Witamy na forum PC Format Zapraszamy do REJESTRACJI


Użytkownicy przeglądający ten wątek: 1 gości

denerwujacy komunikat - wloz dysk do stacji.....

#61
RE: denerwujacy komunikat - wloz dysk do stacji.....
http://up.wklej.org/download.php?id=4fd5...69e233bd7c
to ten plik hosts, zaraz wykonam pozostale czynnosci

hijackthis :
Kod:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:44:02, on 2008-11-15
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
D:\Program Files\WebrootSecurity\WRConsumerService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\nvsvc32.exe
D:\Program Files\WebrootSecurity\SpySweeper.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Razer\DeathAdder\razerhid.exe
D:\program files\steam.exe
C:\Documents and Settings\wlasciciel\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Razer\DeathAdder\razerofa.exe
C:\Program Files\Opera\Opera.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.poczta.o2.pl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\BitComet\tools\BitCometBHO_1.2.1.2.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] "C:\WINDOWS\system32\RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RTHDCPL] "C:\WINDOWS\RTHDCPL.EXE"
O4 - HKLM\..\Run: [NvMediaCenter] "C:\WINDOWS\system32\RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [DeathAdder] C:\Program Files\Razer\DeathAdder\razerhid.exe
O4 - HKCU\..\Run: [Gadu-Gadu] "D:\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [Steam] "d:\program files\steam.exe" -silent
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\wlasciciel\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Statystyki ochrony WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://D:\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing)
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{9EFD23DD-4721-4B7C-A6B3-F175A4E1F969}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. (www.webroot.com) - D:\Program Files\WebrootSecurity\SpySweeper.exe
O23 - Service: Webroot Client Service (WRConsumerService) - Webroot Software, Inc.  - D:\Program Files\WebrootSecurity\WRConsumerService.exe

--
End of file - 5836 bytes

combofix :
Kod:
ComboFix 08-11-13.01 - wlasciciel 2008-11-15  9:50:10.3 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.2.1250.1.1045.18.1560 [GMT 1:00]
Uruchomiony z: c:\documents and settings\wlasciciel\Moje dokumenty\Moja muzyka\ComboFix.exe
.

(((((((((((((((((((((((((   Pliki utworzone od 2008-10-15 do 2008-11-15  )))))))))))))))))))))))))))))))
.

2008-11-14 15:54 . 2008-11-14 15:54    <DIR>    d--------    c:\program files\Razer
2008-11-14 15:54 . 2006-11-23 05:55    73,728    --a------    c:\windows\system32\DeathAdder.cpl
2008-11-12 15:55 . 2008-11-13 17:41    <DIR>    d--------    c:\program files\Cobian Backup 9
2008-11-12 15:34 . 2008-11-12 15:34    <DIR>    d--------    c:\documents and settings\admin\Dane aplikacji\Webroot
2008-11-12 15:28 . 2008-11-12 15:28    <DIR>    d--------    c:\documents and settings\wlasciciel\Dane aplikacji\Webroot
2008-11-12 15:28 . 2008-11-12 15:30    <DIR>    d--------    c:\documents and settings\All Users\Dane aplikacji\Webroot
2008-11-12 15:28 . 2008-10-12 13:18    1,553,272    --a------    c:\windows\WRSetup.dll
2008-11-12 14:33 . 2008-11-12 14:33    <DIR>    d--------    c:\documents and settings\admin\Gadu-Gadu
2008-11-12 14:33 . 2008-11-12 14:33    <DIR>    d--------    c:\documents and settings\admin\Dane aplikacji\Gadu-Gadu
2008-11-11 17:56 . 2008-11-13 21:05    <DIR>    d--------    c:\program files\WinAVI Video Converter
2008-11-11 17:53 . 2008-11-11 17:53    <DIR>    d--------    c:\program files\DivX
2008-11-11 17:53 . 2008-11-11 17:53    <DIR>    d--------    c:\documents and settings\wlasciciel\.drdivx2
2008-11-11 17:13 . 2008-11-11 17:13    20    --a------    c:\windows\mafosav.INI
2008-11-11 15:37 . 2008-11-11 15:37    <DIR>    d--------    c:\documents and settings\admin\Pulpit
2008-11-11 15:37 . 2008-11-11 15:37    <DIR>    dr-------    c:\documents and settings\admin\Moje dokumenty
2008-11-11 15:37 . 2008-11-11 15:37    <DIR>    dr-------    c:\documents and settings\admin\Menu Start
2008-11-10 21:32 . 2008-11-10 21:32    <DIR>    d--------    c:\program files\Trend Micro
2008-11-10 10:09 . 2008-11-11 15:37    <DIR>    d--------    c:\documents and settings\admin\Dane aplikacji\Ventrilo
2008-11-09 22:40 . 2008-11-09 22:40    <DIR>    d--------    c:\documents and settings\admin\Dane aplikacji\PCToolsSpamMonitorPlus
2008-11-09 22:40 . 2008-11-09 22:40    <DIR>    d--------    c:\documents and settings\admin\Dane aplikacji\PCToolsFirewallPlus
2008-11-09 22:38 . 2008-11-15 09:51    <DIR>    d--h-----    c:\documents and settings\admin\Ustawienia lokalne
2008-11-09 22:38 . 2008-11-11 15:37    <DIR>    dr-------    c:\documents and settings\admin\Ulubione
2008-11-09 22:38 . 2008-11-11 15:37    <DIR>    d--h-----    c:\documents and settings\admin\Szablony
2008-11-09 22:38 . 2008-11-12 15:45    <DIR>    dr-h-----    c:\documents and settings\admin\Dane aplikacji
2008-11-09 22:38 . 2008-11-12 14:33    <DIR>    d--------    c:\documents and settings\admin
2008-11-09 22:29 . 2008-11-13 17:37    <DIR>    d--------    c:\program files\SkanerOnline
2008-11-09 21:17 . 2008-11-09 21:17    <DIR>    d--------    c:\documents and settings\LocalService\Menu Start
2008-11-09 20:53 . 2008-11-09 20:53    <DIR>    d--------    c:\documents and settings\wlasciciel\Dane aplikacji\PCToolsSpamMonitorPlus
2008-11-09 20:53 . 2008-11-09 20:53    <DIR>    d--------    c:\documents and settings\wlasciciel\Dane aplikacji\PCToolsFirewallPlus
2008-11-09 20:49 . 2008-11-13 17:38    <DIR>    d--------    c:\documents and settings\All Users\Dane aplikacji\PC Tools
2008-11-07 22:42 . 2008-11-07 22:42    <DIR>    d--------    C:\tuscan
2008-11-02 11:21 . 2008-11-03 18:05    24,944    --a------    c:\windows\system32\drivers\GVTDrv.sys
2008-10-29 15:22 . 2008-10-29 15:26    <DIR>    d--------    c:\documents and settings\wlasciciel\Dane aplikacji\Cream Software
2008-10-29 15:12 . 2008-10-29 15:12    <DIR>    d--------    c:\windows\system32\pl-pl
2008-10-29 15:10 . 2008-10-29 15:10    <DIR>    d--h-----    c:\windows\$hf_mig$
2008-10-26 11:06 . 2008-10-26 11:06    <DIR>    d--------    c:\documents and settings\All Users\Dane aplikacji\FLEXnet
2008-10-26 11:03 . 2008-10-26 11:03    <DIR>    d--------    c:\program files\Bonjour
2008-10-26 10:56 . 2008-10-26 10:56    <DIR>    d--------    c:\program files\Common Files\Macrovision Shared
2008-10-23 16:47 . 2008-10-23 16:47    <DIR>    d--------    c:\windows\system32\Logfiles
2008-10-23 16:47 . 2008-10-23 16:47    <DIR>    d--------    C:\Inetpub
2008-10-23 15:38 . 2008-10-23 15:38    <DIR>    d--------    c:\program files\Common Files\Adobe AIR
2008-10-23 15:13 . 2008-10-23 15:13    <DIR>    d--------    c:\documents and settings\wlasciciel\Dane aplikacji\KeePass
2008-10-23 14:50 . 1998-10-02 19:00    327,168    --a------    c:\windows\IsUninst.exe
2008-10-23 14:49 . 2008-11-13 21:11    <DIR>    d--------    c:\documents and settings\wlasciciel\et5-050204
2008-10-21 19:32 . 2008-11-13 21:07    <DIR>    d--------    c:\documents and settings\wlasciciel\Dane aplikacji\Kingston
2008-10-18 10:36 . 2008-10-18 10:36    <DIR>    d--------    c:\program files\zOrg
2008-10-17 13:16 . 2008-10-17 13:16    <DIR>    d--------    C:\1on1FM
2008-10-16 15:05 . 2008-10-16 15:05    <DIR>    d--------    c:\program files\Bandwidth Controller Standard Server
2008-10-16 15:05 . 2008-10-16 15:05    <DIR>    d--------    c:\program files\Bandwidth Controller Standard Client

