwjfw.3.tmp\svc_wht.dat
c:\32788r22fwjfw.3.tmp\SvcDrv.vbs
c:\32788r22fwjfw.3.tmp\svchost.dat
c:\32788r22fwjfw.3.tmp\svchost.vista.dat
c:\32788r22fwjfw.3.tmp\svchost.w7.dat
c:\32788r22fwjfw.3.tmp\svchost.w7.x64.dat
c:\32788r22fwjfw.3.tmp\SWREG.cfxxe
c:\32788r22fwjfw.3.tmp\swreg.exe
c:\32788r22fwjfw.3.tmp\swsc.cfxxe
c:\32788r22fwjfw.3.tmp\swxcacls.cfxxe
c:\32788r22fwjfw.3.tmp\system_ini.dat
c:\32788r22fwjfw.3.tmp\tail.cfxxe
c:\32788r22fwjfw.3.tmp\toolbar.sed
c:\32788r22fwjfw.3.tmp\Update-CF.cmd
c:\32788r22fwjfw.3.tmp\VerCF.bat
c:\32788r22fwjfw.3.tmp\VInfo
c:\32788r22fwjfw.3.tmp\VInfo2
c:\32788r22fwjfw.3.tmp\Vipev.dat
c:\32788r22fwjfw.3.tmp\vistaMcode.dat
c:\32788r22fwjfw.3.tmp\vistareg.dat
c:\32788r22fwjfw.3.tmp\vun.dat
c:\32788r22fwjfw.3.tmp\VwinTemp.dacl
c:\32788r22fwjfw.3.tmp\w_sock.dll
c:\32788r22fwjfw.3.tmp\w2k_sock.dll
c:\32788r22fwjfw.3.tmp\w2kreg.dat
c:\32788r22fwjfw.3.tmp\w7Mcode.dat
c:\32788r22fwjfw.3.tmp\w7reg.dat
c:\32788r22fwjfw.3.tmp\Wmi_rem.vbs
c:\32788r22fwjfw.3.tmp\XP.mac
c:\32788r22fwjfw.3.tmp\xpmcode.dat
c:\32788r22fwjfw.3.tmp\xpreg.dat
c:\32788r22fwjfw.3.tmp\XPSBoot.reg
c:\32788r22fwjfw.3.tmp\zDomain.dat
c:\32788r22fwjfw.3.tmp\zhsvc.dat
c:\32788r22fwjfw.3.tmp\zip.cfxxe
C:\32788R22FWJFW.4.tmp
c:\32788r22fwjfw.4.tmp\Assoc.cmd
c:\32788r22fwjfw.4.tmp\Auto-RC.cmd
c:\32788r22fwjfw.4.tmp\av.cmd
c:\32788r22fwjfw.4.tmp\av.vbs
c:\32788r22fwjfw.4.tmp\AWF.cmd
c:\32788r22fwjfw.4.tmp\badclsid.c
c:\32788r22fwjfw.4.tmp\Boot-Rk.cmd
c:\32788r22fwjfw.4.tmp\Boot.bat
c:\32788r22fwjfw.4.tmp\BootDrv.vbs
c:\32788r22fwjfw.4.tmp\BootSect.dll
c:\32788r22fwjfw.4.tmp\c.bat
c:\32788r22fwjfw.4.tmp\Catch-sub.cmd
c:\32788r22fwjfw.4.tmp\catchme.cfxxe
c:\32788r22fwjfw.4.tmp\CF-Script.cmd
c:\32788r22fwjfw.4.tmp\clsid.c
c:\32788r22fwjfw.4.tmp\cmd.cfxxe
c:\32788r22fwjfw.4.tmp\Combobatch.bat
c:\32788r22fwjfw.4.tmp\ComboFix-Download.cfxxe
c:\32788r22fwjfw.4.tmp\Create.cmd
c:\32788r22fwjfw.4.tmp\Creg.dat
c:\32788r22fwjfw.4.tmp\CregC.cmd
c:\32788r22fwjfw.4.tmp\CregC.dat
c:\32788r22fwjfw.4.tmp\CSet.cmd
c:\32788r22fwjfw.4.tmp\dd.cfxxe
c:\32788r22fwjfw.4.tmp\ddsDo.sed
c:\32788r22fwjfw.4.tmp\DelClsid.bat
c:\32788r22fwjfw.4.tmp\DelClsid64.bat
c:\32788r22fwjfw.4.tmp\Dnl.dat
c:\32788r22fwjfw.4.tmp\DPF.str
c:\32788r22fwjfw.4.tmp\DrvRun.vbs
c:\32788r22fwjfw.4.tmp\dumphive.cfxxe
c:\32788r22fwjfw.4.tmp\embedded.sed
c:\32788r22fwjfw.4.tmp\ERDNT.e_e
c:\32788r22fwjfw.4.tmp\ERDNTDOS.LOC
c:\32788r22fwjfw.4.tmp\ERDNTWIN.LOC
c:\32788r22fwjfw.4.tmp\ERUNT.cfxxe
c:\32788r22fwjfw.4.tmp\ERUNT.LOC
c:\32788r22fwjfw.4.tmp\Exe.reg
c:\32788r22fwjfw.4.tmp\extract.cfxxe
c:\32788r22fwjfw.4.tmp\FD-SV.cmd
c:\32788r22fwjfw.4.tmp\ffdefstr.dll
c:\32788r22fwjfw.4.tmp\FileKill.cfxxe
c:\32788r22fwjfw.4.tmp\files.pif
c:\32788r22fwjfw.4.tmp\Fin.dat
c:\32788r22fwjfw.4.tmp\FIND3M.bat
c:\32788r22fwjfw.4.tmp\FIXLSP.bat
c:\32788r22fwjfw.4.tmp\FKMGen.cmd
c:\32788r22fwjfw.4.tmp\GetHive.cmd
c:\32788r22fwjfw.4.tmp\grep.cfxxe
c:\32788r22fwjfw.4.tmp\gsar.cfxxe
c:\32788r22fwjfw.4.tmp\handle.cfxxe
c:\32788r22fwjfw.4.tmp\hidec.exe
c:\32788r22fwjfw.4.tmp\history.bat
c:\32788r22fwjfw.4.tmp\hwid.pif
c:\32788r22fwjfw.4.tmp\CHCP.bat
c:\32788r22fwjfw.4.tmp\iexplore.exe
c:\32788r22fwjfw.4.tmp\image001.gif
c:\32788r22fwjfw.4.tmp\Install-RC.cmd
c:\32788r22fwjfw.4.tmp\katch.cmd
c:\32788r22fwjfw.4.tmp\Kill-All.cmd
c:\32788r22fwjfw.4.tmp\Lang.bat
c:\32788r22fwjfw.4.tmp\License\Curl - license.txt
c:\32788r22fwjfw.4.tmp\License\dumphive-license.txt
c:\32788r22fwjfw.4.tmp\License\EXTRACT.TXT
c:\32788r22fwjfw.4.tmp\License\FI - license.txt
c:\32788r22fwjfw.4.tmp\License\iexplore.exe
c:\32788r22fwjfw.4.tmp\License\mtee.txt.txt
c:\32788r22fwjfw.4.tmp\License\ncmd.cfxxe
c:\32788r22fwjfw.4.tmp\License\pv_5_2_2.zip
c:\32788r22fwjfw.4.tmp\License\streamtools.zip
c:\32788r22fwjfw.4.tmp\License\UnxUtilsDist.html
