antispy
Napsal: 23 zář 2010 20:23
zdravim cital som tu uz nieco o tomto vyruse a tak vam zaslem LOG.TXT obsah ktory som vytiahol zo spominaneho programu RSIT takze obsah:
Logfile of random's system information tool 1.08 (written by random/random)
Run by PC at 2010-09-23 21:21:02
Microsoft Windows 7 Ultimate
System drive C: has 38 GB (38%) free of 100 GB
Total RAM: 1788 MB (67% free)
HijackThis download failed
======Scheduled tasks folder======
C:\Windows\tasks\Acrobat Update.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2226280053-710159625-2274650757-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2226280053-710159625-2274650757-1000UA.job
C:\Windows\tasks\uqwhqkaony.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-09-02 1175944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-09-02 1175944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\\Phone\Skype.exe [2010-03-09 26100520]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2010-05-17 322352]
"Google Update"=C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-08 135664]
"AdobeUpdater"=C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe [2009-12-30 2356088]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2009-09-18 205976]
"GizmoDriveDelegate"=C:\PROGRA~1\GIZMO\GDRIVE.DLL [2010-01-26 390752]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"49010"=C:\Users\PC\AppData\Local\49010.exe [2010-09-22 963072]
"8828802"=C:\Users\PC\AppData\Local\8828802.exe [2010-09-20 995328]
"38098"=C:\Users\PC\AppData\Local\38098.exe [2010-09-21 967168]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
Gizmo.lnk - C:\Program Files\Gizmo\gizmo.exe
McAfee Security Scan.lnk - C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-09-23 21:06:19 ----D---- C:\rsit
2010-09-23 21:06:19 ----D---- C:\Program Files\trend micro
2010-09-23 20:17:16 ----A---- C:\Users\PC\AppData\Roaming\hotfix.exe
2010-09-16 16:58:07 ----A---- C:\Windows\system32\iertutil.dll
2010-09-15 12:51:04 ----A---- C:\Windows\system32\spoolsv.exe
2010-09-13 07:05:40 ----D---- C:\Program Files\DsNET Corp
2010-09-02 06:28:18 ----D---- C:\Program Files\Alcohol Soft
2010-09-02 06:24:57 ----A---- C:\Windows\system32\drivers\sptd.sys
2010-09-02 06:23:01 ----RASH---- C:\Windows\system32\mydocs1.dll
2010-09-02 06:22:13 ----D---- C:\Program Files\Franzis
======List of files/folders modified in the last 1 months======
2010-09-23 21:20:58 ----D---- C:\Windows\Temp
2010-09-23 21:18:51 ----A---- C:\Windows\ntbtlog.txt
2010-09-23 21:14:09 ----D---- C:\Users\PC\AppData\Roaming\Gizmo
2010-09-23 21:14:06 ----D---- C:\Windows\Tasks
2010-09-23 21:06:19 ----RD---- C:\Program Files
2010-09-23 20:54:26 ----SHD---- C:\Windows\Installer
2010-09-23 20:54:26 ----D---- C:\Program Files\ESET
2010-09-23 20:50:33 ----SD---- C:\Users\PC\AppData\Roaming\Microsoft
2010-09-23 20:44:07 ----D---- C:\Windows\Prefetch
2010-09-23 20:30:26 ----D---- C:\Windows\system32\config
2010-09-23 20:27:26 ----D---- C:\Windows\system32\Tasks
2010-09-23 20:09:46 ----D---- C:\Users\PC\AppData\Roaming\uTorrent
2010-09-20 18:42:08 ----D---- C:\Windows\System32
2010-09-20 18:42:08 ----D---- C:\Windows\inf
2010-09-20 18:42:08 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-09-16 17:24:00 ----D---- C:\Windows\winsxs
2010-09-16 16:59:22 ----D---- C:\ProgramData\Microsoft Help
2010-09-16 16:58:12 ----D---- C:\Windows\system32\catroot
2010-09-12 21:42:58 ----D---- C:\Users\PC\AppData\Roaming\Skype
2010-09-12 20:28:44 ----D---- C:\Users\PC\AppData\Roaming\skypePM
2010-09-07 19:00:43 ----D---- C:\Windows\system32\catroot2
2010-09-02 06:58:45 ----D---- C:\Windows
2010-09-02 06:24:57 ----D---- C:\Windows\system32\drivers
2010-09-02 06:24:41 ----SHD---- C:\System Volume Information
2010-09-01 17:48:19 ----A---- C:\Windows\PhotoSnapViewer.INI
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-09-02 722416]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-05-19 1166848]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x86.sys [2009-07-27 51712]
