Zawirusowany system 2- prosze o sprawdzenie loga

oldzia007 · 23 Październik 2007 18:19

Witam.

Kaspersky wyszukal wirusy:

-Trojan. Win32.Qhost.op

-Trojan-Downloader.JS.Psyme.me

Bede wdzieczna za pomoc.

File of HijackThis v1.99.1 Scan saved at 7:10:25 PM, on 10/23/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16544) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\S24EvMon.exe C:\WINDOWS\system32\ZCfgSvc.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\WINDOWS\System32\DVDRAMSV.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\RegSrvc.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\svchost.exe c:\toshiba\ivp\swupdate\swupdtmr.exe C:\Program Files\TOSHIBA\TME3\Tmesbs32.exe C:\Program Files\TOSHIBA\TME3\Tmesrv31.exe C:\WINDOWS\System32\1XConfig.exe C:\WINDOWS\System32\00THotkey.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\TOSHIBA\TME3\TMERzCtl.EXE C:\Program Files\TOSHIBA\TME3\TMESBS32.EXE C:\Program Files\TOSHIBA\DualPointUtility\TEDTray.exe C:\Program Files\TOSHIBA\TME3\TMEEJME.EXE C:\WINDOWS\system32\TFNF5.exe C:\WINDOWS\system32\TPSMain.exe C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe C:\Program Files\Toshiba\TAudEffect\TAudEff.exe C:\WINDOWS\System32\ezSP_Px.exe C:\Program Files\Apoint2K\Apntex.exe C:\TOSHIBA\IVP\ISM\pinger.exe C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe C:\Program Files\Winamp\winampa.exe C:\WINDOWS\system32\TPSBattM.exe C:\WINDOWS\System32\dlcccoms.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Ares\Ares.exe C:\WINDOWS\system32\RAMASST.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\Administrator\My Documents\antywirusy\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.eu/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.toshiba.com/ O4 - HKLM…\Run: [00THotkey] C:\WINDOWS\System32\00THotkey.exe O4 - HKLM…\Run: [000StTHK] 000StTHK.exe O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM…\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM…\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe O4 - HKLM…\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM…\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM…\Run: [TMESRV.EXE] C:\Program Files\TOSHIBA\TME3\TMESRV31.EXE /Logon O4 - HKLM…\Run: [TMERzCtl.EXE] C:\Program Files\TOSHIBA\TME3\TMERzCtl.EXE /Service O4 - HKLM…\Run: [TMESBS.EXE] C:\Program Files\TOSHIBA\TME3\TMESBS32.EXE /Client O4 - HKLM…\Run: [DpUtil] C:\Program Files\TOSHIBA\DualPointUtility\TEDTray.exe O4 - HKLM…\Run: [TFNF5] TFNF5.exe O4 - HKLM…\Run: [TPSMain] TPSMain.exe O4 - HKLM…\Run: [TFncKy] TFncKy.exe O4 - HKLM…\Run: [TosHKCW.exe] “C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe” O4 - HKLM…\Run: [smoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe O4 - HKLM…\Run: [TAudEffect] C:\Program Files\Toshiba\TAudEffect\TAudEff.exe /run O4 - HKLM…\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe O4 - HKLM…\Run: [Pinger] C:\TOSHIBA\IVP\ISM\pinger.exe /run O4 - HKLM…\Run: [PRONoMgr.exe] c:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe O4 - HKLM…\Run: [dlccmon.exe] “C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe” O4 - HKLM…\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM…\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM…\Run: [DLCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll,_RunDLLEntry@16 O4 - HKLM…\Run: [QuickTime Task] “C:\Program Files\QuickTime\qttask.exe” -atboottime O4 - HKLM…\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKLM…\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup O4 - HKLM…\Run: [AVP] “C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe” O4 - HKCU…\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook O4 - HKCU…\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU…\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU…\Run: [ares] “C:\Program Files\Ares\Ares.exe” -h O4 - Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE O4 - Global Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O14 - IERESET.INF: START_PAGE_URL=http://www.toshiba.com O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll O20 - Winlogon Notify: Sebring - c:\WINDOWS\System32\LgNotify.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" -r (file missing) O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: dlcc_device - Unknown owner - C:\WINDOWS\System32\dlcccoms.exe O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: Swupdtmr - Unknown owner - c:\toshiba\ivp\swupdate\swupdtmr.exe O23 - Service: Tmesbs32 (Tmesbs) - Unknown owner - C:\Program Files\TOSHIBA\TME3\Tmesbs32.exe" /Service (file missing) O23 - Service: Tmesrv3 (Tmesrv) - Unknown owner - C:\Program Files\TOSHIBA\TME3\Tmesrv31.exe" /Service (file missing)