c:\32788r22fwjfw.4.tmp\License\UnxUtilsDist.pif
c:\32788r22fwjfw.4.tmp\License\Zip - license.txt
c:\32788r22fwjfw.4.tmp\List-B.bat
c:\32788r22fwjfw.4.tmp\List-C.bat
c:\32788r22fwjfw.4.tmp\List-D.bat
c:\32788r22fwjfw.4.tmp\List.bat
c:\32788r22fwjfw.4.tmp\lnkread.vbs
c:\32788r22fwjfw.4.tmp\LocalService.dat
c:\32788r22fwjfw.4.tmp\LocalServiceNetworkRestricted.dat
c:\32788r22fwjfw.4.tmp\LocalSystemNetworkRestricted.dat
c:\32788r22fwjfw.4.tmp\mbr.cfxxe
c:\32788r22fwjfw.4.tmp\md5sum.pif
c:\32788r22fwjfw.4.tmp\md5sum00.pif
c:\32788r22fwjfw.4.tmp\MoveIt.bat
c:\32788r22fwjfw.4.tmp\mtee.cfxxe
c:\32788r22fwjfw.4.tmp\mynul.dat
c:\32788r22fwjfw.4.tmp\n.pif
c:\32788r22fwjfw.4.tmp\N_\10711
c:\32788r22fwjfw.4.tmp\N_\13917
c:\32788r22fwjfw.4.tmp\N_\16521
c:\32788r22fwjfw.4.tmp\N_\17242
c:\32788r22fwjfw.4.tmp\N_\20172
c:\32788r22fwjfw.4.tmp\N_\23910
c:\32788r22fwjfw.4.tmp\N_\26017
c:\32788r22fwjfw.4.tmp\N_\31664
c:\32788r22fwjfw.4.tmp\ncmd.com
c:\32788r22fwjfw.4.tmp\ND_.bat
c:\32788r22fwjfw.4.tmp\ndis_combofix.dat
c:\32788r22fwjfw.4.tmp\netsvc.bad.dat
c:\32788r22fwjfw.4.tmp\netsvc.dat
c:\32788r22fwjfw.4.tmp\netsvc.vista.dat
c:\32788r22fwjfw.4.tmp\netsvc.xp.dat
c:\32788r22fwjfw.4.tmp\NetworkService.dat
c:\32788r22fwjfw.4.tmp\NirCmd.cfxxe
c:\32788r22fwjfw.4.tmp\NirCmd.chm
c:\32788r22fwjfw.4.tmp\NircmdB.exe
c:\32788r22fwjfw.4.tmp\NirCmdC.cfxxe
c:\32788r22fwjfw.4.tmp\NlsLanguageDefault
c:\32788r22fwjfw.4.tmp\NT-OS.cmd
c:\32788r22fwjfw.4.tmp\OSid.vbs
c:\32788r22fwjfw.4.tmp\OsVer
c:\32788r22fwjfw.4.tmp\P.cmd
c:\32788r22fwjfw.4.tmp\pausep.cfxxe
c:\32788r22fwjfw.4.tmp\PEV.cfxxe
c:\32788r22fwjfw.4.tmp\pev.exe
c:\32788r22fwjfw.4.tmp\Policies.dat
c:\32788r22fwjfw.4.tmp\powp.dat
c:\32788r22fwjfw.4.tmp\prep.done
c:\32788r22fwjfw.4.tmp\Prep.inf
c:\32788r22fwjfw.4.tmp\Purity.dat
c:\32788r22fwjfw.4.tmp\pv.com
c:\32788r22fwjfw.4.tmp\pv.exe
c:\32788r22fwjfw.4.tmp\RCLink.dat
c:\32788r22fwjfw.4.tmp\REGDACL.sed
c:\32788r22fwjfw.4.tmp\RegDo.sed
c:\32788r22fwjfw.4.tmp\region.dat
c:\32788r22fwjfw.4.tmp\RegScan.cmd
c:\32788r22fwjfw.4.tmp\RegScan64.cmd
c:\32788r22fwjfw.4.tmp\restore_pt.vbs
c:\32788r22fwjfw.4.tmp\Rkey.cmd
c:\32788r22fwjfw.4.tmp\rogues.dat
c:\32788r22fwjfw.4.tmp\run2.sed
c:\32788r22fwjfw.4.tmp\Rust.str
c:\32788r22fwjfw.4.tmp\safeboot.dat
c:\32788r22fwjfw.4.tmp\safeboot.def.dat
c:\32788r22fwjfw.4.tmp\safeboot.def.vista.dat
c:\32788r22fwjfw.4.tmp\Safeboot.def.w7.dat
c:\32788r22fwjfw.4.tmp\sed.cfxxe
c:\32788r22fwjfw.4.tmp\Set.txt
c:\32788r22fwjfw.4.tmp\SetEnvmt.bat
c:\32788r22fwjfw.4.tmp\setpath.cfxxe
c:\32788r22fwjfw.4.tmp\SnapShot.cmd
c:\32788r22fwjfw.4.tmp\SRestore.cmd
c:\32788r22fwjfw.4.tmp\srizbi.md5
c:\32788r22fwjfw.4.tmp\SuppScan.cmd
c:\32788r22fwjfw.4.tmp\svc_wht.dat
c:\32788r22fwjfw.4.tmp\SvcDrv.vbs
c:\32788r22fwjfw.4.tmp\svchost.dat
c:\32788r22fwjfw.4.tmp\svchost.vista.dat
c:\32788r22fwjfw.4.tmp\svchost.w7.dat
c:\32788r22fwjfw.4.tmp\svchost.w7.x64.dat
c:\32788r22fwjfw.4.tmp\SWREG.cfxxe
c:\32788r22fwjfw.4.tmp\swreg.exe
c:\32788r22fwjfw.4.tmp\swsc.cfxxe
c:\32788r22fwjfw.4.tmp\swxcacls.cfxxe
c:\32788r22fwjfw.4.tmp\system_ini.dat
c:\32788r22fwjfw.4.tmp\tail.cfxxe
c:\32788r22fwjfw.4.tmp\toolbar.sed
c:\32788r22fwjfw.4.tmp\Update-CF.cmd
c:\32788r22fwjfw.4.tmp\VerCF.bat
c:\32788r22fwjfw.4.tmp\VInfo
c:\32788r22fwjfw.4.tmp\VInfo2
c:\32788r22fwjfw.4.tmp\Vipev.dat
c:\32788r22fwjfw.4.tmp\vistaMcode.dat
c:\32788r22fwjfw.4.tmp\vistareg.dat
c:\32788r22fwjfw.4.tmp\vun.dat
c:\32788r22fwjfw.4.tmp\VwinTemp.dacl
c:\32788r22fwjfw.4.tmp\w_sock.dll
c:\32788r22fwjfw.4.tmp\w2k_sock.dll
c:\32788r22fwjfw.4.tmp\w2kreg.dat
c:\32788r22fwjfw.4.tmp\w7Mcode.dat
c:\32788r22fwjfw.4.tmp\w7reg.dat
c:\32788r22fwjfw.4.tmp\Wmi_rem.vbs
c:\32788r22fwjfw.4.tmp\XP.mac
c:\32788r22fwjfw.4.tmp\xpmcode.dat
c:\32788r22fwjfw.4.tmp\xpreg.dat