.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-15 08:51    69,517,088    --sha-w    c:\windows\system32\drivers\fidbox.dat
2008-11-15 08:51    2,276,640    --sha-w    c:\windows\system32\drivers\fidbox2.dat
2008-11-15 08:38    936,044    --sha-w    c:\windows\system32\drivers\fidbox.idx
2008-11-15 08:38    219,260    --sha-w    c:\windows\system32\drivers\fidbox2.idx
2008-11-14 20:55    ---------    d-----w    c:\documents and settings\All Users\Dane aplikacji\Kaspersky Lab
2008-11-14 14:54    ---------    d--h--w    c:\program files\InstallShield Installation Information
2008-11-13 20:10    ---------    d-----w    c:\program files\s_merge
2008-11-13 20:09    ---------    d-----w    c:\program files\WinHTTrack
2008-11-13 20:09    ---------    d-----w    c:\program files\Winamp
2008-11-13 20:09    ---------    d-----w    c:\program files\Mouse Driver
2008-11-13 20:08    6,758,760    ----a-w    c:\program files\Firefox Setup 2.0.0.14.exe
2008-11-13 20:08    ---------    d-----w    c:\program files\Multimedia Card Reader
2008-11-13 20:06    ---------    d-----w    c:\program files\Network Stumbler
2008-11-13 18:55    143,360    ------r    c:\windows\Alcmtr.exe
2008-11-13 16:42    ---------    d-----w    c:\program files\MoorHunt
2008-11-13 16:41    ---------    d-----w    c:\program files\Common Files\AVSMedia
2008-11-13 16:38    ---------    d---a-w    c:\documents and settings\All Users\Dane aplikacji\TEMP
2008-11-13 15:53    235,520    ----a-w    c:\program files\Firefox_Portable_2.0.0.2_en-us.paf.exe
2008-11-13 13:38    ---------    d-----w    c:\program files\Opera
2008-11-11 17:29    ---------    d-----w    c:\program files\SpeedFan
2008-11-11 14:35    ---------    d-----w    c:\documents and settings\wlasciciel\Dane aplikacji\gtk-2.0
2008-11-09 21:39    ---------    d-----w    c:\program files\Microsoft FrontPage Express
2008-11-09 21:22    ---------    d-----w    c:\program files\ERUNT
2008-10-30 18:33    ---------    d-----w    c:\documents and settings\All Users\Dane aplikacji\TrackMania
2008-10-26 10:04    ---------    d-----w    c:\program files\Common Files\Adobe
2008-10-10 12:45    ---------    d-----w    c:\documents and settings\wlasciciel\Dane aplikacji\Sony
2008-10-10 12:45    ---------    d-----w    c:\documents and settings\wlasciciel\Dane aplikacji\Publish Providers
2008-10-10 12:41    ---------    d-----w    c:\program files\Vstplugins
2008-10-10 12:41    ---------    d-----w    c:\program files\Sony
2008-10-10 12:41    ---------    d-----w    c:\documents and settings\All Users\Dane aplikacji\Sony
2008-10-02 15:58    ---------    d-----w    c:\program files\Sony Setup
2008-10-02 15:50    ---------    d-----w    c:\program files\MSBuild
2008-10-02 15:48    ---------    d-----w    c:\program files\Reference Assemblies
2008-10-02 15:33    ---------    d-----w    c:\documents and settings\wlasciciel\Dane aplikacji\Sony Setup
2008-10-02 03:15    29,808    ----a-w    c:\windows\system32\drivers\ssfs0bbc.sys
2008-10-02 03:15    23,152    ----a-w    c:\windows\system32\drivers\sshrmd.sys
2008-10-02 03:15    170,608    ----a-w    c:\windows\system32\drivers\ssidrv.sys
2008-09-30 09:36    ---------    d-----w    c:\documents and settings\wlasciciel\Dane aplikacji\Dev-Cpp
2008-09-26 13:29    ---------    d-----w    c:\documents and settings\wlasciciel\Dane aplikacji\Locktime
2008-09-26 13:28    ---------    d-----w    c:\documents and settings\All Users\Dane aplikacji\Locktime
2008-09-22 12:37    ---------    d-----w    c:\program files\RALINK
2008-09-22 12:36    21,419    ----a-w    c:\windows\system32\drivers\AegisP.sys
2008-09-22 11:47    ---------    d-----w    c:\program files\Common Files\SWF Studio
2008-09-21 08:53    2,031,616    ----a-w    c:\windows\system32\xraidsetup.exe
2008-09-18 14:02    ---------    d-----w    c:\documents and settings\wlasciciel\Dane aplikacji\Skype
2008-09-18 13:50    ---------    d-----w    c:\documents and settings\wlasciciel\Dane aplikacji\skypePM
2008-09-07 15:21    0    ----a-w    c:\program files\AstonWriteTest.txt
2008-08-23 11:44    6,736,040    ----a-w    c:\program files\Opera_9.27_International_Setup.exe
2008-08-23 11:44    396,728    ----a-w    c:\program files\wmpfirefoxplugin.exe
2008-05-21 19:39    248    ----a-w    c:\program files\[u]0[/u]3.gif
2008-05-12 18:35    135,936    ----a-w    c:\program files\index.htm
2006-05-03 10:06    163,328    --sh--r    c:\windows\system32\flvDX.dll
2007-02-21 11:47    31,232    --sh--r    c:\windows\system32\msfDX.dll
2007-12-17 13:43    27,648    --sh--w    c:\windows\system32\Smab0.dll
2008-02-04 19:26    151,040    --sh--w    c:\windows\system32\VistaUltm.dll
.