Gutek · 23 Październik 2007 22:17

Daj log z ComboFix

oldzia007 · 23 Październik 2007 23:09

ComboFix 07-10-23.2 - User 2007-10-23 23:48:38.3 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.67 [GMT 1:00] Running from: C:\Documents and Settings\Administrator\My Documents\antywirusy\ComboFix2.exe * Created a new restore point . ((((((((((((((((((((((((( Files Created from 2007-09-23 to 2007-10-23 ))))))))))))))))))))))))))))))) . 2007-10-21 16:38 82,061 --a------ C:\WINDOWS\system32\drivers\klick.dat 2007-10-21 16:38 81,549 --a------ C:\WINDOWS\system32\drivers\klin.dat 2007-10-21 16:37 2007-10-21 16:37 2,347,552 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat 2007-10-21 16:37 15,392 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat 2007-10-09 23:25 582,656 -----c— C:\WINDOWS\system32\dllcache\rpcrt4.dll 2007-09-26 22:33 2,647,172 --a------ C:\icytower(dobreprogramy.pl).exe 2007-09-23 18:23 2007-09-23 15:24 . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-10-23 23:03 --------- d-----w C:\Documents and Settings\User\Application Data\Skype 2007-10-23 21:00 25,052 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx 2007-10-23 21:00 1,988 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx 2007-10-20 20:41 --------- d-----w C:\Program Files\Dl_cats 2007-10-08 22:56 --------- d-----w C:\Program Files\Jasc Software Inc 2007-09-20 20:38 --------- d-----w C:\Program Files\RM Converter 2007-09-20 20:37 --------- d-----w C:\Program Files\Yahoo! 2007-09-20 20:36 --------- d-----w C:\Program Files\Common Files\Symantec Shared 2007-09-18 19:24 --------- d-----w C:\Program Files\Nokia 2007-09-15 06:21 --------- d-----w C:\Documents and Settings\User\Application Data\Yahoo! 2007-09-09 12:44 --------- d-----w C:\Documents and Settings\User\Application Data\Nokia 2007-09-08 21:13 --------- d-----w C:\Documents and Settings\User\Application Data\Nokia Multimedia Player 2007-09-08 20:52 --------- d-----w C:\Documents and Settings\User\Application Data\PC Suite 2007-09-08 20:51 --------- d-----w C:\Program Files\Common Files\PCSuite 2007-09-08 20:51 --------- d-----w C:\Program Files\Common Files\Nokia 2007-09-08 20:50 --------- d-----w C:\Program Files\PC Connectivity Solution 2007-09-08 20:50 --------- d-----w C:\Program Files\DIFX 2007-09-08 19:15 --------- d-----w C:\Program Files\3220 USB-Handset Manager 2007-09-08 19:14 --------- d-----w C:\Documents and Settings\User\Application Data\MobileAction 2007-09-03 18:00 --------- d-----w C:\Program Files\Windows Desktop Search 2007-09-03 17:16 --------- d-----w C:\Program Files\Real 2007-09-03 17:15 --------- d-----w C:\Program Files\Windows Live Toolbar 2007-09-02 21:57 --------- d-----w C:\Program Files\MarBit 2007-08-29 02:03 --------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2 2007-08-28 20:52 --------- d-----w C:\Program Files\Microsoft Works 2007-08-28 20:50 --------- d-----w C:\Program Files\Microsoft.NET . ((((((((((((((((((((((((((((( snapshot_2007-09-22_151917.29 ))))))))))))))))))))))))))))))))))))))))) . + 2007-08-20 10:02:09 124,928 ----a-w C:\WINDOWS$hf_mig$\KB939653-IE7\SP2QFE\advpack.dll + 2007-08-20 10:02:11 214,528 ----a-w C:\WINDOWS$hf_mig$\KB939653-IE7\SP2QFE\dxtrans.dll + 2007-08-20 10:02:09 132,608 ----a-w C:\WINDOWS$hf_mig$\KB939653-IE7\SP2QFE\extmgr.dll + 2007-08-20 10:02:09 63,488 ----a-w C:\WINDOWS$hf_mig$\KB939653-IE7\SP2QFE\icardie.dll + 2007-08-17 10:12:34 70,656 ----a-w C:\WINDOWS$hf_mig$\KB939653-IE7\SP2QFE\ie4uinit.exe + 2007-08-20 10:02:09 153,088 ----a-w C:\WINDOWS$hf_mig$\KB939653-IE7\SP2QFE\ieakeng.dll + 2007-08-20 10:02:09 230,400 ----a-w C:\WINDOWS$hf_mig$\KB939653-IE7\SP2QFE\ieaksie.dll + 2007-08-17 07:29:55 161,792 ----a-w