c:\32788r22fwjfw.4.tmp\XPSBoot.reg
c:\32788r22fwjfw.4.tmp\zDomain.dat
c:\32788r22fwjfw.4.tmp\zhsvc.dat
c:\32788r22fwjfw.4.tmp\zip.cfxxe
C:\32788R22FWJFW.5.tmp
c:\32788r22fwjfw.5.tmp\Assoc.cmd
c:\32788r22fwjfw.5.tmp\Auto-RC.cmd
c:\32788r22fwjfw.5.tmp\av.cmd
c:\32788r22fwjfw.5.tmp\av.vbs
c:\32788r22fwjfw.5.tmp\AWF.cmd
c:\32788r22fwjfw.5.tmp\badclsid.c
c:\32788r22fwjfw.5.tmp\Boot-Rk.cmd
c:\32788r22fwjfw.5.tmp\Boot.bat
c:\32788r22fwjfw.5.tmp\BootDrv.vbs
c:\32788r22fwjfw.5.tmp\BootSect.dll
c:\32788r22fwjfw.5.tmp\c.bat
c:\32788r22fwjfw.5.tmp\Catch-sub.cmd
c:\32788r22fwjfw.5.tmp\catchme.cfxxe
c:\32788r22fwjfw.5.tmp\CF-Script.cmd
c:\32788r22fwjfw.5.tmp\clsid.c
c:\32788r22fwjfw.5.tmp\cmd.cfxxe
c:\32788r22fwjfw.5.tmp\Combobatch.bat
c:\32788r22fwjfw.5.tmp\ComboFix-Download.cfxxe
c:\32788r22fwjfw.5.tmp\Create.cmd
c:\32788r22fwjfw.5.tmp\Creg.dat
c:\32788r22fwjfw.5.tmp\CregC.cmd
c:\32788r22fwjfw.5.tmp\CregC.dat
c:\32788r22fwjfw.5.tmp\CSet.cmd
c:\32788r22fwjfw.5.tmp\dd.cfxxe
c:\32788r22fwjfw.5.tmp\ddsDo.sed
c:\32788r22fwjfw.5.tmp\DelClsid.bat
c:\32788r22fwjfw.5.tmp\DelClsid64.bat
c:\32788r22fwjfw.5.tmp\Dnl.dat
c:\32788r22fwjfw.5.tmp\DPF.str
c:\32788r22fwjfw.5.tmp\DrvRun.vbs
c:\32788r22fwjfw.5.tmp\dumphive.cfxxe
c:\32788r22fwjfw.5.tmp\embedded.sed
c:\32788r22fwjfw.5.tmp\ERDNT.e_e
c:\32788r22fwjfw.5.tmp\ERDNTDOS.LOC
c:\32788r22fwjfw.5.tmp\ERDNTWIN.LOC
c:\32788r22fwjfw.5.tmp\ERUNT.cfxxe
c:\32788r22fwjfw.5.tmp\ERUNT.LOC
c:\32788r22fwjfw.5.tmp\Exe.reg
c:\32788r22fwjfw.5.tmp\extract.cfxxe
c:\32788r22fwjfw.5.tmp\FD-SV.cmd
c:\32788r22fwjfw.5.tmp\ffdefstr.dll
c:\32788r22fwjfw.5.tmp\FileKill.cfxxe
c:\32788r22fwjfw.5.tmp\files.pif
c:\32788r22fwjfw.5.tmp\Fin.dat
c:\32788r22fwjfw.5.tmp\FIND3M.bat
c:\32788r22fwjfw.5.tmp\FIXLSP.bat
c:\32788r22fwjfw.5.tmp\FKMGen.cmd
c:\32788r22fwjfw.5.tmp\GetHive.cmd
c:\32788r22fwjfw.5.tmp\grep.cfxxe
c:\32788r22fwjfw.5.tmp\gsar.cfxxe
c:\32788r22fwjfw.5.tmp\handle.cfxxe
c:\32788r22fwjfw.5.tmp\hidec.exe
c:\32788r22fwjfw.5.tmp\history.bat
c:\32788r22fwjfw.5.tmp\hwid.pif
c:\32788r22fwjfw.5.tmp\CHCP.bat
c:\32788r22fwjfw.5.tmp\iexplore.exe
c:\32788r22fwjfw.5.tmp\image001.gif
c:\32788r22fwjfw.5.tmp\Install-RC.cmd
c:\32788r22fwjfw.5.tmp\katch.cmd
c:\32788r22fwjfw.5.tmp\Kill-All.cmd
c:\32788r22fwjfw.5.tmp\Lang.bat
c:\32788r22fwjfw.5.tmp\License\Curl - license.txt
c:\32788r22fwjfw.5.tmp\License\dumphive-license.txt
c:\32788r22fwjfw.5.tmp\License\EXTRACT.TXT
c:\32788r22fwjfw.5.tmp\License\FI - license.txt
c:\32788r22fwjfw.5.tmp\License\iexplore.exe
c:\32788r22fwjfw.5.tmp\License\mtee.txt.txt
c:\32788r22fwjfw.5.tmp\License\ncmd.cfxxe
c:\32788r22fwjfw.5.tmp\License\pv_5_2_2.zip
c:\32788r22fwjfw.5.tmp\License\streamtools.zip
c:\32788r22fwjfw.5.tmp\License\UnxUtilsDist.html
c:\32788r22fwjfw.5.tmp\License\UnxUtilsDist.pif
c:\32788r22fwjfw.5.tmp\License\Zip - license.txt
c:\32788r22fwjfw.5.tmp\List-B.bat
c:\32788r22fwjfw.5.tmp\List-C.bat
c:\32788r22fwjfw.5.tmp\List-D.bat
c:\32788r22fwjfw.5.tmp\List.bat
c:\32788r22fwjfw.5.tmp\lnkread.vbs
c:\32788r22fwjfw.5.tmp\LocalService.dat
c:\32788r22fwjfw.5.tmp\LocalServiceNetworkRestricted.dat
c:\32788r22fwjfw.5.tmp\LocalSystemNetworkRestricted.dat
c:\32788r22fwjfw.5.tmp\mbr.cfxxe
c:\32788r22fwjfw.5.tmp\md5sum.pif
c:\32788r22fwjfw.5.tmp\md5sum00.pif
c:\32788r22fwjfw.5.tmp\MoveIt.bat
c:\32788r22fwjfw.5.tmp\mtee.cfxxe
c:\32788r22fwjfw.5.tmp\mynul.dat
c:\32788r22fwjfw.5.tmp\n.pif
c:\32788r22fwjfw.5.tmp\N_\160
c:\32788r22fwjfw.5.tmp\N_\16040
c:\32788r22fwjfw.5.tmp\N_\17428
c:\32788r22fwjfw.5.tmp\N_\21464
c:\32788r22fwjfw.5.tmp\N_\25819
c:\32788r22fwjfw.5.tmp\N_\26420
c:\32788r22fwjfw.5.tmp\N_\26619
c:\32788r22fwjfw.5.tmp\N_\6930
c:\32788r22fwjfw.5.tmp\N_\8003
c:\32788r22fwjfw.5.tmp\ncmd.com
c:\32788r22fwjfw.5.tmp\ND_.bat
c:\32788r22fwjfw.5.tmp\ndis_combofix.dat