(((((((((((((((((((((((((((((   snapshot@2008-11-13_21.22.23.23   )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-11-14 13:31:37    24,702,976    ----a-w    c:\windows\ERDNT\AutoBackup\2008-11-14\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-11-14 13:31:38    184,320    ----a-w    c:\windows\ERDNT\AutoBackup\2008-11-14\Users\[u]0[/u]0000002\UsrClass.dat
+ 2008-11-15 08:32:04    24,768,512    ----a-w    c:\windows\ERDNT\AutoBackup\2008-11-15\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-11-15 08:32:05    184,320    ----a-w    c:\windows\ERDNT\AutoBackup\2008-11-15\Users\[u]0[/u]0000002\UsrClass.dat
- 2004-08-03 21:08:20    36,224    -c--a-w    c:\windows\system32\dllcache\hidclass.sys
+ 2004-08-03 22:08:20    36,224    -c--a-w    c:\windows\system32\dllcache\hidclass.sys
- 2004-08-03 21:08:18    24,960    -c--a-w    c:\windows\system32\dllcache\hidparse.sys
+ 2004-08-03 22:08:18    24,960    -c--a-w    c:\windows\system32\dllcache\hidparse.sys
- 2001-08-17 20:02:20    9,600    -c--a-w    c:\windows\system32\dllcache\hidusb.sys
+ 2001-08-17 21:02:20    9,600    -c--a-w    c:\windows\system32\dllcache\hidusb.sys
- 2005-03-03 17:47:42    31,104    ----a-w    c:\windows\system32\drivers\CYUSB.sys
+ 2005-03-03 18:47:42    31,104    ----a-w    c:\windows\system32\drivers\CYUSB.sys
- 2004-08-03 21:08:20    36,224    ----a-w    c:\windows\system32\drivers\hidclass.sys
+ 2004-08-03 22:08:20    36,224    ----a-w    c:\windows\system32\drivers\hidclass.sys
- 2004-08-03 21:08:18    24,960    ----a-w    c:\windows\system32\drivers\hidparse.sys
+ 2004-08-03 22:08:18    24,960    ----a-w    c:\windows\system32\drivers\hidparse.sys
- 2001-08-17 20:02:20    9,600    ----a-w    c:\windows\system32\drivers\hidusb.sys
+ 2001-08-17 21:02:20    9,600    ----a-w    c:\windows\system32\drivers\hidusb.sys
+ 2007-08-02 15:32:26    22,784    ----a-w    c:\windows\system32\ReinstallBackups\[u]0[/u]019\DriverFiles\dadder.sys
+ 2004-08-03 21:08:20    36,224    ----a-w    c:\windows\system32\ReinstallBackups\[u]0[/u]019\DriverFiles\i386\hidclass.sys
+ 2004-08-03 21:08:18    24,960    ----a-w    c:\windows\system32\ReinstallBackups\[u]0[/u]019\DriverFiles\i386\hidparse.sys
+ 2001-08-17 20:02:20    9,600    ----a-w    c:\windows\system32\ReinstallBackups\[u]0[/u]019\DriverFiles\i386\hidusb.sys
+ 2008-11-15 08:49:50    16,384    ----atw    c:\windows\temp\Perflib_Perfdata_890.dat
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\BackupIconOverlayId]
@="{2EE61E5C-8F94-4AAB-8A80-D2A8CD1FEDAD}"
[HKEY_CLASSES_ROOT\CLSID\{2EE61E5C-8F94-4AAB-8A80-D2A8CD1FEDAD}]
2008-10-12 13:11    238968    --a------    d:\program files\WebrootSecurity\Backup\CtxMenu_1_0_0_9.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Gadu-Gadu"="d:\gadu-gadu\gg.exe" [2007-11-14 2131392]
"Steam"="d:\program files\steam.exe" [2008-11-14 1484024]
"Google Update"="c:\documents and settings\wlasciciel\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe" [2008-10-23 133104]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-05-10 8429568]
"RTHDCPL"="c:\windows\RTHDCPL.EXE" [2007-07-05 16380416]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-05-10 81920]
"DeathAdder"="c:\program files\Razer\DeathAdder\razerhid.exe" [2007-09-07 159744]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]