R3 lgbusenum;LG Bluetooth Bus Enumerator; C:\Windows\system32\DRIVERS\lgbtbus.sys [2009-09-29 10496]
S1 GizmoDrv;Gizmo Device Driver; C:\Windows\system32\drivers\GizmoDrv.sys [2010-01-26 23624]
S2 Angelnt;Angelnt; C:\Windows\System32\Drivers\ANGELNT.SYS [2009-12-29 51072]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 4994560]
S3 azp5gvs1;azp5gvs1; C:\Windows\system32\drivers\azp5gvs1.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
S3 LgBttPort;LGE Bluetooth TransPort; C:\Windows\system32\DRIVERS\lgbtport.sys [2009-09-29 12160]
S3 LGVMODEM;LGE Virtual Modem; C:\Windows\system32\DRIVERS\lgvmodem.sys [2009-09-29 12928]
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2010-01-28 47360]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 slicedisk.sys;slicedisk.sys; \??\C:\Windows\system32\slicedisk.sys []
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 TF1D091010;TF1D091010; C:\Windows\system32\DRIVERS\TF1D091010.sys [2008-02-02 99968]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys [2008-11-19 13056]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys [2008-11-19 19968]
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys [2008-11-19 24832]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]
S4 Kbdsernodde;Kbdsernodde; C:\Windows\system32\drivers\Kbdsernodde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
S2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 176128]
S2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
S2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 Gizmo Central;Gizmo Central; C:\Program Files\Gizmo\gservice.exe [2010-01-26 31856]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-07-04 136176]
S2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-12-30 68096]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-02-09 654848]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-23 1343400]
-----------------EOF-----------------
budem velmi vdacny ked mi niekto s tymto hajzlovskym vyrusom pomoze
Logfile of random's system information tool 1.08 (written by random/random)
Run by PC at 2010-09-23 21:21:02
Microsoft Windows 7 Ultimate
System drive C: has 38 GB (38%) free of 100 GB
Total RAM: 1788 MB (67% free)
HijackThis download failed
======Scheduled tasks folder======
C:\Windows\tasks\Acrobat Update.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2226280053-710159625-2274650757-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2226280053-710159625-2274650757-1000UA.job
C:\Windows\tasks\uqwhqkaony.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-09-02 1175944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-09-02 1175944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\\Phone\Skype.exe [2010-03-09 26100520]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2010-05-17 322352]
"Google Update"=C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-08 135664]
"AdobeUpdater"=C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe [2009-12-30 2356088]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2009-09-18 205976]
"GizmoDriveDelegate"=C:\PROGRA~1\GIZMO\GDRIVE.DLL [2010-01-26 390752]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"49010"=C:\Users\PC\AppData\Local\49010.exe [2010-09-22 963072]
"8828802"=C:\Users\PC\AppData\Local\8828802.exe [2010-09-20 995328]
"38098"=C:\Users\PC\AppData\Local\38098.exe [2010-09-21 967168]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
Gizmo.lnk - C:\Program Files\Gizmo\gizmo.exe
McAfee Security Scan.lnk - C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-09-23 21:06:19 ----D---- C:\rsit
2010-09-23 21:06:19 ----D---- C:\Program Files\trend micro
2010-09-23 20:17:16 ----A---- C:\Users\PC\AppData\Roaming\hotfix.exe
2010-09-16 16:58:07 ----A---- C:\Windows\system32\iertutil.dll
2010-09-15 12:51:04 ----A---- C:\Windows\system32\spoolsv.exe
2010-09-13 07:05:40 ----D---- C:\Program Files\DsNET Corp
