Witam.
Od jakiegoś czasu w procesach systemowych widnieje asghost.exe.
Czy to jakiś wir? Daje loga z ComboFixa
Poprawiłam temat postu oraz sam post.
Proszę nie używać wielokrotnie ??, to na prawdę nie są ozdobniki.
Proszę pisać zgodnie z zasadami ortografii i interpunkcji języka polskiego.
Zdanie rozpoczynamy z dużej litery i kończymy kropką.
Dziękuję.
charm_spider
Od jakiegoś czasu w procesach systemowych widnieje asghost.exe.
Czy to jakiś wir? Daje loga z ComboFixa
ComboFix 07-08-17.2 - "Just" 2007-08-21 8:08:58.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.577 [GMT 2:00]
* Created a new restore point
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\DOCUME~1\Just\DANEAP~1.\crosof~1.net
C:\DOCUME~1\Just\DANEAP~1.\crosof~1.net\??crosoft.NET\
C:\DOCUME~1\Just\DANEAP~1.\crosof~1.net\nslookup.exe
C:\DOCUME~1\Just\MENUST~1\Programy.\Outerinfo
C:\DOCUME~1\Just\MENUST~1\Programy.\Outerinfo\Terms.lnk
C:\DOCUME~1\Just\MENUST~1\Programy.\Outerinfo\Uninstall.lnk
C:\DOCUME~1\Just\MOJEDO~1.\icroso~1
C:\Program Files\outerinfo
C:\Program Files\outerinfo\Terms.rtf
C:\Program Files\ymante~1
C:\Program Files\ymante~1\?ttrib.exe
C:\WINDOWS\scurit~1
C:\WINDOWS\system32\7_exception.nls
C:\WINDOWS\system32\drivers\ip6fw.sys
C:\WINDOWS\system32\drivers\runtime2.sys
C:\WINDOWS\system32\koos.exe
C:\WINDOWS\system32\kprof
C:\WINDOWS\system32\layit.dll
C:\WINDOWS\system32\poof
C:\WINDOWS\system32\rpcc.dll
C:\WINDOWS\system32\winubg32.dll
E:\Autorun.inf
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
-------\LEGACY_POOF
-------\LEGACY_RUNTIME
-------\LEGACY_RUNTIME2
-------\runtime
((((((((((((((((((((((((( Files Created from 2007-07-21 to 2007-08-21 )))))))))))))))))))))))))))))))
2007-08-21 08:10 2 --a------ C:\WINDOWS\system32\wnstsisv.exe
2007-08-21 08:09 40,183 ---hs---- C:\Program Files\Common Files\Yazzle1162OinUninstaller.exe
2007-08-21 08:07 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-08-20 12:09 94,424 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2007-08-20 12:09 90,112 --a------ C:\WINDOWS\system32\AVASTSS.scr
2007-08-20 12:09 85,952 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2007-08-20 12:09 689,280 --a------ C:\WINDOWS\system32\aswBoot.exe
2007-08-20 12:09 43,176 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2007-08-20 12:09 31,560 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2007-08-20 12:09 23,352 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2007-08-20 12:09 <DIR> d-------- C:\Program Files\Alwil Software
2007-08-20 11:55 <DIR> d-------- C:\Program Files\CA
2007-08-20 11:50 <DIR> d-------- C:\Program Files\Microsoft Windows Small Business Server
2007-08-20 11:50 <DIR> d-------- C:\DOCUME~1\Filoda\DANEAP~1\Teleca
2007-08-20 11:50 <DIR> d-------- C:\DOCUME~1\Filoda\DANEAP~1\Sony Ericsson
2007-08-20 11:50 <DIR> d-------- C:\DOCUME~1\Filoda\DANEAP~1\LG Electronics
2007-08-20 11:49 1,048,576 --ah----- C:\DOCUME~1\Filoda\NTUSER.DAT
2007-08-20 11:49 <DIR> dr-h----- C:\DOCUME~1\Filoda\Dane aplikacji
2007-08-20 11:49 <DIR> dr------- C:\DOCUME~1\Filoda\Ulubione