C:\WINDOWS$hf_mig$\KB939653-IE7\SP2QFE\ieakui.dll + 2007-04-17 09:28:12 2,455,488 ----a-w C:\WINDOWS$hf_mig$\KB939653-IE7\SP2QFE\ieapfltr.dat + 2007-08-20 10:02:09 383,488 ----a-w C:\WINDOWS$hf_mig$\KB939653-IE7\SP2QFE\ieapfltr.dll + 2007-08-20 10:02:09 387,584 ----a-w C:\WINDOWS$hf_mig$\KB939653-IE7\SP2QFE\iedkcs32.dll + 2007-08-20 10:02:10 6,066,176 ----a-w C:\WINDOWS$hf_mig$\KB939653-IE7\SP2QFE\ieframe.dll + 2007-08-20 10:02:10 44,544 ----a-w C:\WINDOWS$hf_mig$\KB939653-IE7\SP2QFE\iernonce.dll + 2007-08-20 10:02:10 267,776 ----a-w C:\WINDOWS$hf_mig$\KB939653-IE7\SP2QFE\iertutil.dll + 2007-08-17 10:12:35 13,824 ----a-w C:\WINDOWS$hf_mig$\KB939653-IE7\SP2QFE\ieudinit.exe + 2007-08-17 10:12:49 625,152 ----a-w C:\WINDOWS$hf_mig$\KB939653-IE7\SP2QFE\iexplore.exe + 2007-08-20 10:02:10 27,648 ----a-w C:\WINDOWS$hf_mig$\KB939653-IE7\SP2QFE\jsproxy.dll + 2007-08-20 10:02:10 459,264 ----a-w C:\WINDOWS$hf_mig$\KB939653-IE7\SP2QFE\msfeeds.dll + 2007-08-20 10:02:10 52,224 ----a-w C:\WINDOWS$hf_mig$\KB939653-IE7\SP2QFE\msfeedsbs.dll + 2007-08-20 10:02:11 3,592,192 ----a-w C:\WINDOWS$hf_mig$\KB939653-IE7\SP2QFE\mshtml.dll + 2007-08-20 10:02:11 478,208 ----a-w C:\WINDOWS$hf_mig$\KB939653-IE7\SP2QFE\mshtmled.dll + 2007-08-20 10:02:11 193,024 ----a-w C:\WINDOWS$hf_mig$\KB939653-IE7\SP2QFE\msrating.dll + 2007-08-20 10:02:11 671,232 ----a-w C:\WINDOWS$hf_mig$\KB939653-IE7\SP2QFE\mstime.dll + 2007-08-20 10:02:11 102,400 ----a-w C:\WINDOWS$hf_mig$\KB939653-IE7\SP2QFE\occache.dll + 2007-08-20 10:02:11 105,984 ----a-w C:\WINDOWS$hf_mig$\KB939653-IE7\SP2QFE\url.dll + 2007-08-20 10:02:11 1,161,728 ----a-w C:\WINDOWS$hf_mig$\KB939653-IE7\SP2QFE\urlmon.dll + 2007-08-20 10:02:11 232,960 ----a-w C:\WINDOWS$hf_mig$\KB939653-IE7\SP2QFE\webcheck.dll + 2007-08-20 10:02:11 825,344 ----a-w C:\WINDOWS$hf_mig$\KB939653-IE7\SP2QFE\wininet.dll + 2007-03-06 01:22:36 14,048 ----a-w C:\WINDOWS$hf_mig$\KB939653-IE7\spmsg.dll + 2007-03-06 01:22:41 213,216 ----a-w C:\WINDOWS$hf_mig$\KB939653-IE7\spuninst.exe + 2007-03-06 01:22:34 22,752 ----a-w C:\WINDOWS$hf_mig$\KB939653-IE7\update\spcustom.dll + 2007-03-06 01:22:59 716,000 ----a-w C:\WINDOWS$hf_mig$\KB939653-IE7\update\update.exe + 2007-03-06 01:23:51 371,424 ----a-w C:\WINDOWS$hf_mig$\KB939653-IE7\update\updspapi.dll + 2007-08-21 06:25:02 683,520 ----a-w C:\WINDOWS$hf_mig$\KB941202\SP2QFE\inetcomm.dll + 2007-03-06 01:22:36 14,048 ----a-w C:\WINDOWS$hf_mig$\KB941202\spmsg.dll + 2007-03-06 01:22:41 213,216 ----a-w C:\WINDOWS$hf_mig$\KB941202\spuninst.exe + 2007-03-06 01:22:34 22,752 ----a-w C:\WINDOWS$hf_mig$\KB941202\update\spcustom.dll + 2007-03-06 01:22:59 716,000 ----a-w C:\WINDOWS$hf_mig$\KB941202\update\update.exe + 2007-03-06 01:23:51 371,424 ----a-w C:\WINDOWS$hf_mig$\KB941202\update\updspapi.dll - 2007-07-19 23:47:22 109,056 ----a-w C:\WINDOWS\catchme.exe + 2007-10-20 05:03:30 136,192 ----a-w C:\WINDOWS\catchme.exe + 2007-09-23 07:52:19 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE + 2007-09-23 14:24:37 1,249,280 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\00000001\NTUSER.DAT + 2007-09-23 14:24:37 8,192 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\00000002\UsrClass.dat + 2007-09-23 07:52:19 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE + 2007-09-23 14:24:26 1,249,280 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000001\NTUSER.DAT + 2007-09-23 14:24:26 8,192 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000002\UsrClass.dat + 2007-06-27 14:34:51 124,928 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\advpack.dll + 2006-10-17 10:57:50 214,528 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\dxtrans.dll + 2007-06-27 14:34:51 132,608 