2010-09-02 06:28:18 ----D---- C:\Program Files\Alcohol Soft
2010-09-02 06:24:57 ----A---- C:\Windows\system32\drivers\sptd.sys
2010-09-02 06:23:01 ----RASH---- C:\Windows\system32\mydocs1.dll
2010-09-02 06:22:13 ----D---- C:\Program Files\Franzis
======List of files/folders modified in the last 1 months======
2010-09-23 21:20:58 ----D---- C:\Windows\Temp
2010-09-23 21:18:51 ----A---- C:\Windows\ntbtlog.txt
2010-09-23 21:14:09 ----D---- C:\Users\PC\AppData\Roaming\Gizmo
2010-09-23 21:14:06 ----D---- C:\Windows\Tasks
2010-09-23 21:06:19 ----RD---- C:\Program Files
2010-09-23 20:54:26 ----SHD---- C:\Windows\Installer
2010-09-23 20:54:26 ----D---- C:\Program Files\ESET
2010-09-23 20:50:33 ----SD---- C:\Users\PC\AppData\Roaming\Microsoft
2010-09-23 20:44:07 ----D---- C:\Windows\Prefetch
2010-09-23 20:30:26 ----D---- C:\Windows\system32\config
2010-09-23 20:27:26 ----D---- C:\Windows\system32\Tasks
2010-09-23 20:09:46 ----D---- C:\Users\PC\AppData\Roaming\uTorrent
2010-09-20 18:42:08 ----D---- C:\Windows\System32
2010-09-20 18:42:08 ----D---- C:\Windows\inf
2010-09-20 18:42:08 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-09-16 17:24:00 ----D---- C:\Windows\winsxs
2010-09-16 16:59:22 ----D---- C:\ProgramData\Microsoft Help
2010-09-16 16:58:12 ----D---- C:\Windows\system32\catroot
2010-09-12 21:42:58 ----D---- C:\Users\PC\AppData\Roaming\Skype
2010-09-12 20:28:44 ----D---- C:\Users\PC\AppData\Roaming\skypePM
2010-09-07 19:00:43 ----D---- C:\Windows\system32\catroot2
2010-09-02 06:58:45 ----D---- C:\Windows
2010-09-02 06:24:57 ----D---- C:\Windows\system32\drivers
2010-09-02 06:24:41 ----SHD---- C:\System Volume Information
2010-09-01 17:48:19 ----A---- C:\Windows\PhotoSnapViewer.INI
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-09-02 722416]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-05-19 1166848]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x86.sys [2009-07-27 51712]
R3 lgbusenum;LG Bluetooth Bus Enumerator; C:\Windows\system32\DRIVERS\lgbtbus.sys [2009-09-29 10496]
S1 GizmoDrv;Gizmo Device Driver; C:\Windows\system32\drivers\GizmoDrv.sys [2010-01-26 23624]
S2 Angelnt;Angelnt; C:\Windows\System32\Drivers\ANGELNT.SYS [2009-12-29 51072]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 4994560]
S3 azp5gvs1;azp5gvs1; C:\Windows\system32\drivers\azp5gvs1.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
S3 LgBttPort;LGE Bluetooth TransPort; C:\Windows\system32\DRIVERS\lgbtport.sys [2009-09-29 12160]
S3 LGVMODEM;LGE Virtual Modem; C:\Windows\system32\DRIVERS\lgvmodem.sys [2009-09-29 12928]
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2010-01-28 47360]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 slicedisk.sys;slicedisk.sys; \??\C:\Windows\system32\slicedisk.sys []
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 TF1D091010;TF1D091010; C:\Windows\system32\DRIVERS\TF1D091010.sys [2008-02-02 99968]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys [2008-11-19 13056]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys [2008-11-19 19968]
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys [2008-11-19 24832]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]
S4 Kbdsernodde;Kbdsernodde; C:\Windows\system32\drivers\Kbdsernodde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
S2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 176128]
S2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
S2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 Gizmo Central;Gizmo Central; C:\Program Files\Gizmo\gservice.exe [2010-01-26 31856]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-07-04 136176]
S2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-12-30 68096]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-02-09 654848]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-23 1343400]
-----------------EOF-----------------
budem velmi vdacny ked mi niekto s tymto hajzlovskym vyrusom pomoze