c:\documents and settings\wlasciciel\Menu Start\Programy\Autostart\
ERUNT AutoBackup.lnk - c:\program files\ERUNT\AUTOBACK.EXE [2005-10-20 38912]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"= 1 (0x1)
"DisableRegistryTools"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 0 (0x0)
"NoFileAssociate"= 0 (0x0)
"NoResolveSearch"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.I420"= i420vfw.dll
"vidc.3iv2"= 3ivxVfWCodec.dll
"msacm.divxa32"= msaud32_divx.acm
"VIDC.HFYU"= huffyuv.dll
"VIDC.VP31"= vp31vfw.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^WinZip Quick Pick.lnk]
path=c:\documents and settings\All Users\Menu Start\Programy\Autostart\WinZip Quick Pick.lnk
backup=c:\windows\pss\WinZip Quick Pick.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DeathAdder]
--a------ 2007-09-07 15:54 159744 c:\program files\Razer\DeathAdder\razerhid.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 10:50 155648 c:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
--a------ 2007-05-10 23:03 8429568 c:\windows\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
--a------ 2007-05-10 23:03 81920 c:\windows\system32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
--a------ 2008-11-13 16:53 106496 c:\program files\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpySweeper]
--a------ 2008-10-12 13:18 6272888 d:\program files\WebrootSecurity\SpySweeperUI.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
--a------ 2003-12-13 01:50 33792 c:\program files\Winamp\winampa.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"KMWDSERVICE"=2 (0x2)
"AVP"=3 (0x3)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
"UacDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"UacDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\Gadu-Gadu\\gg.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"d:\\Program Files\\SteamApps\\pilu93\\counter-strike\\hl.exe"=
"d:\\Program Files\\SteamApps\\pilu93\\condition zero deleted scenes\\hl.exe"=
"e:\\totalcmd\\TOTALCMD.EXE"=
"d:\\Program Files\\Steam.exe"= d:\\program files\\steam.exe
"d:\\Program Files\\SteamApps\\pilu93\\condition zero\\hl.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"d:\\Program Files\\SteamApps\\pilu93\\dedicated server\\hlds.exe"=
"d:\\BitComet\\BitComet.exe"=
"e:\\WinGate6.2.0.112.EXE"=
"c:\\Program Files\\Teamspeak2_RC2\\server_windows.exe"=
"c:\\Program Files\\Adobe\\Teamspeak2_RC2\\server_windows.exe"=
"c:\\Program Files\\Opera\\Opera.exe"=
"e:\\TrackMania Nations ESWC\\TmNationsESWC.exe"=
"d:\\Program Files\\SteamApps\\common\\trackmania nations forever\\TmForever.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Documents and Settings\\wlasciciel\\Pulpit\\azereus.exe"=
"c:\\WINDOWS\\RaidTool\\xInsIDE.exe"=
"c:\\Program Files\\Microsoft Office\\Office10\\OSA.EXE"=
"c:\\WINDOWS\\RTHDCPL.EXE"=
"c:\\WINDOWS\\system32\\userinit.exe"=
"c:\\WINDOWS\\ALCMTR.EXE"=
"c:\\WINDOWS\\system32\\netsh.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Program Files\\Razer\\DeathAdder\\razerofa.exe"=
"c:\\WINDOWS\\system32\\ctfmon.exe"=
"c:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\AcroRd32.exe"=
"d:\\Program Files\\WebrootSecurity\\SpySweeperUI.exe"=
"d:\\Gadu-Gadu\\agent.exe"=
"c:\\Program Files\\Winamp\\winamp.exe"=
"c:\\ComboFix\\Catchme.tmp"=
"c:\\WINDOWS\\VFIND.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"10213:TCP"= 10213:TCP:BitComet 10213 TCP
"10213:UDP"= 10213:UDP:BitComet 10213 UDP
"2918:UDP"= 2918:UDP:Windows Media Format SDK (wmplayer.exe)
"2919:UDP"= 2919:UDP:Windows Media Format SDK (wmplayer.exe)
"2921:UDP"= 2921:UDP:Windows Media Format SDK (wmplayer.exe)

R0 ssfs0bbc;ssfs0bbc;c:\windows\system32\DRIVERS\ssfs0bbc.sys [2008-10-02 29808]
R2 UxTuneUp;TuneUp Theme Extension;c:\windows\System32\svchost.exe [2004-08-03 14336]
R2 WRConsumerService;Webroot Client Service;d:\program files\WebrootSecurity\WRConsumerService.exe [2008-10-12 1066360]
R3 abp470n5;abp470n5;c:\windows\system32\drivers\igqikk.sys [ ]
R3 DAdderFltr;DeathAdder Mouse;c:\windows\system32\drivers\dadder.sys [2007-08-02 22784]
S3 cpuz130;cpuz130;c:\docume~1\WLASCI~1\USTAWI~1\Temp\cpuz130\cpuz_x32.sys [ ]
S3 NSNDIS5;NSNDIS5 NDIS Protocol Driver;c:\windows\system32\NSNDIS5.SYS [2004-03-24 17280]
S3 TCCrystalCpuInfo;TCCrystalCpuInfo;c:\docume~1\WLASCI~1\USTAWI~1\Temp\TCCpuInfo.sys [ ]
S4 KMWDSERVICE;Keyboard And Mouse Communication Service;c:\program files\Mouse Driver\KMWDSrv.exe [2008-11-13 282624]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E4066320-E4AE-11CF-B1B0-00AA00BBAD66}]
rundll32.exe advpack.dll,LaunchINFSection %SystemRoot%\INF\fpxpress.inf,PerUserstub
.
Zawartość folderu 'Zaplanowane zadania'

2008-11-14 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2007\SystemOptimizer.exe [2007-08-02 18:35]

2008-11-14 c:\windows\Tasks\defragmentacja.job
- c:\documents and settings\wlasciciel\Moje dokumenty\defragmentacja.cmd [2008-06-11 16:49]

2008-11-14 c:\windows\Tasks\GoogleUpdateTaskUser.job
- c:\documents and settings\wlasciciel\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2008-10-23 16:15]
.
.
------- Skan uzupełniający -------
.
FireFox -: Profile - c:\documents and settings\wlasciciel\Dane aplikacji\Mozilla\Firefox\Profiles\w17cakha.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - www.counter-strike.pl
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-15 09:51:35
Windows 5.1.2600 Dodatek Service Pack 2 NTFS

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ...

skanowanie pomyślnie ukończone
ukryte pliki: 0

**************************************************************************
.
Czas ukończenia: 2008-11-15  9:52:50
ComboFix-quarantined-files.txt  2008-11-15 08:52:47
ComboFix2.txt  2008-11-14 21:36:58
ComboFix4.txt  2008-11-13 20:23:39
ComboFix5.txt  2008-11-15 08:49:53

Przed: 25,587,331,072 bajtów wolnych
Po: 25,567,264,768 bajtów wolnych

305

Dodam jeszcze ze hijackthisem tam mi kazales usunac cos zwiazane z rejestrem jak zauwazylem, niestety jak to zaznaczylem to wyskoczyl komunikat ze edytocja rejestru zostala wylaczona przez admina... Pozostale chyba sie usunely.