c:\32788r22fwjfw.5.tmp\netsvc.bad.dat
c:\32788r22fwjfw.5.tmp\netsvc.dat
c:\32788r22fwjfw.5.tmp\netsvc.vista.dat
c:\32788r22fwjfw.5.tmp\netsvc.xp.dat
c:\32788r22fwjfw.5.tmp\NetworkService.dat
c:\32788r22fwjfw.5.tmp\NirCmd.cfxxe
c:\32788r22fwjfw.5.tmp\NirCmd.chm
c:\32788r22fwjfw.5.tmp\NircmdB.exe
c:\32788r22fwjfw.5.tmp\NirCmdC.cfxxe
c:\32788r22fwjfw.5.tmp\NlsLanguageDefault
c:\32788r22fwjfw.5.tmp\NT-OS.cmd
c:\32788r22fwjfw.5.tmp\OSid.vbs
c:\32788r22fwjfw.5.tmp\OsVer
c:\32788r22fwjfw.5.tmp\P.cmd
c:\32788r22fwjfw.5.tmp\pausep.cfxxe
c:\32788r22fwjfw.5.tmp\PEV.cfxxe
c:\32788r22fwjfw.5.tmp\pev.exe
c:\32788r22fwjfw.5.tmp\Policies.dat
c:\32788r22fwjfw.5.tmp\powp.dat
c:\32788r22fwjfw.5.tmp\prep.done
c:\32788r22fwjfw.5.tmp\Prep.inf
c:\32788r22fwjfw.5.tmp\Purity.dat
c:\32788r22fwjfw.5.tmp\pv.com
c:\32788r22fwjfw.5.tmp\pv.exe
c:\32788r22fwjfw.5.tmp\RCLink.dat
c:\32788r22fwjfw.5.tmp\REGDACL.sed
c:\32788r22fwjfw.5.tmp\RegDo.sed
c:\32788r22fwjfw.5.tmp\region.dat
c:\32788r22fwjfw.5.tmp\RegScan.cmd
c:\32788r22fwjfw.5.tmp\RegScan64.cmd
c:\32788r22fwjfw.5.tmp\restore_pt.vbs
c:\32788r22fwjfw.5.tmp\Rkey.cmd
c:\32788r22fwjfw.5.tmp\rogues.dat
c:\32788r22fwjfw.5.tmp\run2.sed
c:\32788r22fwjfw.5.tmp\Rust.str
c:\32788r22fwjfw.5.tmp\safeboot.dat
c:\32788r22fwjfw.5.tmp\safeboot.def.dat
c:\32788r22fwjfw.5.tmp\safeboot.def.vista.dat
c:\32788r22fwjfw.5.tmp\Safeboot.def.w7.dat
c:\32788r22fwjfw.5.tmp\sed.cfxxe
c:\32788r22fwjfw.5.tmp\Set.txt
c:\32788r22fwjfw.5.tmp\SetEnvmt.bat
c:\32788r22fwjfw.5.tmp\setpath.cfxxe
c:\32788r22fwjfw.5.tmp\SnapShot.cmd
c:\32788r22fwjfw.5.tmp\SRestore.cmd
c:\32788r22fwjfw.5.tmp\srizbi.md5
c:\32788r22fwjfw.5.tmp\SuppScan.cmd
c:\32788r22fwjfw.5.tmp\svc_wht.dat
c:\32788r22fwjfw.5.tmp\SvcDrv.vbs
c:\32788r22fwjfw.5.tmp\svchost.dat
c:\32788r22fwjfw.5.tmp\svchost.vista.dat
c:\32788r22fwjfw.5.tmp\svchost.w7.dat
c:\32788r22fwjfw.5.tmp\svchost.w7.x64.dat
c:\32788r22fwjfw.5.tmp\SWREG.cfxxe
c:\32788r22fwjfw.5.tmp\swreg.exe
c:\32788r22fwjfw.5.tmp\swsc.cfxxe
c:\32788r22fwjfw.5.tmp\swxcacls.cfxxe
c:\32788r22fwjfw.5.tmp\system_ini.dat
c:\32788r22fwjfw.5.tmp\tail.cfxxe
c:\32788r22fwjfw.5.tmp\toolbar.sed
c:\32788r22fwjfw.5.tmp\Update-CF.cmd
c:\32788r22fwjfw.5.tmp\VerCF.bat
c:\32788r22fwjfw.5.tmp\VInfo
c:\32788r22fwjfw.5.tmp\VInfo2
c:\32788r22fwjfw.5.tmp\Vipev.dat
c:\32788r22fwjfw.5.tmp\vistaMcode.dat
c:\32788r22fwjfw.5.tmp\vistareg.dat
c:\32788r22fwjfw.5.tmp\vun.dat
c:\32788r22fwjfw.5.tmp\VwinTemp.dacl
c:\32788r22fwjfw.5.tmp\w_sock.dll
c:\32788r22fwjfw.5.tmp\w2k_sock.dll
c:\32788r22fwjfw.5.tmp\w2kreg.dat
c:\32788r22fwjfw.5.tmp\w7Mcode.dat
c:\32788r22fwjfw.5.tmp\w7reg.dat
c:\32788r22fwjfw.5.tmp\Wmi_rem.vbs
c:\32788r22fwjfw.5.tmp\XP.mac
c:\32788r22fwjfw.5.tmp\xpmcode.dat
c:\32788r22fwjfw.5.tmp\xpreg.dat
c:\32788r22fwjfw.5.tmp\XPSBoot.reg
c:\32788r22fwjfw.5.tmp\zDomain.dat
c:\32788r22fwjfw.5.tmp\zhsvc.dat
c:\32788r22fwjfw.5.tmp\zip.cfxxe
c:\windows\system32\d3d8caps.dat
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-07-22 do 2010-08-22 )))))))))))))))))))))))))))))))
.
2010-08-21 16:40 . 2010-08-22 09:14 -------- d-----w- C:\Downloads
2010-08-21 16:40 . 2010-08-21 16:40 -------- d-----w- c:\program files\Orbitdownloader
2010-08-21 16:36 . 2010-08-21 16:37 -------- d-----w- c:\program files\Free Download Manager
2010-08-21 08:44 . 2010-08-21 08:44 -------- d-----w- c:\windows\system32\wbem\Repository
2010-08-21 08:15 . 2010-08-21 08:43 -------- d-----w- C:\ComboFix(2)
2010-08-20 16:52 . 2010-08-20 16:52 -------- d-----w- c:\documents and settings\Butterfly\DoctorWeb
2010-08-19 20:12 . 2010-08-19 20:12 -------- d-----w- C:\VritualRoot
2010-08-19 20:09 . 2010-08-19 20:09 -------- d-----w- c:\program files\COMODO
2010-08-19 19:14 . 2010-08-19 19:29 -------- d-----w- c:\program files\Sunbelt Software