2007-08-20 11:49 <DIR> dr------- C:\DOCUME~1\Filoda\Moje dokumenty
2007-08-20 11:49 <DIR> dr------- C:\DOCUME~1\Filoda\Menu Start
2007-08-20 11:49 <DIR> d--h----- C:\DOCUME~1\Filoda\Ustawienia lokalne
2007-08-20 11:49 <DIR> d--h----- C:\DOCUME~1\Filoda\Szablony
2007-08-20 11:49 <DIR> d-------- C:\DOCUME~1\Filoda\Pulpit
2007-08-20 11:49 <DIR> d-------- C:\DOCUME~1\Filoda\DANEAP~1\SampleView
2007-08-20 11:41 <DIR> d-------- C:\DOCUME~1\JUST~1.MET\DANEAP~1\Teleca
2007-08-20 11:40 <DIR> d-------- C:\DOCUME~1\JUST~1.MET\DANEAP~1\Sony Ericsson
2007-08-20 11:40 <DIR> d-------- C:\DOCUME~1\JUST~1.MET\DANEAP~1\LG Electronics
2007-08-20 11:39 1,048,576 --ah----- C:\DOCUME~1\JUST~1.MET\NTUSER.DAT
2007-08-20 11:39 <DIR> dr-h----- C:\DOCUME~1\JUST~1.MET\Dane aplikacji
2007-08-20 11:39 <DIR> dr------- C:\DOCUME~1\JUST~1.MET\Ulubione
2007-08-20 11:39 <DIR> dr------- C:\DOCUME~1\JUST~1.MET\Moje dokumenty
2007-08-20 11:39 <DIR> dr------- C:\DOCUME~1\JUST~1.MET\Menu Start
2007-08-20 11:39 <DIR> d--hs---- C:\WINDOWS\CSC
2007-08-20 11:39 <DIR> d--h----- C:\DOCUME~1\JUST~1.MET\Ustawienia lokalne
2007-08-20 11:39 <DIR> d--h----- C:\DOCUME~1\JUST~1.MET\Szablony
2007-08-20 11:39 <DIR> d-------- C:\WINDOWS\SchCache
2007-08-20 11:39 <DIR> d-------- C:\DOCUME~1\JUST~1.MET\Pulpit
2007-08-20 11:39 <DIR> d-------- C:\DOCUME~1\JUST~1.MET\DANEAP~1\SampleView
2007-08-20 09:21 <DIR> d-------- C:\Program Files\SkanerOnline
2007-08-17 12:31 442,368 --a------ C:\WINDOWS\system32\Kopia sqlsrv32.dll
2007-08-14 14:32 <DIR> d--h----- C:\WINDOWS\system32\GroupPolicy
2007-08-14 12:54 <DIR> d-------- C:\DOCUME~1\Just\DANEAP~1\Microsoft Games
2007-08-13 08:14 <DIR> d-------- C:\Program Files\XML Notepad 2007
2007-08-12 22:54 <DIR> d--h----- C:\LGFolder
2007-08-12 22:45 <DIR> d-------- C:\DOCUME~1\Just\DANEAP~1\LG Electronics
2007-08-12 22:42 <DIR> d-------- C:\Program Files\LG PC Suite
2007-08-12 22:39 39,248 --a------ C:\WINDOWS\system32\drivers\lgusbmodem.sys
2007-08-12 22:39 38,144 --a------ C:\WINDOWS\system32\drivers\lgusbdiag.sys
2007-08-12 22:39 21,344 --a------ C:\WINDOWS\system32\drivers\lgusbbus.sys
2007-08-12 22:39 <DIR> d-------- C:\Program Files\LG Electronics
2007-08-09 14:54 <DIR> d-------- C:\Program Files\SystemRequirementsLab
2007-08-06 18:14 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DANEAP~1\Age of Empires 3
2007-08-06 18:12 443,752 --a------ C:\WINDOWS\system32\d3dx10_34.dll
2007-08-06 18:12 3,497,832 --a------ C:\WINDOWS\system32\d3dx9_34.dll
2007-08-06 18:12 266,088 --a------ C:\WINDOWS\system32\xactengine2_8.dll
2007-08-06 18:12 18,280 --a------ C:\WINDOWS\system32\x3daudio1_2.dll
2007-08-06 18:12 1,124,720 --a------ C:\WINDOWS\system32\D3DCompiler_34.dll
2007-08-06 18:11 443,752 --a------ C:\WINDOWS\system32\d3dx10_33.dll
2007-08-06 18:11 3,495,784 --a------ C:\WINDOWS\system32\d3dx9_33.dll
2007-08-06 18:11 261,480 --a------ C:\WINDOWS\system32\xactengine2_7.dll
2007-08-06 18:11 255,848 --a------ C:\WINDOWS\system32\xactengine2_6.dll
2007-08-06 18:11 1,123,696 --a------ C:\WINDOWS\system32\D3DCompiler_33.dll