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\extmgr.dll + 2006-10-17 10:58:20 61,952 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\icardie.dll + 2007-06-27 08:27:04 63,488 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\ie4uinit.exe + 2007-06-27 14:34:51 153,088 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\ieakeng.dll + 2007-06-27 14:34:51 230,400 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\ieaksie.dll + 2007-06-27 07:00:33 161,792 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\ieakui.dll + 2007-06-27 14:34:51 383,488 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\ieapfltr.dll + 2007-06-27 14:34:51 384,512 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\iedkcs32.dll + 2007-06-27 14:34:55 6,058,496 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\ieframe.dll + 2007-06-27 14:34:55 44,544 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\iernonce.dll + 2007-06-27 14:34:55 267,776 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\iertutil.dll + 2007-06-27 08:27:05 13,824 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\ieudinit.exe + 2007-06-27 08:27:30 625,152 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\iexplore.exe + 2007-06-27 14:34:56 27,648 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\jsproxy.dll + 2007-06-27 14:34:56 459,264 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\msfeeds.dll + 2007-06-27 14:34:56 52,224 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\msfeedsbs.dll + 2007-07-19 06:59:59 3,583,488 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\mshtml.dll + 2007-06-27 14:34:57 477,696 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\mshtmled.dll + 2007-06-27 14:34:58 193,024 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\msrating.dll + 2007-06-27 14:34:58 671,232 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\mstime.dll + 2007-06-27 14:34:58 102,400 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\occache.dll + 2007-03-06 01:22:41 213,216 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe + 2007-03-06 01:23:51 371,424 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\updspapi.dll + 2007-06-27 14:34:58 105,984 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\url.dll + 2007-06-27 14:34:58 1,152,000 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\urlmon.dll + 2007-06-27 14:34:59 232,960 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\webcheck.dll + 2007-06-27 14:34:59 823,808 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\wininet.dll - 2007-09-19 11:52:48 20,240 ----a-r C:\WINDOWS\Installer{91120000-0012-0000-0000-0000000FF1CE}\cagicon.exe + 2007-10-10 06:00:08 20,240 ----a-r C:\WINDOWS\Installer{91120000-0012-0000-0000-0000000FF1CE}\cagicon.exe - 2007-09-19 11:52:48 217,864 ----a-r C:\WINDOWS\Installer{91120000-0012-0000-0000-0000000FF1CE}\misc.exe + 2007-10-10 06:00:08 217,864 ----a-r C:\WINDOWS\Installer{91120000-0012-0000-0000-0000000FF1CE}\misc.exe - 2007-09-19 11:52:48 18,704 ----a-r C:\WINDOWS\Installer{91120000-0012-0000-0000-0000000FF1CE}\mspicons.exe + 2007-10-10 06:00:08 18,704 ----a-r C:\WINDOWS\Installer{91120000-0012-0000-0000-0000000FF1CE}\mspicons.exe - 2007-09-19 11:52:48 35,088 ----a-r C:\WINDOWS\Installer{91120000-0012-0000-0000-0000000FF1CE}\oisicon.exe + 2007-10-10 06:00:09 35,088 ----a-r C:\WINDOWS\Installer{91120000-0012-0000-0000-0000000FF1CE}\oisicon.exe - 2007-09-19 11:52:47 845,584 ----a-r C:\WINDOWS\Installer{91120000-0012-0000-0000-0000000FF1CE}\outicon.exe + 2007-10-10 06:00:07 845,584 ----a-r C:\WINDOWS\Installer{91120000-0012-0000-0000-0000000FF1CE}\outicon.exe - 2007-09-19 11:52:48 922,384 ----a-r C:\WINDOWS\Installer{91120000-0012-0000-0000-0000000FF1CE}\pptico.exe + 2007-10-10 06:00:07 922,384 ----a-r C:\WINDOWS\Installer{91120000-0012-0000-0000-0000000FF1CE}\pptico.exe - 2007-09-19 11:52:48 888,080 ----a-r C:\WINDOWS\Installer{91120000-0012-0000-0000-0000000FF1CE}\wordicon.exe + 2007-10-10 06:00:08 888,080 ----a-r C:\WINDOWS\Installer{91120000-0012-0000-0000-0000000FF1CE}\wordicon.exe - 2007-09-19 11:52:47 1,172,240 ----a-r C:\WINDOWS\Installer{91120000-0012-0000-0000-0000000FF1CE}\xlicons.exe + 2007-10-10 06:00:07 1,172,240 ----a-r C:\WINDOWS\Installer{91120000-0012-0000-0000-0000000FF1CE}\xlicons.exe - 2007-06-27 14:34:51 124,928 ----a-w C:\WINDOWS\system32\advpack.dll + 2007-08-20 10:04:34 124,928 ----a-w C:\WINDOWS\system32\advpack.dll - 2007-09-19 20:53:27 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat + 2007-10-21 15:42:03 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat - 2007-09-19 20:53:27 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat + 2007-10-21 15:42:03 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat - 2007-09-19 20:53:27 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat + 2007-10-21 15:42:03 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat - 2007-06-27 14:34:51 124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll + 2007-08-20 10:04:34 124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll - 2006-10-17 10:57:50 214,528 -c–a-w C:\WINDOWS\system32\dllcache\dxtrans.dll + 2007-08-20 10:04:34 214,528 -c–a-w C:\WINDOWS\system32\dllcache\dxtrans.dll - 2007-06-27 14:34:51 132,608 -c–a-w C:\WINDOWS\system32\dllcache\extmgr.dll + 2007-08-20 10:04:34 132,608 -c–a-w C:\WINDOWS\system32\dllcache\extmgr.dll + 2007-08-20 10:04:34 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll - 2007-06-27 08:27:04 63,488 -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe + 2007-08-17 10:20:54 63,488 -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe - 2007-06-27 14:34:51 153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll + 2007-08-20 10:04:34 153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll - 2007-06-27 14:34:51 230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll + 2007-08-20 10:04:35 230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll - 2007-06-27 07:00:33 161,792 -c----w C:\WINDOWS\system32\dllcache\ieakui.dll + 2007-08-17 07:34:25 161,792 -c----w C:\WINDOWS\system32\dllcache\ieakui.dll - 2007-06-27 14:34:51 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll + 2007-08-20 10:04:35 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll - 2007-06-27 14:34:51 384,512 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll + 2007-08-20 10:04:35 384,512 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll - 2007-06-27 14:34:55 6,058,496 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll + 2007-08-20 10:04:37 6,058,496 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll - 2007-06-27 14:34:55 44,544 -c----w C:\WINDOWS\system32\dllcache\iernonce.dll + 2007-08-20 10:04:38 44,544 -c----w C:\WINDOWS\system32\dllcache\iernonce.dll - 2007-06-27 14:34:55 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll + 2007-08-20 10:04:38 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll - 2007-06-27 08:27:05 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe + 2007-08-17 10:20:54 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe - 2007-06-27 08:27:30 625,152 -c----w C:\WINDOWS\system32\dllcache\iexplore.exe + 2007-08-17 10:21:21 625,152 -c----w C:\WINDOWS\system32\dllcache\iexplore.exe - 2007-05-16 15:12:02 683,520 -c----w C:\WINDOWS\system32\dllcache\inetcomm.dll + 2007-08-21 06:15:44 683,520 -c----w C:\WINDOWS\system32\dllcache\inetcomm.dll - 2007-06-27 14:34:56 27,648 -c–a-w C:\WINDOWS\system32\dllcache\jsproxy.dll + 2007-08-20 10:04:39 27,648 -c–a-w C:\WINDOWS\system32\dllcache\jsproxy.dll - 2007-06-27 14:34:56 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll + 2007-08-20 10:04:39 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll - 2007-06-27 14:34:56 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll + 2007-08-20 10:04:39 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll - 2007-07-19 06:59:59 3,583,488 -c–a-w C:\WINDOWS\system32\dllcache\mshtml.dll + 2007-08-20 10:04:41 3,584,512 -c–a-w C:\WINDOWS\system32\dllcache\mshtml.dll - 2007-06-27 14:34:57 477,696 -c–a-w C:\WINDOWS\system32\dllcache\mshtmled.dll + 2007-08-20 10:04:41 477,696 -c–a-w C:\WINDOWS\system32\dllcache\mshtmled.dll - 2007-06-27 14:34:58 193,024 -c–a-w C:\WINDOWS\system32\dllcache\msrating.dll + 2007-08-20 10:04:41 193,024 -c–a-w C:\WINDOWS\system32\dllcache\msrating.dll - 2007-06-27 14:34:58 671,232 -c–a-w C:\WINDOWS\system32\dllcache\mstime.dll + 2007-08-20 10:04:42 671,232 -c–a-w C:\WINDOWS\system32\dllcache\mstime.dll - 2007-06-27 14:34:58 102,400 -c----w C:\WINDOWS\system32\dllcache\occache.dll + 2007-08-20 10:04:42 102,400 -c----w C:\WINDOWS\system32\dllcache\occache.dll - 2007-06-27 14:34:58 105,984 -c----w C:\WINDOWS\system32\dllcache\url.dll + 2007-08-20 10:04:42 105,984 -c----w C:\WINDOWS\system32\dllcache\url.dll - 2007-06-27 14:34:58 1,152,000 -c–a-w C:\WINDOWS\system32\dllcache\urlmon.dll + 2007-08-20 10:04:42 1,152,000 -c–a-w C:\WINDOWS\system32\dllcache\urlmon.dll - 2007-06-27 14:34:59 232,960 -c----w C:\WINDOWS\system32\dllcache\webcheck.dll + 2007-08-20 10:04:42 232,960 -c----w C:\WINDOWS\system32\dllcache\webcheck.dll - 2007-06-27 14:34:59 823,808 -c–a-w C:\WINDOWS\system32\dllcache\wininet.dll + 2007-08-20 10:04:43 824,832 -c–a-w C:\WINDOWS\system32\dllcache\wininet.dll - 2006-10-17 10:57:50 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll + 2007-08-20 10:04:34 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll - 2007-06-27 14:34:51 132,608 ----a-w C:\WINDOWS\system32\extmgr.dll + 2007-08-20 10:04:34 132,608 ----a-w C:\WINDOWS\system32\extmgr.dll - 2006-10-17 10:58:20 61,952 ------w C:\WINDOWS\system32\icardie.dll + 2007-08-20 10:04:34 63,488 ----a-w C:\WINDOWS\system32\icardie.dll - 2007-06-27 08:27:04 63,488 ----a-w C:\WINDOWS\system32\ie4uinit.exe + 2007-08-17 10:20:54 63,488 ----a-w C:\WINDOWS\system32\ie4uinit.exe - 2007-06-27 14:34:51 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll + 2007-08-20 10:04:34 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll - 2007-06-27 14:34:51 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll + 2007-08-20 10:04:35 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll - 2007-06-27 07:00:33 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll + 2007-08-17 07:34:25 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll - 2007-06-27 14:34:51 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll + 2007-08-20 10:04:35 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll - 2007-06-27 14:34:51 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll + 2007-08-20 10:04:35 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll - 2007-06-27 14:34:55 6,058,496 ----a-w C:\WINDOWS\system32\ieframe.dll + 2007-08-20 10:04:37 6,058,496 ----a-w C:\WINDOWS\system32\ieframe.dll - 2007-06-27 14:34:55 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll + 2007-08-20 10:04:38 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll - 2007-06-27 14:34:55 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll + 2007-08-20 10:04:38 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll - 2007-06-27 08:27:05 