2010-08-19 17:54 . 2010-06-28 20:57 38848 ----a-w- c:\windows\avastSS.scr
2010-08-19 17:50 . 2010-06-28 20:32 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-08-19 17:50 . 2010-06-28 20:37 165456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-08-19 17:50 . 2010-06-28 20:33 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-08-19 17:50 . 2010-06-28 20:37 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-08-19 17:50 . 2010-06-28 20:32 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-08-19 17:50 . 2010-06-28 20:32 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-08-19 17:50 . 2010-06-28 20:32 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-08-19 17:49 . 2010-06-28 20:57 165032 ----a-w- c:\windows\system32\aswBoot.exe
2010-08-19 17:47 . 2010-08-19 17:49 -------- d-----w- c:\program files\Alwil Software
2010-08-19 12:51 . 2010-07-27 11:54 1251944 ----a-w- c:\windows\RtlExUpd.dll
2010-08-18 14:13 . 2010-08-18 14:13 -------- d-----w- C:\ATI
2010-08-18 13:00 . 2010-08-18 14:14 -------- d-----w- c:\program files\ATI
2010-08-18 12:39 . 2010-08-18 14:15 -------- d-----w- c:\program files\ATI Technologies
2010-08-16 09:13 . 2010-08-16 09:13 -------- d-----w- C:\PFiles
2010-08-15 10:50 . 2010-08-18 12:12 -------- d-----w- c:\program files\NVIDIA Corporation
2010-08-07 08:19 . 2009-06-16 17:28 46592 ----a-w- c:\windows\system32\drivers\fetnd5bv.sys
2010-08-07 08:19 . 2006-11-02 06:21 319456 ----a-w- c:\windows\system32\difxapi.dll
2010-08-07 08:19 . 2006-10-27 15:26 69632 ----a-w- c:\windows\system32\vuins32.dll
2010-08-06 21:55 . 2010-08-06 22:00 217 ----a-w- c:\windows\BricoPackFoldersDelete.cmd
2010-08-05 07:14 . 2010-08-05 07:15 -------- d-----w- c:\windows\NV35361800.TMP
2010-08-04 08:12 . 2010-08-04 08:12 -------- d-----w- c:\windows\NV23721612.TMP
2010-08-01 12:53 . 2010-08-01 13:00 -------- d-----w- c:\windows\NV33763424.TMP
2010-08-01 11:58 . 2010-08-01 11:58 -------- d-----w- c:\windows\NV40402576.TMP
2010-07-30 21:04 . 2006-06-20 08:56 225280 ----a-w- c:\windows\system32\rewire.dll
2010-07-30 20:58 . 2010-07-30 21:49 -------- d-----w- c:\program files\Image-Line
2010-07-30 16:16 . 2010-07-30 16:18 -------- d-----w- c:\program files\Sony
2010-07-30 16:12 . 2010-07-30 16:12 -------- d-----w- c:\program files\Sony Setup
2010-07-28 19:47 . 2010-07-28 19:47 -------- d-----w- c:\program files\Futuremark
2010-07-27 21:21 . 2010-07-27 21:21 -------- d-----w- c:\program files\Zoner
2010-07-25 09:26 . 2010-07-25 09:26 -------- d-----w- c:\documents and settings\Butterfly\.thumbnails
2010-07-25 09:20 . 2010-08-07 07:38 -------- d-----w- c:\documents and settings\Butterfly\.gimp-2.6
2010-07-25 09:18 . 2010-07-25 09:18 -------- d-----w- c:\program files\GIMP-2.0
2010-07-24 17:17 . 2010-07-24 20:08 -------- d-----w- c:\program files\Yahoo!
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-22 08:47 . 2010-03-08 11:38 -------- d-----w- c:\program files\Steam
2010-08-21 16:58 . 2010-07-17 17:53 -------- d-----w- c:\program files\Mozilla Firefox 4.0 Beta 1
2010-08-19 19:47 . 2010-02-12 21:12 -------- d-----w- c:\program files\Google
2010-08-19 19:35 . 2010-07-01 09:01 -------- d-----w- c:\program files\QuickTime
2010-08-19 12:52 . 2010-08-19 12:52 -------- d-----w- c:\program files\Realtek
2010-08-19 12:52 . 2010-02-09 21:31 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-19 12:29 . 2010-02-11 16:04 -------- d-----w- c:\program files\Debugging Tools for Windows (x86)
2010-08-19 09:01 . 2010-06-06 07:45 -------- d-----w- c:\program files\Defraggler
2010-08-19 08:58 . 2010-07-04 12:24 -------- d-----w- c:\program files\FileHippo.com
2010-08-18 21:09 . 2010-03-04 21:09 -------- d-----w- c:\program files\Samsung
2010-08-18 20:31 . 2010-02-12 04:39 -------- d-----w- c:\program files\Opera
