Komp po wyłączeniu sam się włącza proszę o pomoc

k-pax · 22 Wrzesień 2007 22:04

Proszę o sprawdzenie loga

Logfile of HijackThis v1.99.1 Scan saved at 23:42:08, on 2007-09-22 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wscntfy.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Beniamin\tguard.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe C:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exe C:\PROGRA~1\Creative\MEDIAS~1\MtdAcqu.exe C:\Program Files\Art Plus\Wallpaper5\wallpaper.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\eMule\emule.exe C:\Program Files\Creative\MediaSource5\CTCMSu.exe C:\Program Files\Creative\MediaSource5\CtDetctu.exe F:\Instalki\ZABEZPIECZENIA\HijackThis.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza R3 - URLSearchHook: Secured_eMule toolbar - {1d1b60fd-b21f-4b9a-8a5f-64e8544828d7} - C:\Program Files\Secured_eMule\tbSecu.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Program Files\ShoppingReport\Bin\2.0.24\ShoppingReport.dll O2 - BHO: Secured_eMule toolbar - {1d1b60fd-b21f-4b9a-8a5f-64e8544828d7} - C:\Program Files\Secured_eMule\tbSecu.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O3 - Toolbar: Secured_eMule toolbar - {1d1b60fd-b21f-4b9a-8a5f-64e8544828d7} - C:\Program Files\Secured_eMule\tbSecu.dll O4 - HKLM…\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM…\Run: [ATIPTA] “C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe” O4 - HKLM…\Run: [ATICCC] “C:\Program Files\ATI Technologies\ATI.ACE\cli.exe” runtime O4 - HKLM…\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r O4 - HKLM…\Run: [P17Helper] Rundll32 P17.dll,P17Helper O4 - HKLM…\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM…\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM…\Run: [tguard] C:\Program Files\Beniamin\tguard.exe O4 - HKLM…\Run: [!AVG Anti-Spyware] “C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe” /minimized O4 - HKLM…\Run: [QuickTime Task] “C:\Program Files\QuickTime\qttask.exe” -atboottime O4 - HKLM…\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU…\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] “C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe” O4 - HKCU…\Run: [Creative MediaSource Go] “C:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exe” /SCB O4 - HKCU…\Run: [MtdAcqu] “C:\PROGRA~1\Creative\MEDIAS~1\MtdAcqu.exe” /s O4 - HKCU…\Run: [Art Plus Wallpaper Calendar] “C:\Program Files\Art Plus\Wallpaper5\wallpaper.exe” /a O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\Programy\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Programy\Office12\ONBttnIE.dll O9 - Extra ‘Tools’ menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Programy\Office12\ONBttnIE.dll O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\Programy\OFFICE11\REFIEBAR.DLL O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.0.24\ShoppingReport.dll O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.0.24\ShoppingReport.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe

LostWorld · 23 Wrzesień 2007 09:10

Odinstaluj ShoppingReport

Te wpisy kasujesz w HijackThis , natomiast pliki ręcznie.

k-pax · 23 Wrzesień 2007 13:12

Dzięki za wskazówki, wykonałem zalecenia, problem nie ustąpił.

Pojawił się nowy problem tj. zniekształcony dźwięk. Dotyczy to zarówno dźwięków systemu jak i muzyki. Problemy z dźwiękiem pojawiły się zanim skasowałem elementy w HijackThis.

Proszę o wytyczne, czy coś można zrobić, czy muszę przeinstalować system?

W załączeniu log z HijackThis:

Logfile of HijackThis v1.99.1 Scan saved at 14:57:50, on 2007-09-23 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wscntfy.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Beniamin\tguard.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe C:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exe C:\PROGRA~1\Creative\MEDIAS~1\MtdAcqu.exe C:\Program Files\Art Plus\Wallpaper5\wallpaper.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe F:\Instalki\ZABEZPIECZENIA\HijackThis.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll O4 - HKLM…\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM…\Run: [ATIPTA] “C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe” O4 - HKLM…\Run: [ATICCC] “C:\Program Files\ATI Technologies\ATI.ACE\cli.exe” runtime O4 - HKLM…\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r O4 - HKLM…\Run: [P17Helper] Rundll32 P17.dll,P17Helper O4 - HKLM…\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM…\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM…\Run: [tguard] C:\Program Files\Beniamin\tguard.exe O4 - HKLM…\Run: [!AVG Anti-Spyware] “C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe” /minimized O4 - HKLM…\Run: [QuickTime Task] “C:\Program Files\QuickTime\qttask.exe” -atboottime O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU…\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] “C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe” O4 - HKCU…\Run: [Creative MediaSource Go] “C:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exe” /SCB O4 - HKCU…\Run: [MtdAcqu] “C:\PROGRA~1\Creative\MEDIAS~1\MtdAcqu.exe” /s O4 - HKCU…\Run: [Art Plus Wallpaper Calendar] “C:\Program Files\Art Plus\Wallpaper5\wallpaper.exe” /a O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\Programy\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll (file missing) O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll (file missing) O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Programy\Office12\ONBttnIE.dll O9 - Extra ‘Tools’ menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Programy\Office12\ONBttnIE.dll O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\Programy\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe

Proszę o pomoc sam sobie z tym nie poradzę.