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe + 2007-08-17 10:20:54 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe - 2007-05-16 15:12:02 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll + 2007-08-21 06:15:44 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll - 2007-06-27 14:34:56 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll + 2007-08-20 10:04:39 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll - 2007-09-06 02:50:42 17,474,680 ----a-w C:\WINDOWS\system32\MRT.exe + 2007-09-28 05:19:39 18,089,592 ----a-w C:\WINDOWS\system32\MRT.exe - 2007-06-27 14:34:56 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll + 2007-08-20 10:04:39 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll - 2007-06-27 14:34:56 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll + 2007-08-20 10:04:39 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll - 2007-07-19 06:59:59 3,583,488 ----a-w C:\WINDOWS\system32\mshtml.dll + 2007-08-20 10:04:41 3,584,512 ----a-w C:\WINDOWS\system32\mshtml.dll - 2007-06-27 14:34:57 477,696 ----a-w C:\WINDOWS\system32\mshtmled.dll + 2007-08-20 10:04:41 477,696 ----a-w C:\WINDOWS\system32\mshtmled.dll - 2007-06-27 14:34:58 193,024 ----a-w C:\WINDOWS\system32\msrating.dll + 2007-08-20 10:04:41 193,024 ----a-w C:\WINDOWS\system32\msrating.dll - 2007-06-27 14:34:58 671,232 ----a-w C:\WINDOWS\system32\mstime.dll + 2007-08-20 10:04:42 671,232 ----a-w C:\WINDOWS\system32\mstime.dll - 2007-06-27 14:34:58 102,400 ----a-w C:\WINDOWS\system32\occache.dll + 2007-08-20 10:04:42 102,400 ----a-w C:\WINDOWS\system32\occache.dll - 2004-08-04 07:56:44 581,120 ----a-w C:\WINDOWS\system32\rpcrt4.dll + 2007-07-09 13:16:16 582,656 ----a-w C:\WINDOWS\system32\rpcrt4.dll - 2007-07-22 17:39:27 279,552 ----a-w C:\WINDOWS\system32\swreg.exe + 2007-04-02 13:21:27 139,776 ----a-w C:\WINDOWS\system32\swreg.exe - 2007-06-27 14:34:58 105,984 ----a-w C:\WINDOWS\system32\url.dll + 2007-08-20 10:04:42 105,984 ----a-w C:\WINDOWS\system32\url.dll - 2007-06-27 14:34:58 1,152,000 ------w C:\WINDOWS\system32\urlmon.dll + 2007-08-20 10:04:42 1,152,000 ----a-w C:\WINDOWS\system32\urlmon.dll - 2007-06-27 14:34:59 232,960 ----a-w C:\WINDOWS\system32\webcheck.dll + 2007-08-20 10:04:42 232,960 ----a-w C:\WINDOWS\system32\webcheck.dll - 2007-06-27 14:34:59 823,808 ------w C:\WINDOWS\system32\wininet.dll + 2007-08-20 10:04:43 824,832 ----a-w C:\WINDOWS\system32\wininet.dll - 2007-04-18 10:07:59 248,320 ----a-w C:\WINDOWS\system32\xpsp3res.dll + 2007-06-19 07:24:36 350,720 ----a-w C:\WINDOWS\system32\xpsp3res.dll . – Snapshot reset to current date – . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “00THotkey”=“C:\WINDOWS\System32\00THotkey.exe” [2003-11-21 23:49] “000StTHK”=“000StTHK.exe” [2001-06-24 05:28 C:\WINDOWS\system32\000StTHK.exe] “NvCplDaemon”=“C:\WINDOWS\System32\NvCpl.dll” [2003-12-10 15:50] “nwiz”=“nwiz.exe” [2003-12-10 15:50 C:\WINDOWS\system32\nwiz.exe] “LtMoh”=“C:\Program Files\ltmoh\Ltmoh.exe” [2003-01-03 01:16] “AGRSMMSG”=“AGRSMMSG.exe” [2003-04-18 20:20 C:\WINDOWS\agrsmmsg.exe] “Apoint”=“C:\Program Files\Apoint2K\Apoint.exe” [2003-10-31 01:46] “TMESRV.EXE”=“C:\Program Files\TOSHIBA\TME3\TMESRV31.exe” [2003-12-10 05:50] “TMERzCtl.EXE”=“C:\Program Files\TOSHIBA\TME3\TMERzCtl.exe” [2003-10-07 02:43] “TMESBS.EXE”=“C:\Program Files\TOSHIBA\TME3\TMESBS32.exe” [2003-08-01 23:56] “DpUtil”=“C:\Program Files\TOSHIBA\DualPointUtility\TEDTray.exe” [2003-11-12 05:19] “TFNF5”=“TFNF5.exe” [2003-11-18 04:42 C:\WINDOWS\system32\TFNF5.exe] “TPSMain”=“TPSMain.exe” [2003-12-15 20:54 C:\WINDOWS\system32\TPSMain.exe] “TFncKy”=“TFncKy.exe” [] “TosHKCW.exe”=“C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe” [2002-09-10 