2010-08-18 20:29 . 2010-04-03 08:58 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-08-07 15:13 . 2010-03-27 20:28 -------- d-----w- c:\program files\Trillian
2010-08-06 22:00 . 2010-02-17 18:37 133520 ----a-w- c:\windows\BricoPackUninst.cmd
2010-08-02 09:54 . 2010-06-13 09:04 -------- d-----w- c:\program files\Safari
2010-07-29 18:29 . 2010-02-27 09:18 -------- d-----w- c:\program files\TuneUp Utilities 2010
2010-07-28 19:50 . 2010-03-04 16:17 86016 ----a-w- c:\windows\system32\OpenAL32.dll
2010-07-28 19:50 . 2010-03-04 16:17 262144 ----a-w- c:\windows\system32\wrap_oal.dll
2010-07-28 16:27 . 2010-08-19 12:52 84584 ----a-w- c:\windows\SOUNDMAN.EXE
2010-07-28 16:27 . 2010-08-19 12:52 359016 ----a-w- c:\windows\vncutil.exe
2010-07-28 16:27 . 2010-08-19 12:52 1833576 ----a-w- c:\windows\SkyTel.exe
2010-07-28 16:27 . 2010-08-19 12:52 1489512 ----a-w- c:\windows\RtlUpd.exe
2010-07-28 16:27 . 2010-08-19 12:52 9721960 ----a-w- c:\windows\RTLCPL.EXE
2010-07-28 16:27 . 2010-08-19 12:52 6108776 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys
2010-07-28 16:27 . 2010-02-14 08:00 53864 ----a-w- c:\windows\system32\RtkCoInstXP.dll
2010-07-28 16:27 . 2010-08-19 12:52 129640 ----a-w- c:\windows\RtkAudioService.exe
2010-07-28 16:27 . 2010-08-19 12:52 19557480 ----a-w- c:\windows\RTHDCPL.EXE
2010-07-28 16:27 . 2010-08-19 12:52 2180712 ----a-w- c:\windows\MicCal.exe
2010-07-28 16:27 . 2010-08-19 12:52 2815592 ----a-w- c:\windows\ALCWZRD.EXE
2010-07-27 08:27 . 2010-02-10 22:42 -------- d-----w- c:\program files\CCleaner
2010-07-22 20:01 . 2010-02-12 21:53 -------- d-----w- c:\program files\QIP
2010-07-22 08:03 . 2010-07-22 08:03 -------- d-----w- c:\program files\Microsoft Fix it Center
2010-07-21 09:03 . 2010-02-28 21:24 697328 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-07-17 17:58 . 2010-04-24 08:05 -------- d-----w- c:\program files\DivX
2010-07-17 17:56 . 2010-07-17 17:56 -------- d-----w- c:\program files\Common Files\Java
2010-07-17 17:55 . 2010-04-24 08:02 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-07-17 17:38 . 2010-07-10 09:16 -------- d-----w- c:\program files\Mozilla Firefox 4.0 Beta 1(2)
2010-07-17 17:38 . 2010-07-10 09:24 -------- d-----w- c:\program files\Common Files\Java(2)
2010-07-17 17:37 . 2010-07-17 17:37 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-07-17 17:34 . 2010-07-17 17:34 -------- d-----w- c:\program files\All Ten Fingers
2010-07-17 17:34 . 2010-07-15 17:58 -------- d-----w- c:\program files\All Ten Fingers(2)
2010-07-15 14:36 . 2010-04-12 18:53 -------- d-----w- c:\program files\Valve
2010-07-09 22:38 . 2010-08-15 13:29 10604128 ----a-w- c:\windows\system32\drivers\nv4_mini.sys-nv1245
2010-07-09 11:18 . 2010-02-12 21:17 -------- d-----w- c:\program files\Common Files\CyberLink
2010-07-09 11:17 . 2010-03-20 11:58 -------- d-----w- c:\program files\IObit
2010-07-07 02:27 . 2010-04-11 19:18 5069312 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2010-07-07 01:58 . 2010-08-18 14:14 53248 ----a-w- c:\windows\system32\aticalrt.dll
2010-07-07 01:58 . 2010-08-18 14:14 53248 ----a-w- c:\windows\system32\aticalcl.dll
2010-07-07 01:57 . 2010-08-18 14:14 4337664 ----a-w- c:\windows\system32\aticaldd.dll
2010-07-07 01:53 . 2010-08-18 14:14 15499264 ----a-w- c:\windows\system32\atioglxx.dll
2010-07-07 01:50 . 2010-08-18 14:14 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2010-07-07 01:48 . 2010-08-18 14:14 446464 ----a-w- c:\windows\system32\ATIDEMGX.dll
2010-07-07 01:47 . 2010-04-11 19:23 299520 ----a-w- c:\windows\system32\ati2dvag.dll
2010-07-07 01:41 . 2010-04-11 19:23 3869952 ----a-w- c:\windows\system32\ati3duag.dll
2010-07-07 01:33 . 2010-08-18 14:14 208896 ----a-w- c:\windows\system32\atipdlxx.dll