Gutek · 23 Wrzesień 2007 19:30

Daj log z ComboFix

k-pax · 23 Wrzesień 2007 20:06

Dzięki za zainteresowanie oto mój log z ComboFix:

“Arkadiusz” - 2007-09-23 21:52:46 - ComboFix 07-07-07.3 - Dodatek Service Pack 2 ((((((((((((((((((((((((( Files Created from 2007-08-23 to 2007-09-23 ))))))))))))))))))))))))))))))) 2007-09-23 02:07 2007-09-23 01:42 131,072 --a------ C:\WINDOWS\system32\dzip32.dll 2007-09-23 01:42 110,592 --a------ C:\WINDOWS\system32\dunzip32.dll 2007-09-23 01:24 2007-09-23 01:24 2007-09-16 17:36 17,920 --a------ C:\WINDOWS\system32\mdimon.dll 2007-09-16 17:34 2007-09-14 00:17 2007-09-14 00:16 2007-09-14 00:14 2007-08-26 22:08 934,576 --a------ C:\WINDOWS\system32\ltr13n.dll 2007-08-26 22:08 80,896 --a------ C:\WINDOWS\system32\lfwmf13s.dll 2007-08-26 22:08 79,360 --a------ C:\WINDOWS\system32\lfeps13s.dll 2007-08-26 22:08 74,752 --a------ C:\WINDOWS\system32\lfgif13s.dll 2007-08-26 22:08 73,728 --a------ C:\WINDOWS\system32\MMAviAx.dll 2007-08-26 22:08 70,144 --a------ C:\WINDOWS\system32\lfbmp13s.dll 2007-08-26 22:08 65,536 --a------ C:\WINDOWS\system32\lfpcx13s.dll 2007-08-26 22:08 64,000 --a------ C:\WINDOWS\system32\lftga13s.dll 2007-08-26 22:08 59,904 --a------ C:\WINDOWS\system32\lfpcd13s.dll 2007-08-26 22:08 466,624 --a------ C:\WINDOWS\system32\LTRPR13n.DLL 2007-08-26 22:08 44,544 --a------ C:\WINDOWS\system32\msxml4a.dll 2007-08-26 22:08 401,408 --a------ C:\WINDOWS\system32\pvmjpg30.dll 2007-08-26 22:08 393,728 --a------ C:\WINDOWS\system32\LFCMP13s.DLL 2007-08-26 22:08 32,768 --a------ C:\WINDOWS\system32\MLPagAx.dll 2007-08-26 22:08 304,816 --a------ C:\WINDOWS\system32\LTRIO13N.DLL 2007-08-26 22:08 283,136 --a------ C:\WINDOWS\system32\LFJ2K13s.dll 2007-08-26 22:08 204,881 --a------ C:\WINDOWS\system32\DiskIO.dll 2007-08-26 22:08 194,248 --a------ C:\WINDOWS\system32\LTRFD13n.DLL 2007-08-26 22:08 185,856 --a------ C:\WINDOWS\system32\lfpng13s.dll 2007-08-26 22:08 166,400 --a------ C:\WINDOWS\system32\lftif13s.dll 2007-08-26 22:08 155,721 --a------ C:\WINDOWS\system32\RALMain.dll 2007-08-26 22:08 116,224 --a------ C:\WINDOWS\system32\lffax13s.dll 2007-08-26 22:08 114,759 --a------ C:\WINDOWS\system32\Aviprax.dll 2007-08-26 22:08 110,080 --a------ C:\WINDOWS\system32\lfpsd13s.dll 2007-08-26 22:08 104,960 --a------ C:\WINDOWS\system32\lfpct13s.dll 2007-08-26 22:08 1,772,032 --a------ C:\WINDOWS\system32\LTCLR13s.dll 2007-08-26 22:07 2007-08-26 22:07 2007-08-26 22:06 89,088 --a------ C:\WINDOWS\system32\atl71.dll 2007-08-26 22:06 84,992 --a------ C:\WINDOWS\system32\ATL70.DLL 2007-08-26 22:06 57,856 --a------ C:\WINDOWS\system32\masd32.dll 2007-08-26 22:06 27,648 --a------ C:\WINDOWS\system32\ma32.dll 2007-08-26 22:06 196,096 --a------ C:\WINDOWS\system32\macd32.dll 2007-08-26 22:06 138,752 --a------ C:\WINDOWS\system32\mase32.dll 2007-08-26 22:06 136,192 --a------ C:\WINDOWS\system32\mamc32.dll 2007-08-26 22:05 974,848 --a------ C:\WINDOWS\system32\MFC70.DLL 2007-08-26 22:05 964,608 --a------ C:\WINDOWS\system32\MFC70U.DLL 2007-08-26 22:05 65,536 --a------ C:\WINDOWS\system32\MFC71DEU.DLL 2007-08-26 22:05 61,440 --a------ C:\WINDOWS\system32\MFC71ITA.DLL 2007-08-26 22:05 61,440 --a------ C:\WINDOWS\system32\MFC71FRA.DLL 2007-08-26 22:05 61,440 --a------ C:\WINDOWS\system32\MFC71ESP.DLL 2007-08-26 22:05 57,344 --a------ C:\WINDOWS\system32\MFC71ENU.DLL 2007-08-26 22:05 54,784 --a------ C:\WINDOWS\system32\MSVCI70.DLL 2007-08-26 22:05 49,152 --a------ C:\WINDOWS\system32\PCLEGetGuid.dll 2007-08-26 22:05 49,152 --a------ C:\WINDOWS\system32\MFC71KOR.DLL 2007-08-26 22:05 