Co do ostatniego pytanie to jezcze mi nie dziala menedzer zadan, inne skanery online i niektore programy sie nie uruchamiają. chyba tyle.
 System operacyjny: windows_xp_2003 Przeglądarka: opera
#62
RE: denerwujacy komunikat - wloz dysk do stacji.....
Oprócz tego zablokowanego regedit i taskmgr, w logach nic już nie ma.

Pobierz SDFix.

1. Naciśnij dwa razy na plik SDFix.exe. Program wypakuje się na dysk systemowy – C:\SDFix
2. Uruchom ponownie komputer i wejdź do Trybu Awaryjnego (Przed bootowaniem Windowsa naciśnij F8).
3. Wejdź do folderu który utworzył SDFix i kliknij dwa razy na plik RunThis.bat
4. Naciśnij Y by narzędzie rozpoczęło proces usuwania szkodników.
5. Po zakończeniu usuwania program poprosi o wciśnięcie dowolnego klawisza na klawiaturze (Any Key). Po naciśnięciu komputer zostanie uruchomiony ponownie.
6. Po restarcie aplikacja uruchomi się ponownie. Kiedy w okienku pojawi się Finished, naciśnij dowolny klawisz, aby program zakończył pracę.
7. Na koniec pokaż log z programu znajdujący się w lokalizacji – C:\SDFix\Report.txt
Przy "problemach po aktualizacji do Win10" oraz problemach ze "spadkami FPS w CS:GO"
Nie pomagam.

 System operacyjny: windows_xp_2003 Przeglądarka: opera
#63
RE: denerwujacy komunikat - wloz dysk do stacji.....
Nie mam opcji nacisniecia y. Jak nacisne y i potwierdze enterem to sie program zamyka.
Tu screen; http://beta.wyslijto.pl/plik/pw0uqmhex4
 System operacyjny: windows_xp_2003 Przeglądarka: opera
#64
RE: denerwujacy komunikat - wloz dysk do stacji.....
RunThis.bat masz uruchomićw trybie awaryjnym
Przy "problemach po aktualizacji do Win10" oraz problemach ze "spadkami FPS w CS:GO"
Nie pomagam.

 System operacyjny: windows_xp_2003 Przeglądarka: opera
#65
RE: denerwujacy komunikat - wloz dysk do stacji.....
ha, i tu kolejny problem. Ok , naciskam f8 wybieram tryb awaryjny i enter. Nastepnie wybieram system windows xp profesional do uruchomienia, i za chwile wyskakuje takie cos jak sie np na ostro czaem kompa wylaczy i tam mam do wyboru tryb awaryjny, chyba jeszcze z wierszem polecen i siecią oraz na dole uruchom system normalnie. Jak wybiiore tryb awaryjny to znowu zaczyna sie ladowac i dzieje sie tak jak naciskalem za pierwszym razem tryb awaryjny i tak w kolko. jedynym rozwiazaniem uruchomienia windy jest w tym drugim ekranie nacisniecie uruchom system normalnie.
I co tu zrobic ?
 System operacyjny: windows_xp_2003 Przeglądarka: opera
#66
RE: denerwujacy komunikat - wloz dysk do stacji.....
uff..

pobierz, uruchom, poczekaj na wygenerowanie loga i sprawdź czy po tym awaryjny się włączy. loga pokaż na forum

http://download.bleepingcomputer.com/sUB...Repair.exe
Przy "problemach po aktualizacji do Win10" oraz problemach ze "spadkami FPS w CS:GO"
Nie pomagam.

 System operacyjny: windows_xp_2003 Przeglądarka: opera
#67
RE: denerwujacy komunikat - wloz dysk do stacji.....
Kod:
Reg export of SafeBoot key after repair:
========================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot]
"AlternateShell"="cmd.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\AppMgmt]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Base]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Boot Bus Extender]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Boot file system]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\CryptSvc]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\DcomLaunch]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\dmadmin]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\dmboot.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\dmio.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\dmload.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\dmserver]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\EventLog]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\File system]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Filter]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\HelpSvc]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Netlogon]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\PCI Configuration]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\PlugPlay]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\PNP Filter]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Primary disk]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\procexp90.Sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\PSEXESVC]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\RpcSs]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\SCSI Class]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\sermouse.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\sr.sys]
@="FSFilter System Recovery"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\SRService]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\System Bus Extender]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\vga.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\vgasave.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\WinMgmt]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]
@="Universal Serial Bus controllers"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]
@="CD-ROM Drive"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
@="DiskDrive"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]
@="Standard floppy disk controller"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
@="Hdc"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
@="Keyboard"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
@="Mouse"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]
@="PCMCIA Adapters"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
@="SCSIAdapter"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
@="System"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]
@="Floppy disk drive"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
@="Volume"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
@="Human Interface Devices"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\AFD]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\AppMgmt]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Base]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Boot Bus Extender]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Boot file system]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Browser]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\CryptSvc]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\DcomLaunch]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Dhcp]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\dmadmin]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\dmboot.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\dmio.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\dmload.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\dmserver]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\DnsCache]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\EventLog]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\File system]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Filter]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\HelpSvc]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\ip6fw.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\ipnat.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\LanmanServer]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\LanmanWorkstation]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\LmHosts]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Messenger]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NDIS]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NDIS Wrapper]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Ndisuio]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetBIOS]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetBIOSGroup]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetBT]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetDDEGroup]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Netlogon]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetMan]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Network]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetworkProvider]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NtLmSsp]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\PCI Configuration]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\PlugPlay]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\PNP Filter]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\PNP_TDI]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Primary disk]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\procexp90.Sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\PSEXESVC]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\rdpcdd.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\rdpdd.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\rdpwd.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\rdsessmgr]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\RpcSs]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\SCSI Class]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\sermouse.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\SharedAccess]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\sr.sys]
@="FSFilter System Recovery"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\SRService]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Streams Drivers]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\System Bus Extender]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Tcpip]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\TDI]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\tdpipe.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\tdtcp.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\termservice]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\vga.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\vgasave.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\WinMgmt]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\WZCSVC]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{36FC9E60-C465-11CF-8056-444553540000}]
@="Universal Serial Bus controllers"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}]
@="CD-ROM Drive"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}]
@="DiskDrive"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}]
@="Standard floppy disk controller"