2010-07-07 01:32 . 2010-08-18 14:14 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2010-07-07 01:32 . 2010-08-18 14:14 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2010-07-07 01:32 . 2010-08-18 14:14 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2010-07-07 01:32 . 2010-08-18 14:14 159744 ----a-w- c:\windows\system32\ati2evxx.dll
2010-07-07 01:31 . 2010-08-18 14:14 602112 ----a-w- c:\windows\system32\ati2evxx.exe
2010-07-07 01:29 . 2010-08-18 14:14 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2010-07-07 01:29 . 2010-08-18 14:14 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2010-07-07 01:28 . 2010-04-11 19:23 2273920 ----a-w- c:\windows\system32\ativvaxx.dll
2010-07-07 01:27 . 2010-08-18 14:14 887724 ----a-w- c:\windows\system32\ativva6x.dat
2010-07-07 01:27 . 2010-08-18 14:14 3 ----a-w- c:\windows\system32\ativva5x.dat
2010-07-07 01:25 . 2010-08-18 14:14 573440 ----a-w- c:\windows\system32\atikvmag.dll
2010-07-07 01:24 . 2010-08-18 14:14 393216 ----a-w- c:\windows\system32\atiok3x2.dll
2010-07-07 01:24 . 2010-08-18 14:14 184320 ----a-w- c:\windows\system32\atiadlxx.dll
2010-07-07 01:23 . 2010-08-18 14:14 17408 ----a-w- c:\windows\system32\atitvo32.dll
2010-07-07 01:19 . 2010-04-11 19:23 704512 ----a-w- c:\windows\system32\ati2cqag.dll
2010-07-07 01:15 . 2010-08-18 14:14 65024 ----a-w- c:\windows\system32\atimpc32.dll
2010-07-07 01:15 . 2010-08-18 14:14 65024 ----a-w- c:\windows\system32\amdpcom32.dll
2010-07-07 01:15 . 2010-08-18 14:14 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2010-07-06 11:58 . 2010-02-27 09:19 30528 ----a-w- c:\windows\system32\TURegOpt.exe
2010-07-06 11:52 . 2010-07-17 20:21 30016 ----a-w- c:\windows\system32\uxtuneup.dll
2010-07-04 21:18 . 2010-07-01 10:25 -------- d-----w- c:\program files\Trend Micro
2010-07-04 13:01 . 2010-02-16 20:34 -------- d-----w- c:\program files\7-Zip
2010-07-04 12:45 . 2010-02-19 15:16 -------- d-----w- c:\program files\AIMP2
2010-07-04 12:40 . 2010-02-20 09:19 -------- d-----w- c:\program files\Windows Media Connect 2
2010-07-04 12:33 . 2010-07-04 12:33 -------- d-----r- c:\program files\Skype
2010-07-04 12:33 . 2010-07-04 12:33 -------- d-----w- c:\program files\Common Files\Skype
2010-07-02 20:25 . 2010-06-07 18:39 -------- d-----w- c:\program files\WinUtilities
2010-07-02 20:08 . 2010-07-02 20:08 -------- d-----w- c:\program files\FreeTime
2010-07-01 08:49 . 2010-02-12 13:43 -------- d-----w- c:\program files\MSECache
2010-07-01 08:39 . 2010-06-17 14:05 -------- d-----w- c:\program files\Opera 10.60 Beta
2010-06-30 12:33 . 2010-03-21 11:47 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-30 08:35 . 2010-03-03 21:53 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-06-28 17:25 . 2010-02-24 16:13 4212 ---ha-w- c:\windows\system32\zllictbl.dat
2010-06-28 08:00 . 2010-06-30 08:34 108032 ----a-w- c:\windows\system32\ff_vfw.dll
2010-06-26 08:02 . 2010-02-28 20:04 -------- d-----w- c:\program files\PKR
2010-06-24 12:27 . 2004-08-17 13:49 916480 ----a-w- c:\windows\system32\wininet.dll
2010-06-24 09:02 . 2010-03-21 11:47 1851904 ----a-w- c:\windows\system32\win32k.sys
2010-06-23 19:30 . 2010-06-23 19:30 -------- d-----w- c:\program files\XP TCPIP Repair
2010-06-23 19:08 . 2010-06-23 19:08 -------- d-----w- c:\program files\VS Revo Group
2010-06-21 15:27 . 2010-03-21 11:47 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-17 14:03 . 2004-08-17 13:49 80384 ----a-w- c:\windows\system32\iccvid.dll
2010-06-14 14:31 . 2010-02-09 21:13 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-14 07:43 . 2004-08-17 13:49 1172480 ----a-w- c:\windows\system32\msxml3.dll
2010-06-13 21:07 . 2010-06-13 21:07 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys
2010-06-08 16:10 . 2010-06-30 08:34 790528 ----a-w- c:\windows\system32\xvidcore.dll
.