00:07] “SmoothView”=“C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe” [2003-12-03 21:26] “TAudEffect”=“C:\Program Files\Toshiba\TAudEffect\TAudEff.exe” [2003-12-26 01:17] “ezShieldProtector for Px”=“C:\WINDOWS\System32\ezSP_Px.exe” [2002-08-20 19:29] “Pinger”=“C:\TOSHIBA\IVP\ISM\pinger.exe” [2005-03-17 16:37] “PRONoMgr.exe”=“c:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe” [2003-12-10 10:36] “dlccmon.exe”=“C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe” [2005-07-22 20:03] “WinampAgent”=“C:\Program Files\Winamp\winampa.exe” [2007-05-14 23:22] “RealTray”=“C:\Program Files\Real\RealPlayer\RealPlay.exe” [2004-01-15 00:32] “DLCCCATS”=“C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll” [2005-06-07 19:38] “QuickTime Task”=“C:\Program Files\QuickTime\qttask.exe” [2004-01-15 00:33] “Picasa Media Detector”=“C:\Program Files\Picasa2\PicasaMediaDetector.exe” [2007-06-16 00:15] “PCSuiteTrayApplication”=“C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe” [2007-06-18 15:10] “AVP”=“C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe” [2007-06-28 12:51] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “NVIEW”=“nview.dll” [2003-12-10 15:50 C:\WINDOWS\system32\nview.dll] “TOSCDSPD”=“C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe” [2003-09-05 12:24] “ctfmon.exe”=“C:\WINDOWS\system32\ctfmon.exe” [2004-08-04 08:56] “swg”=“C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe” [2007-07-25 18:05] “ares”=“C:\Program Files\Ares\Ares.exe” [2007-05-04 01:32] [HKEY_USERS.default\software\microsoft\windows\currentversion\run] “Nokia.PCSync”=C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog “DWQueuedReporting”=“C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe” -t C:\Documents and Settings\User\Start Menu\Programs\Startup\ Microsoft Office OneNote 2003 Quick Launch.lnk - C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE [2005-03-17 14:06:14] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Sebring] c:\WINDOWS\System32\LgNotify.dll 2003-12-17 00:49 110592 c:\WINDOWS\system32\LgNotify.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] “appinit_dlls”=C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll R1 TMEI3E;TMEI3E;C:\WINDOWS\system32\Drivers\TMEI3E.SYS R2 Tmesbs;Tmesbs32;“C:\Program Files\TOSHIBA\TME3\Tmesbs32.exe” /Service R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys R3 TEchoCan;Toshiba Audio Effect;C:\WINDOWS\system32\DRIVERS\TEchoCan.sys S3 portio;TPM Service;C:\WINDOWS\system32\DRIVERS\NscTpmDD.sys S3 SymIM;Symantec Network Security Intermediate Filter Service;C:\WINDOWS\system32\DRIVERS\SymIM.sys S3 SymIMMP;SymIMMP;C:\WINDOWS\system32\DRIVERS\SymIM.sys S3 tosrfec;Bluetooth ACPI from TOSHIBA;C:\WINDOWS\system32\DRIVERS\tosrfec.sys . ************************************************************************** catchme 0.3.1232 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-10-24 00:03:55 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes … scanning hidden autostart entries … HKLM\Software\Microsoft\Windows\CurrentVersion\Run DLCCCATS = rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll,_RunDLLEntry@16??? scanning hidden files … scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-10-24 0:06:37 . — E O F —]

Przepraszam za cale zamotanie.

Gutek · 24 Październik 2007 04:58

podaj lokalizację syfu

oldzia007 · 24 Październik 2007 16:16

Dziekuje

Krzychuu · 24 Październik 2007 16:17

oldzia007 z tego co podałaś to wynika, że został już usunięty.

Jeśli chcesz to możesz wyłączyć i włączyć przywracanie systemu, wtedy napewno wszystko się usunie

oldzia007 · 24 Październik 2007 17:06

Czy brak podpowiedzi oznacza, ze rzeczywiscie powinnam zainstalowac system na nowo?