2007-08-06 18:06 <DIR> d-------- C:\Program Files\Microsoft Games
2007-08-06 10:09 <DIR> d-------- C:\DOCUME~1\Just\DANEAP~1\Ulead Systems
2007-08-06 10:04 <DIR> d-------- C:\Program Files\Common Files\InterVideo
2007-08-06 10:04 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DANEAP~1\InterVideo
2007-08-06 10:03 <DIR> d-------- C:\Program Files\Common Files\LightScribe
2007-08-06 09:59 <DIR> d-------- C:\Program Files\Ulead Systems
2007-08-06 09:59 <DIR> d-------- C:\Program Files\Common Files\Ulead Systems
2007-08-06 09:59 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DANEAP~1\Ulead Systems
2007-08-06 09:49 <DIR> d-------- C:\Program Files\PowerISO
2007-08-01 14:35 <DIR> d-------- C:\Program Files\RAR Password Cracker
2007-08-01 13:32 <DIR> d-a------ C:\DOCUME~1\ALLUSE~1\DANEAP~1\TEMP
2007-08-01 13:32 <DIR> d-------- C:\Program Files\Your Uninstaller 2006
2007-08-01 13:32 <DIR> d-------- C:\DOCUME~1\Just\DANEAP~1\URSoft
2007-08-01 08:10 <DIR> d-------- C:\DOCUME~1\Just\DANEAP~1\Password Manager
2007-07-31 21:07 15,872 --a------ C:\WINDOWS\system32\drivers\vd_filedisk.sys
2007-07-31 21:07 <DIR> d-------- C:\DOCUME~1\Just\DANEAP~1\HEXelon
2007-07-30 09:14 <DIR> d-------- C:\Program Files\Lavalys
2007-07-26 17:43 110,592 --a------ C:\WINDOWS\system32\ccrpbds6.dll
2007-07-26 17:43 <DIR> d-------- C:\Program Files\PIXresizer
2007-07-26 17:41 <DIR> d-------- C:\Program Files\DCE AutoEnhance
2007-07-26 07:30 <DIR> d-------- C:\download
2007-07-25 07:32 <DIR> d-------- C:\Program Files\TC UP
2007-07-25 07:17 <DIR> d-------- C:\tc.v7.01
2007-07-24 12:07 <DIR> d-------- C:\DOCUME~1\Just\DANEAP~1\AdobeUM
2007-07-24 11:41 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2007-07-24 11:41 251,672 --a------ C:\WINDOWS\system32\xactengine2_5.dll
2007-07-24 07:48 <DIR> d-------- C:\TotalCmd
2007-07-23 07:57 85,408 -ra------ C:\WINDOWS\system32\drivers\k510mgmt.sys
2007-07-23 07:57 83,344 -ra------ C:\WINDOWS\system32\drivers\k510obex.sys
2007-07-23 07:46 155,648 --a------ C:\WINDOWS\system32\libssl32.dll
2007-07-22 11:58 <DIR> d-------- C:\WINDOWS\speech
2007-07-22 00:46 <DIR> d-------- C:\Program Files\MarBit
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-08-20 13:35 --------- d-------- C:\Program Files\DAEMON Tools SearchBar
2007-08-16 09:06 --------- d-------- C:\Program Files\ivo
2007-08-16 09:06 --------- d-------- C:\Program Files\Digital Red
2007-08-14 12:52 --------- d-------- C:\Program Files\Winamp
2007-08-14 07:36 769 --ahs---- C:\WINDOWS\system32\mmf.sys
2007-08-13 22:35 --------- d--h----- C:\Program Files\InstallShield Installation Information
2007-08-06 10:03 --------- d-------- C:\Program Files\DivX
2007-08-05 21:48 --------- d-------- C:\Program Files\RM Converter
2007-08-05 19:43 --------- d-------- C:\Program Files\Ultra RM Converter
2007-08-01 10:22 --------- d-------- C:\DOCUME~1\Just\DANEAP~1\DivX
2007-07-23 07:58 --------- d-------- C:\DOCUME~1\Just\DANEAP~1\Teleca
2007-07-22 00:48 --------- d-------- C:\Program Files\DVDlabPro2
2007-07-20 14:52 --------- d-------- C:\Program Files\RegDoctor