edit:
A to juz jak mi sie udalo wejsc do trybu awaryjnego i zrobic to z sdfixem co mi mowiles, oto jego log:
Kod:
[b]SDFix: Version 1.240 [/b]
Run by wlasciciel on 2008-11-15 at 13:35

Microsoft Windows XP [Wersja 5.1.2600]
Running From: C:\SDFix

[b]Checking Services [/b]:


Restoring Default Security Values
Restoring Default Hosts File

Rebooting


[b]Checking Files [/b]:

No Trojan Files Found






Removing Temp Files

[b]ADS Check [/b]:



                                 [b]Final Check [/b]:

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-15 13:40:52
Windows 5.1.2600 Dodatek Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0
"h0"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC]
"p0"="D:\programy\DAEMON Tools Pro\"
"h0"=dword:00000000
"hdf12"=hex:40,3a,55,93,7a,86,a4,dd,23,d0,5a,b2,36,28,82,87,d7,95,10,1e,05,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001]
"a0"=hex:20,01,00,00,e2,90,68,5a,74,ea,b5,d3,f6,0b,a3,95,42,af,b1,fd,54,..
"hdf12"=hex:0e,3c,52,10,53,19,41,4b,03,2e,0e,9a,1b,91,47,db,80,8e,65,b4,15,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0]
"hdf12"=hex:77,6f,ba,f0,e7,16,e3,2f,6c,cc,20,2e,bd,1e,c0,44,12,af,a9,13,b2,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1]
"hdf12"=hex:a9,4b,1f,23,07,ab,80,3d,28,c8,9f,45,c0,7c,b2,8a,22,bb,20,ad,83,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq2]
"hdf12"=hex:a9,4b,1f,23,07,ab,80,3d,28,c8,9f,45,c0,7c,b2,8a,22,bb,20,ad,83,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq3]
"hdf12"=hex:a9,4b,1f,23,07,ab,80,3d,28,c8,9f,45,c0,7c,b2,8a,22,bb,20,ad,83,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq4]
"hdf12"=hex:a9,4b,1f,23,07,ab,80,3d,28,c8,9f,45,c0,7c,b2,8a,22,bb,20,ad,83,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq5]
"hdf12"=hex:a9,4b,1f,23,07,ab,80,3d,28,c8,9f,45,c0,7c,b2,8a,22,bb,20,ad,83,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq6]
"hdf12"=hex:a9,4b,1f,23,07,ab,80,3d,28,c8,9f,45,c0,7c,b2,8a,22,bb,20,ad,83,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq7]
"hdf12"=hex:a9,4b,1f,23,07,ab,80,3d,28,c8,9f,45,c0,7c,b2,8a,22,bb,20,ad,83,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC]
"p0"="D:\programy\DAEMON Tools Pro\"
"h0"=dword:00000000
"hdf12"=hex:40,3a,55,93,7a,86,a4,dd,23,d0,5a,b2,36,28,82,87,d7,95,10,1e,05,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001]
"a0"=hex:20,01,00,00,e2,90,68,5a,74,ea,b5,d3,f6,0b,a3,95,42,af,b1,fd,54,..
"hdf12"=hex:0e,3c,52,10,53,19,41,4b,03,2e,0e,9a,1b,91,47,db,80,8e,65,b4,15,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0]
"hdf12"=hex:77,6f,ba,f0,e7,16,e3,2f,6c,cc,20,2e,bd,1e,c0,44,12,af,a9,13,b2,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1]
"hdf12"=hex:a9,4b,1f,23,07,ab,80,3d,28,c8,9f,45,c0,7c,b2,8a,22,bb,20,ad,83,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq2]
"hdf12"=hex:a9,4b,1f,23,07,ab,80,3d,28,c8,9f,45,c0,7c,b2,8a,22,bb,20,ad,83,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq3]
"hdf12"=hex:a9,4b,1f,23,07,ab,80,3d,28,c8,9f,45,c0,7c,b2,8a,22,bb,20,ad,83,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq4]
"hdf12"=hex:a9,4b,1f,23,07,ab,80,3d,28,c8,9f,45,c0,7c,b2,8a,22,bb,20,ad,83,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq5]
"hdf12"=hex:a9,4b,1f,23,07,ab,80,3d,28,c8,9f,45,c0,7c,b2,8a,22,bb,20,ad,83,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq6]
"hdf12"=hex:a9,4b,1f,23,07,ab,80,3d,28,c8,9f,45,c0,7c,b2,8a,22,bb,20,ad,83,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq7]
"hdf12"=hex:a9,4b,1f,23,07,ab,80,3d,28,c8,9f,45,c0,7c,b2,8a,22,bb,20,ad,83,..

scanning hidden registry entries ...

scanning hidden files ...