49,152 --a------ C:\WINDOWS\system32\MFC71JPN.DLL 2007-08-26 22:05 487,424 --a------ C:\WINDOWS\system32\MSVCP70.DLL 2007-08-26 22:05 45,056 --a------ C:\WINDOWS\system32\MFC71CHT.DLL 2007-08-26 22:05 40,960 --a------ C:\WINDOWS\system32\MFC71CHS.DLL 2007-08-26 22:05 344,064 --a------ C:\WINDOWS\system32\MSVCR70.DLL 2007-08-26 22:04 2007-08-26 22:03 14,165 --a------ C:\WINDOWS\system32\drivers\Pclepci.sys 2007-08-26 22:03 2007-08-26 22:03 2007-08-23 17:19 62,744 --a------ C:\WINDOWS\system32\xinput1_2.dll 2007-08-23 17:19 236,824 --a------ C:\WINDOWS\system32\xactengine2_3.dll 2007-08-23 17:19 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-09-22 22:47:36 -------- d-----w C:\Program Files\eMule 2007-09-22 22:40:46 80,032 ----a-w C:\WINDOWS\system32\perfc015.dat 2007-09-22 22:40:46 460,582 ----a-w C:\WINDOWS\system32\perfh015.dat 2007-09-16 19:28:40 -------- d-----w C:\Program Files\Picasa2 2007-09-06 10:09:49 801,144 ----a-w C:\WINDOWS\system32\aswBoot.exe 2007-09-06 10:05:25 92,848 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys 2007-09-06 10:05:10 94,416 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys 2007-09-06 10:03:02 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys 2007-09-06 10:02:20 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys 2007-09-06 10:00:53 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys 2007-09-06 10:00:07 95,608 ----a-w C:\WINDOWS\system32\AVASTSS.scr 2007-08-26 20:07:45 -------- d–h--w C:\Program Files\InstallShield Installation Information 2007-08-26 20:06:15 67 ----a-w C:\AUTOEXEC.BAT 2007-08-26 19:34:02 -------- d-----w C:\DOCUME~1\ARKADI~1\DANEAP~1\Skype 2007-08-09 11:26:44 20,480 ----a-w C:\WINDOWS\system32\ac3config.exe 2007-08-07 18:42:11 -------- d-----w C:\Program Files\EA GAMES 2007-08-02 03:50:15 -------- d-----w C:\DOCUME~1\ARKADI~1\DANEAP~1\AdobeUM 2007-07-31 20:38:59 -------- d-----w C:\Program Files\BitTorrent Fastest Tool 2007-07-31 20:20:02 -------- d-----w C:\Program Files\ffdshow 2007-07-31 19:51:30 -------- d-----w C:\DOCUME~1\ARKADI~1\DANEAP~1\WinRAR 2007-07-29 19:31:41 -------- d-----w C:\DOCUME~1\ARKADI~1\DANEAP~1\Lavasoft 2007-07-28 17:10:48 -------- d-----w C:\DOCUME~1\ARKADI~1\DANEAP~1\Help 2007-07-28 07:56:00 7,680 ----a-w C:\WINDOWS\system32\ff_vfw.dll 2007-07-28 07:56:00 60,273 ----a-w C:\WINDOWS\system32\pthreadGC2.dll 2007-07-03 19:36:52 81,920 ----a-w C:\DOCUME~1\ARKADI~1\DANEAP~1\ezpinst.exe 2007-07-03 19:36:52 47,360 ----a-w C:\DOCUME~1\ARKADI~1\DANEAP~1\pcouffin.sys ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE~\Browser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] 2003-05-12 00:47 50376 --a------ C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “avast!”=“C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe” [2007-09-06 12:06] “ATIPTA”=“C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe” [2005-06-28 21:05] “ATICCC”=“C:\Program Files\ATI Technologies\ATI.ACE\cli.exe” [2005-06-29 01:09] “CTSysVol”=“C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe” [2005-10-31 10:51] “P17Helper”=“P17.dll” [2005-05-03 13:38 C:\WINDOWS\system32\P17.dll] “High Definition Audio Property Page Shortcut”=“HDAShCut.exe” [2005-01-07 17:07 C:\WINDOWS\system32\HdAShCut.exe] “RTHDCPL”=“RTHDCPL.EXE” [2006-09-06 11:44 C:\WINDOWS\RTHDCPL.exe] “tguard”=“C:\Program Files\Beniamin\tguard.exe” [2006-11-26 23:32] “!AVG Anti-Spyware”=“C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe” [2007-06-11 11:25] “QuickTime Task”=“C:\Program Files\QuickTime\qttask.exe” [2007-06-16 