2007-07-20 14:09 903238 --a------ C:\WINDOWS\IVO Glossary Uninstaller.exe
2007-07-20 12:28 --------- d-------- C:\Program Files\RapGet
2007-07-20 08:24 --------- d-------- C:\Program Files\CyberLink
2007-07-19 12:39 --------- d-------- C:\DOCUME~1\Just\DANEAP~1\Media Player Classic
2007-07-19 08:58 3583488 --a------ C:\WINDOWS\system32\dllcache\mshtml.dll
2007-07-18 23:39 --------- d-------- C:\Program Files\CDex_150b6
2007-07-17 13:08 8464 --a------ C:\WINDOWS\system32\sporder.dll
2007-07-17 10:22 1700352 --a------ C:\WINDOWS\system32\gdiplus.dll
2007-07-17 09:00 --------- d-------- C:\Program Files\Common Files\WhenU
2007-07-17 08:56 --------- d-------- C:\Program Files\Alcohol Soft
2007-07-17 08:55 685816 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2007-07-17 08:03 --------- d-------- C:\DOCUME~1\Just\DANEAP~1\Ahead
2007-07-17 07:24 --------- d-------- C:\Program Files\Super DVD Creator 9.30
2007-07-17 07:18 --------- d-------- C:\Program Files\UltraISO
2007-07-17 07:18 --------- d-------- C:\Program Files\Common Files\EZB Systems
2007-07-17 01:32 --------- d-------- C:\DOCUME~1\Just\DANEAP~1\Digital Red
2007-07-16 23:33 --------- d-------- C:\Program Files\Project Zoo
2007-07-16 23:22 26 --a------ C:\WINDOWS\winstart.bat
2007-07-16 23:22 123 --a------ C:\WINDOWS\tmpcpyis.bat
2007-07-16 23:22 122 --a------ C:\WINDOWS\tmpdelis.bat
2007-07-16 17:23 --------- d-------- C:\Program Files\PowerArchiver
2007-07-16 17:21 --------- d-------- C:\DOCUME~1\Just\DANEAP~1\WinRAR
2007-07-16 14:30 --------- d-------- C:\Program Files\Proxy Switcher Standard
2007-07-16 14:24 --------- d-------- C:\DOCUME~1\Just\DANEAP~1\WNR
2007-07-16 00:32 --------- d-------- C:\Program Files\Mplayer
2007-07-16 00:05 --------- d-------- C:\Program Files\Common Files\Ahead
2007-07-16 00:05 --------- d-------- C:\Program Files\Ahead
2007-07-15 00:10 --------- d-------- C:\Program Files\Sierra
2007-07-15 00:05 --------- d-------- C:\DOCUME~1\Just\DANEAP~1\InstallShield
2007-07-14 23:54 86016 --a------ C:\WINDOWS\system32\OpenAL32.dll
2007-07-14 23:54 413696 --a------ C:\WINDOWS\system32\wrap_oal.dll
2007-07-14 23:50 --------- d-------- C:\Program Files\ND Games
2007-07-14 23:45 108144 --a------ C:\WINDOWS\system32\CmdLineExt.dll
2007-07-14 23:45 --------- dr-h----- C:\DOCUME~1\Just\DANEAP~1\SecuROM
2007-07-14 23:38 --------- d-------- C:\Program Files\PlayLogic
2007-07-14 23:37 --------- d-------- C:\Program Files\OpenAL
2007-07-13 01:32 765952 --a------ C:\WINDOWS\system32\dllcache\vgx.dll
2007-07-12 10:49 --------- d-------- C:\DOCUME~1\Just\DANEAP~1\.BitTornado
2007-07-11 23:40 --------- d-------- C:\DOCUME~1\Just\DANEAP~1\Ankh
2007-07-11 23:04 48640 --a------ C:\WINDOWS\mmfs.dll
2007-07-11 13:50 --------- d-------- C:\DOCUME~1\Just\DANEAP~1\Real
2007-07-11 12:47 --------- d-------- C:\Program Files\ElcomSoft
2007-07-11 11:34 --------- d-------- C:\Program Files\Passware
2007-07-11 01:11 --------- d-------- C:\Program Files\MSXML 4.0
2007-07-11 00:43 --------- d-------- C:\Program Files\Team6