C:\Documents and Settings\wlasciciel\Ustawienia lokalne\Temporary Internet Files\Content.IE5\1YQUH8LH\index[2].html 3838 bytes
C:\Documents and Settings\wlasciciel\Ustawienia lokalne\Temporary Internet Files\Content.IE5\B95WRK15\indexCASJMT41.php 6454 bytes
C:\Documents and Settings\wlasciciel\Ustawienia lokalne\Temporary Internet Files\Content.IE5\JS1CR2J5\index[1].html 2197 bytes
C:\Documents and Settings\wlasciciel\Ustawienia lokalne\Temporary Internet Files\Content.IE5\JS1CR2J5\indexCASI7PJ4.php 6051 bytes
C:\Documents and Settings\wlasciciel\Ustawienia lokalne\Temporary Internet Files\Content.IE5\JS1CR2J5\indexCAZ830Z0.php 15295 bytes
C:\Documents and Settings\wlasciciel\Ustawienia lokalne\Temporary Internet Files\Content.IE5\VXNVM19W\index[9].php 6041 bytes

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 6


[b]Remaining Services [/b]:




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\\Gadu-Gadu\\gg.exe"="D:\\Gadu-Gadu\\gg.exe:*:Enabled:ipsec"
"C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"D:\\Program Files\\SteamApps\\pilu93\\counter-strike\\hl.exe"="D:\\Program Files\\SteamApps\\pilu93\\counter-strike\\hl.exe:*:Enabled:Half-Life Launcher"
"D:\\Program Files\\SteamApps\\pilu93\\condition zero deleted scenes\\hl.exe"="D:\\Program Files\\SteamApps\\pilu93\\condition zero deleted scenes\\hl.exe:*:Enabled:Half-Life Launcher"
"E:\\totalcmd\\TOTALCMD.EXE"="E:\\totalcmd\\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"D:\\Program Files\\Steam.exe"="D:\\program files\\steam.exe:*:Enabled:ipsec"
"D:\\Program Files\\SteamApps\\pilu93\\condition zero\\hl.exe"="D:\\Program Files\\SteamApps\\pilu93\\condition zero\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
"D:\\Program Files\\SteamApps\\pilu93\\dedicated server\\hlds.exe"="D:\\Program Files\\SteamApps\\pilu93\\dedicated server\\hlds.exe:*:Enabled:HLDS Launcher"
"D:\\BitComet\\BitComet.exe"="D:\\BitComet\\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client"
"E:\\WinGate6.2.0.112.EXE"="E:\\WinGate6.2.0.112.EXE:*:Enabled:WinGate 6.2.0 Installation"
"C:\\Program Files\\Teamspeak2_RC2\\server_windows.exe"="C:\\Program Files\\Teamspeak2_RC2\\server_windows.exe:*:Enabled:Server"
"C:\\Program Files\\Adobe\\Teamspeak2_RC2\\server_windows.exe"="C:\\Program Files\\Adobe\\Teamspeak2_RC2\\server_windows.exe:*:Enabled:Server"
"C:\\Program Files\\Opera\\Opera.exe"="C:\\Program Files\\Opera\\Opera.exe:*:Enabled:ipsec"
"E:\\TrackMania Nations ESWC\\TmNationsESWC.exe"="E:\\TrackMania Nations ESWC\\TmNationsESWC.exe:*:Enabled:TmNationsESWC"
"D:\\Program Files\\SteamApps\\common\\trackmania nations forever\\TmForever.exe"="D:\\Program Files\\SteamApps\\common\\trackmania nations forever\\TmForever.exe:*:Enabled:TmForever"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\WINDOWS\\system32\\mmc.exe"="C:\\WINDOWS\\system32\\mmc.exe:*:Enabled:ipsec"
"C:\\Documents and Settings\\wlasciciel\\Pulpit\\azereus.exe"="C:\\Documents and Settings\\wlasciciel\\Pulpit\\azereus.exe:*:Enabled:azereus"
"C:\\WINDOWS\\RaidTool\\xInsIDE.exe"="C:\\WINDOWS\\RaidTool\\xInsIDE.exe:*:Enabled:ipsec"
"C:\\Program Files\\Microsoft Office\\Office10\\OSA.EXE"="C:\\Program Files\\Microsoft Office\\Office10\\OSA.EXE:*:Enabled:ipsec"
"C:\\WINDOWS\\RTHDCPL.EXE"="C:\\WINDOWS\\RTHDCPL.EXE:*:Enabled:ipsec"
"C:\\WINDOWS\\system32\\userinit.exe"="C:\\WINDOWS\\system32\\userinit.exe:*:Enabled:ipsec"
"C:\\WINDOWS\\ALCMTR.EXE"="C:\\WINDOWS\\ALCMTR.EXE:*:Enabled:ipsec"
"C:\\WINDOWS\\system32\\netsh.exe"="C:\\WINDOWS\\system32\\netsh.exe:*:Enabled:ipsec"
"C:\\Program Files\\Ventrilo\\Ventrilo.exe"="C:\\Program Files\\Ventrilo\\Ventrilo.exe:*:Enabled:ipsec"
"C:\\Program Files\\Razer\\DeathAdder\\razerofa.exe"="C:\\Program Files\\Razer\\DeathAdder\\razerofa.exe:*:Enabled:ipsec"
"C:\\WINDOWS\\system32\\ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe:*:Enabled:ipsec"
"C:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\AcroRd32.exe"="C:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\AcroRd32.exe:*:Enabled:ipsec"