08:06] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “CTFMON.EXE”=“C:\WINDOWS\system32\ctfmon.exe” [2004-08-04 00:44] “BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}”=“C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe” [2005-09-25 19:11] “Creative MediaSource Go”=“C:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exe” [2005-12-12 09:36] “MtdAcqu”=“C:\PROGRA~1\Creative\MEDIAS~1\MtdAcqu.exe” [2006-03-08 08:56] “Art Plus Wallpaper Calendar”=“C:\Program Files\Art Plus\Wallpaper5\wallpaper.exe” [2004-11-19 19:06] [HKEY_USERS.default\software\microsoft\windows\currentversion\run] “Picasa Media Detector”=C:\Program Files\Picasa2\PicasaMediaDetector.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] “{57B86673-276A-48B2-BAE7-C6DBB3020EB8}”=“C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll” [2007-05-30 14:29] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Driver] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Guard] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^ATI CATALYST – pasek zadań.lnk] path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\ATI CATALYST – pasek zadań.lnk backup=C:\WINDOWS\pss\ATI CATALYST – pasek zadań.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^KODAK Software Updater.lnk] path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\KODAK Software Updater.lnk backup=C:\WINDOWS\pss\KODAK Software Updater.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Oprogramowanie Kodak EasyShare.lnk] path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Oprogramowanie Kodak EasyShare.lnk backup=C:\WINDOWS\pss\Oprogramowanie Kodak EasyShare.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Arkadiusz^Menu Start^Programy^Autostart^Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk] path=C:\Documents and Settings\Arkadiusz\Menu Start\Programy\Autostart\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk backup=C:\WINDOWS\pss\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg!AVG Anti-Spyware] “C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe” /minimized [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Art Plus Wallpaper Calendar] “C:\Program Files\Art Plus\Wallpaper5\wallpaper.exe” /a [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative WebCam Tray] “C:\Program Files\Creative\Shared Files\CamTray.exe” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu] “C:\Program Files\Gadu-Gadu\gg.exe” /tray [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HEXelon MAX] “F:\Instalki\Użytki\HEXelonMAX6\hexelon.exe” /auto [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] “C:\Program Files\Skype\Phone\Skype.exe” /nosplash /minimized [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] “C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TRIXX] “C:\Program Files\TRIXX\TRIXX.exe” -s [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Twoje TVN24] “C:\Program Files\Pasek TVN24\PasekTVN24.exe” ************************************************************************** catchme 0.3.915 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-09-23 21:57:31 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes … scanning hidden autostart entries … scanning hidden files … scan completed successfully hidden files: 0 ************************************************************************** Completion time: 2007-09-23 21:59:04 C:\ComboFix-quarantined-files.txt … 2007-09-23 21:59 C:\ComboFix2.txt … 2007-09-23 00:29 C:\ComboFix3.txt … 2007-07-08 12:10 — E O F —

Proszę o wytyczne co mogę zrobić zanim przeinstaluję system?

Pozdrawiam!