2007-07-11 00:42 --------- d-------- C:\Program Files\Barrel Mania
2007-07-10 19:09 --------- d-------- C:\Program Files\Project IGI
2007-07-10 11:40 --------- d-------- C:\DOCUME~1\Just\DANEAP~1\vlc
2007-07-10 11:39 --------- d-------- C:\Program Files\VideoLAN
2007-07-10 09:53 --------- d-------- C:\Program Files\BitComet
2007-07-10 08:56 --------- d-------- C:\DOCUME~1\Just\DANEAP~1\Gadu-Gadu
2007-07-10 08:28 54313 --a------ C:\Program Files\tor-bundle-uninstall.exe
2007-07-10 08:03 --------- d-------- C:\Program Files\Gadu-Gadu
2007-07-10 07:45 --------- d-------- C:\Program Files\K-Lite Codec Pack
2007-07-10 07:14 --------- d-------- C:\Program Files\INTERIAPL
2007-07-09 21:58 --------- d--h----- C:\Program Files\WindowsUpdate
2007-07-09 21:58 --------- d-------- C:\Program Files\Windows NT
2007-07-09 21:58 --------- d-------- C:\Program Files\Windows Media Connect
2007-07-09 21:58 --------- d-------- C:\Program Files\Synaptics
2007-07-09 21:58 --------- d-------- C:\Program Files\Sonic
2007-07-09 21:58 --------- d-------- C:\Program Files\MSN Gaming Zone
2007-07-09 21:58 --------- d-------- C:\Program Files\Movie Maker
2007-07-09 21:58 --------- d-------- C:\Program Files\microsoft frontpage
2007-07-09 21:58 --------- d-------- C:\Program Files\Messenger
2007-07-09 21:57 --------- d-------- C:\Program Files\Hp
2007-07-09 21:57 --------- d-------- C:\Program Files\Hewlett-Packard
2007-07-09 21:57 --------- d-------- C:\Program Files\Fingerprint Sensor
2007-07-09 21:57 --------- d-------- C:\Program Files\Common Files\TiVo Shared
2007-07-09 21:57 --------- d-------- C:\Program Files\Common Files\SureThing Shared
2007-07-09 21:57 --------- d-------- C:\Program Files\Common Files\SpeechEngines
2007-07-09 21:57 --------- d-------- C:\Program Files\Common Files\Sonic Shared
2007-07-09 21:57 --------- d-------- C:\Program Files\Common Files\ODBC
2007-07-09 21:57 --------- d-------- C:\Program Files\Common Files\MSSoap
2007-07-09 21:57 --------- d-------- C:\Program Files\Common Files\InstallShield
2007-07-09 21:57 --------- d-------- C:\Program Files\Analog Devices
2007-07-09 21:57 --------- d-------- C:\DOCUME~1\Just\DANEAP~1\SampleView
2007-07-09 21:55 --------- d-------- C:\DOCUME~1\Just\DANEAP~1\InterVideo
2007-07-09 20:33 --------- d-------- C:\Program Files\Codemasters
2007-07-09 20:16 21840 --a------ C:\WINDOWS\system32\SIntfNT.dll
2007-07-09 20:16 17212 --a------ C:\WINDOWS\system32\SIntf32.dll
2007-07-09 20:16 12067 --a------ C:\WINDOWS\system32\SIntf16.dll
2007-07-09 19:57 --------- d-------- C:\Program Files\directx
2007-07-09 17:50 --------- d-------- C:\Program Files\Common Files\Teleca Shared
2007-07-09 17:49 --------- d-------- C:\Program Files\Sony Ericsson
2007-07-09 17:49 --------- d-------- C:\Program Files\Common Files\Sony Ericsson Shared
2007-07-09 17:49 --------- d-------- C:\DOCUME~1\Just\DANEAP~1\Sony Ericsson
2007-07-09 15:56 --------- d-------- C:\Program Files\Neostrada TP
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsmqIntCert"="regsvr32 /s mqrt.dll" []