------- Sigcheck -------
[-] 2009-08-06 . A089AB141D4E25E543EEC2230CB50BD6 . 68832 . . [7.4.7600.226] . . c:\windows\ServicePackFiles\i386\wuauclt.exe
[-] 2009-08-06 . 0B6DABD6FFF1AD42A3CD65A1C7EE8F35 . 68832 . . [7.4.7600.226] . . c:\windows\system32\wuauclt.exe
[-] 2009-08-06 . 0B6DABD6FFF1AD42A3CD65A1C7EE8F35 . 68832 . . [7.4.7600.226] . . c:\windows\system32\dllcache\wuauclt.exe
[-] 2008-04-14 . 71C54FF181A2C03921A74DB4D9ADD20E . 976384 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 71C54FF181A2C03921A74DB4D9ADD20E . 976384 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Free Download Manager"="c:\program files\Free Download Manager\fdm.exe" [2009-01-02 3399727]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2010-07-28 19557480]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2010-06-01 2039240]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Orbit.lnk - c:\program files\Orbitdownloader\orbitdm.exe [2010-8-21 1835069]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\guard32.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 06:52 15360 ----a-w- c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2009-01-30 15:46 204288 ------w- c:\program files\Windows Media Player\wmpnscfg.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"c:\\Documents and Settings\\Butterfly\\Dokumenty\\My DAP Downloads\\TeamViewerPortable_en\\TeamViewer.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Valve\\hltv.exe"=
"c:\\Program Files\\Flow\\Flow.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Steam\\steamapps\\cleverboy\\condition zero\\hl.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Steam\\steamapps\\cleverboy\\counter-strike\\hl.exe"=
"c:\\Program Files\\Orbitdownloader\\orbitdm.exe"=
"c:\\Program Files\\Orbitdownloader\\orbitnet.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R0 ViBus;ViBus;c:\windows\system32\drivers\ViBus.sys [2010-02-21 16896]
R0 ViPrt;VIA SATA IDE Device Driver;c:\windows\system32\drivers\ViPrt.sys [2010-02-21 52224]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2010-06-01 25240]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-08-19 165456]
S1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [2010-02-09 13696]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2010-06-04 229312]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-08-19 17744]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-03-21 136176]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-07-06 1051968]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2010-08-19 1691480]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [2010-06-13 23456]
S3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\drivers\gHidPnp.sys [2010-03-17 18944]
S3 gMouUsb;USB Mouse Device Drv;c:\windows\system32\drivers\gMouUsb.sys [2010-03-17 11520]
S3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\Microsoft Fix it Center\Matsvc.exe [2010-04-10 266544]
S3 tap0901_2gm;VPN Anonymizer Adapter;c:\windows\system32\drivers\tap0901_2gm.sys [2007-06-21 30720]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2010-02-28 697328]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
2010-08-22 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-796845957-879983540-682003330-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]
2010-08-19 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-796845957-879983540-682003330-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.orbitdownloader.com
IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201
IE: &Download with &DAP
IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204
IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202
IE: Download &all with DAP
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Stáhnout Free Download Managerem - file://c:\program files\Free Download Manager\dllink.htm
IE: Stáhnout video Free Download Managerem - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Stáhnout vybrané Free Download Managerem - file://c:\program files\Free Download Manager\dlselected.htm
IE: Stáhnout vše Free Download Managerem - file://c:\program files\Free Download Manager\dlall.htm
IE: Zobrazit originál
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
AddRemove-KeePassPasswordSafe2_is1 - c:\program files\KeePass Password Safe 2\unins000.exe
**************************************************************************
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory:
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-796845957-879983540-682003330-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(1156)
c:\windows\system32\guard32.dll
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
- - - - - - - > 'lsass.exe'(1404)
c:\windows\system32\guard32.dll
.
Celkový čas: 2010-08-22 12:02:57
ComboFix-quarantined-files.txt 2010-08-22 10:02
ComboFix2.txt 2010-08-22 08:23
ComboFix3.txt 2010-08-21 10:55
ComboFix4.txt 2010-08-21 08:31
Před spuštěním: Volných bajtů: 73,628,626,944
Po spuštění: Volných bajtů: 73,572,470,784
Current=48 Default=48 Failed=47 LastKnownGood=49 Sets=1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49
- - End Of File - - 4FFFED0D645295BC6E75D5FA7C6CDBDE
preventivka - stav pc Vyřešeno
-
martin.efres
- Level 2
- Příspěvky: 204
- Registrován: prosinec 09
- Pohlaví:
- Stav:
Offline
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43296
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: preventivka - stav pc
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš
pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast, či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast či Microsoft Security Essentials
Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.
Start-Spustit a zadej ComboFix /Uninstall
vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš
pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast, či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast či Microsoft Security Essentials
Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
martin.efres
- Level 2
- Příspěvky: 204
- Registrován: prosinec 09
- Pohlaví:
- Stav:
Offline
Re: preventivka - stav pc Vyřešeno
Díky, vse ok
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 54 hostů