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2005-05-20 10:11]
"SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [2005-05-06 14:06]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]
"PTHOSTTR"="C:\Program Files\HPQ\HP ProtectTools Security Manager\PTHOSTTR.exe" [2006-02-14 11:56]
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 23:11]
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2005-08-31 05:20]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2005-11-10 20:04]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2006-03-23 14:17]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2006-03-23 14:13]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2006-03-23 14:17]
"hpWirelessAssistant"="C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2006-02-14 10:49]
"CognizanceTS"="C:\PROGRA~1\HPQ\IAM\Bin\AsTsVcc.dll" [2003-12-22 20:12]
"QlbCtrl"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-03-02 15:39]
"Cpqset"="C:\Program Files\HPQ\Default Settings\cpqset.exe" [2006-02-22 08:03]
"Recguard"="C:\WINDOWS\Sminst\Recguard.exe" [2005-12-20 15:51]
"Reminder"="C:\WINDOWS\Creator\Remind_XP.exe" [2006-01-23 16:11]
"Scheduler"="C:\WINDOWS\SMINST\Scheduler.exe" [2006-02-15 15:43]
"WatchDog"="C:\Program Files\InterVideo\DVD Check\DVDCheck.exe" [2005-11-08 11:59]
"NWTRAY"="NWTRAY.EXE" [2002-03-12 11:37 C:\WINDOWS\system32\nwtray.exe]
"Realtime Monitor"="C:\PROGRA~1\CA\ETRUST~1\realmon.exe" []
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2007-05-28 10:14]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2007-02-07 16:24]
"LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" [2007-02-07 16:21]
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2007-04-09 14:23]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-01-15 18:28]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 10:00]
"Twdw"="C:\DOCUME~1\Just\DANEAP~1\CROSOF~1.NET\nslookup.exe" []
"Ahgnaeqo"="C:\Program Files\?ymantec\?ttrib.exe" []
C:\Documents and Settings\Just\Menu Start\Programy\Autostart\
PowerReg Scheduler V3.exe [2007-07-09 19:56:33]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"CompatibleRUPSecurity"=1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoWelcomeScreen"=1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard]
C:\Program Files\HPQ\IAM\Bin\AsWlnPkg.dll 2005-07-25 20:41 40960 C:\Program Files\HPQ\IAM\Bin\AsWlnPkg.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 nwv1_0
"Notification Packages"= scecli AsWlnPkg
R0 NICM;Program obsługi komunikacji między usługami firmy Novell;C:\WINDOWS\system32\drivers\nicm.sys
R0 NWFILTER;Filtr ścieżki UNC firmy Novell;C:\WINDOWS\system32\NetWare\nwfilter.sys
R1 ISODrive;ISO DVD/CD-ROM Device Driver;\??\C:\Program Files\UltraISO\drivers\ISODrive.sys
R1 VD_FileDisk;VD_FileDisk;C:\WINDOWS\system32\drivers\VD_FileDisk.sys
R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B};\??\C:\Program Files\CyberLink\PowerDVD\000.fcl
R2 ASChannel;Local Communication Channel;C:\WINDOWS\System32\svchost.exe -k Cognizance
R2 MSMQ;Message Queuing;C:\WINDOWS\system32\mqsvc.exe
R2 MSMQTriggers;Message Queuing Triggers;C:\WINDOWS\system32\mqtgsvc.exe
R2 NetwareWorkstation;Klient Novell dla systemu Windows;C:\WINDOWS\system32\NetWare\nwfs.sys
R2 NWDHCP;Klient protokołu DHCP firmy Novell;C:\WINDOWS\system32\NetWare\nwdhcp.sys
R2 RESMGR;Menedżer zasobów firmy Novell NetWare;C:\WINDOWS\system32\NetWare\resmgr.sys
R2 SRVLOC;Lokalizacja usługi Novell;C:\WINDOWS\system32\NetWare\srvloc.sys
R3 AEAudioService;AEAudio Service;C:\WINDOWS\system32\drivers\AEAudio.sys
R3 HBtnKey;HBtnKey;C:\WINDOWS\system32\DRIVERS\cpqbttn.sys
R3 MQAC;Message Queuing access control;\??\C:\WINDOWS\system32\drivers\mqac.sys
R3 NWDNS;Moduł obsługi przestrzeni nazw serwera DNS firmy Novell;C:\WINDOWS\system32\NetWare\nwdns.sys
R3 NWHOST;Moduł obsługi przestrzeni nazw plików hosta firmy Novell;C:\WINDOWS\system32\NetWare\NWHOST.sys
R3 NWSLP;Moduł obsługi przestrzeni nazw SLP firmy Novell;C:\WINDOWS\system32\NetWare\nwslp.sys
R3 NWSNS;Proste usługi nazewnicze firmy Novell;C:\WINDOWS\system32\NetWare\NWSNS.sys
R3 RMCAST;Reliable Multicast Protocol driver;\??\C:\WINDOWS\system32\drivers\RMCast.sys
S2 LicCtrlService;LicCtrl Service;C:\WINDOWS\runservice.exe
S2 LogWatch;Event Log Watch;"C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe"
S2 NWSIPX32;Interfejs transportowy IPX/SPX firmy Novell NetWare;C:\WINDOWS\system32\NetWare\nwsipx32.sys
S3 CA_LIC_CLNT;CA License Client;"C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe"
S3 CA_LIC_SRVR;CA License Server;"C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe"
S3 cusrvc;Client Update Service for Novell;C:\WINDOWS\system32\cusrvc.exe
S3 k510bus;Sony Ericsson K510 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\k510bus.sys
S3 k510mdfl;Sony Ericsson K510 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\k510mdfl.sys
S3 k510mdm;Sony Ericsson K510 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\k510mdm.sys
S3 k510mgmt;Sony Ericsson K510 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\k510mgmt.sys
S3 k510obex;Sony Ericsson K510 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\k510obex.sys
S3 NWSAP;Moduł obsługi przestrzeni nazw SAP firmy Novell;C:\WINDOWS\system32\NetWare\NWSAP.sys
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Cognizance ASChannel
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
**************************************************************************
catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-08-21 08:14:13
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = C:\Program Files\HPQ\Default Settings\cpqset.exe?????? ???@???????????????@? ????g??????(?@???????@
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Completion time: 2007-08-21 8:15:32 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-08-21 08:15
--- E O F ---
Poprawiłam temat postu oraz sam post.
Proszę nie używać wielokrotnie ??, to na prawdę nie są ozdobniki.
Proszę pisać zgodnie z zasadami ortografii i interpunkcji języka polskiego.
Zdanie rozpoczynamy z dużej litery i kończymy kropką.
Dziękuję.
charm_spider