"D:\\Program Files\\WebrootSecurity\\SpySweeperUI.exe"="D:\\Program Files\\WebrootSecurity\\SpySweeperUI.exe:*:Enabled:ipsec"
"D:\\Gadu-Gadu\\agent.exe"="D:\\Gadu-Gadu\\agent.exe:*:Enabled:ipsec"
"C:\\Program Files\\Winamp\\winamp.exe"="C:\\Program Files\\Winamp\\winamp.exe:*:Enabled:ipsec"
"C:\\ComboFix\\Catchme.tmp"="C:\\ComboFix\\Catchme.tmp:*:Enabled:ipsec"
"C:\\WINDOWS\\VFIND.exe"="C:\\WINDOWS\\VFIND.exe:*:Enabled:ipsec"
"C:\\DOCUME~1\\WLASCI~1\\USTAWI~1\\Temp\\winjkudrr.exe"="C:\\DOCUME~1\\WLASCI~1\\USTAWI~1\\Temp\\winjkudrr.exe:*:Enabled:ipsec"
"C:\\DOCUME~1\\WLASCI~1\\USTAWI~1\\Temp\\frbwui.exe"="C:\\DOCUME~1\\WLASCI~1\\USTAWI~1\\Temp\\frbwui.exe:*:Enabled:ipsec"
"C:\\DOCUME~1\\WLASCI~1\\USTAWI~1\\Temp\\winasoke.exe"="C:\\DOCUME~1\\WLASCI~1\\USTAWI~1\\Temp\\winasoke.exe:*:Enabled:ipsec"
"C:\\WINDOWS\\Explorer.EXE"="C:\\WINDOWS\\Explorer.EXE:*:Enabled:ipsec"
"C:\\DOCUME~1\\WLASCI~1\\USTAWI~1\\Temp\\bayt.exe"="C:\\DOCUME~1\\WLASCI~1\\USTAWI~1\\Temp\\bayt.exe:*:Enabled:ipsec"
"C:\\DOCUME~1\\WLASCI~1\\USTAWI~1\\Temp\\winkjmmyi.exe"="C:\\DOCUME~1\\WLASCI~1\\USTAWI~1\\Temp\\winkjmmyi.exe:*:Enabled:ipsec"
"C:\\DOCUME~1\\WLASCI~1\\USTAWI~1\\Temp\\winhjiupu.exe"="C:\\DOCUME~1\\WLASCI~1\\USTAWI~1\\Temp\\winhjiupu.exe:*:Enabled:ipsec"
"C:\\DOCUME~1\\WLASCI~1\\USTAWI~1\\Temp\\winlvbcsy.exe"="C:\\DOCUME~1\\WLASCI~1\\USTAWI~1\\Temp\\winlvbcsy.exe:*:Enabled:ipsec"
"C:\\DOCUME~1\\WLASCI~1\\USTAWI~1\\Temp\\winprlih.exe"="C:\\DOCUME~1\\WLASCI~1\\USTAWI~1\\Temp\\winprlih.exe:*:Enabled:ipsec"
"C:\\DOCUME~1\\WLASCI~1\\USTAWI~1\\Temp\\euiv.exe"="C:\\DOCUME~1\\WLASCI~1\\USTAWI~1\\Temp\\euiv.exe:*:Enabled:ipsec"
"C:\\DOCUME~1\\WLASCI~1\\USTAWI~1\\Temp\\wineblgb.exe"="C:\\DOCUME~1\\WLASCI~1\\USTAWI~1\\Temp\\wineblgb.exe:*:Enabled:ipsec"
"C:\\DOCUME~1\\WLASCI~1\\USTAWI~1\\Temp\\winhtlfl.exe"="C:\\DOCUME~1\\WLASCI~1\\USTAWI~1\\Temp\\winhtlfl.exe:*:Enabled:ipsec"
"C:\\DOCUME~1\\WLASCI~1\\USTAWI~1\\Temp\\winxyla.exe"="C:\\DOCUME~1\\WLASCI~1\\USTAWI~1\\Temp\\winxyla.exe:*:Enabled:ipsec"
"C:\\DOCUME~1\\WLASCI~1\\USTAWI~1\\Temp\\tqbfx.exe"="C:\\DOCUME~1\\WLASCI~1\\USTAWI~1\\Temp\\tqbfx.exe:*:Enabled:ipsec"
"C:\\DOCUME~1\\WLASCI~1\\USTAWI~1\\Temp\\winxnwbfe.exe"="C:\\DOCUME~1\\WLASCI~1\\USTAWI~1\\Temp\\winxnwbfe.exe:*:Enabled:ipsec"
"C:\\DOCUME~1\\WLASCI~1\\USTAWI~1\\Temp\\rfko.exe"="C:\\DOCUME~1\\WLASCI~1\\USTAWI~1\\Temp\\rfko.exe:*:Enabled:ipsec"
"C:\\DOCUME~1\\WLASCI~1\\USTAWI~1\\Temp\\wintfkudv.exe"="C:\\DOCUME~1\\WLASCI~1\\USTAWI~1\\Temp\\wintfkudv.exe:*:Enabled:ipsec"
"C:\\DOCUME~1\\WLASCI~1\\USTAWI~1\\Temp\\winkneefo.exe"="C:\\DOCUME~1\\WLASCI~1\\USTAWI~1\\Temp\\winkneefo.exe:*:Enabled:ipsec"
"C:\\DOCUME~1\\WLASCI~1\\USTAWI~1\\Temp\\wintryfwl.exe"="C:\\DOCUME~1\\WLASCI~1\\USTAWI~1\\Temp\\wintryfwl.exe:*:Enabled:ipsec"
"C:\\DOCUME~1\\WLASCI~1\\USTAWI~1\\Temp\\aosdy.exe"="C:\\DOCUME~1\\WLASCI~1\\USTAWI~1\\Temp\\aosdy.exe:*:Enabled:ipsec"
"C:\\DOCUME~1\\WLASCI~1\\USTAWI~1\\Temp\\aaxxy.exe"="C:\\DOCUME~1\\WLASCI~1\\USTAWI~1\\Temp\\aaxxy.exe:*:Enabled:ipsec"
"C:\\WINDOWS\\system32\\cmd.exe"="C:\\WINDOWS\\system32\\cmd.exe:*:Enabled:ipsec"
"C:\\WINDOWS\\system32\\rundll32.exe"="C:\\WINDOWS\\system32\\rundll32.exe:*:Enabled:ipsec"
"C:\\DOCUME~1\\WLASCI~1\\USTAWI~1\\Temp\\winvsprs.exe"="C:\\DOCUME~1\\WLASCI~1\\USTAWI~1\\Temp\\winvsprs.exe:*:Enabled:ipsec"
"C:\\DOCUME~1\\WLASCI~1\\USTAWI~1\\Temp\\winegvi.exe"="C:\\DOCUME~1\\WLASCI~1\\USTAWI~1\\Temp\\winegvi.exe:*:Enabled:ipsec"
"C:\\DOCUME~1\\WLASCI~1\\USTAWI~1\\Temp\\winfrwd.exe"="C:\\DOCUME~1\\WLASCI~1\\USTAWI~1\\Temp\\winfrwd.exe:*:Enabled:ipsec"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[b]Remaining Files [/b]:



[b]Files with Hidden Attributes [/b]:

Wed  3 May 2006       163,328 ..SHR --- "C:\WINDOWS\system32\flvDX.dll"
Wed 21 Feb 2007        31,232 ..SHR --- "C:\WINDOWS\system32\msfDX.dll"
Mon 17 Dec 2007        27,648 ..SH. --- "C:\WINDOWS\system32\Smab0.dll"
Mon  4 Feb 2008       151,040 ..SH. --- "C:\WINDOWS\system32\VistaUltm.dll"
Fri 31 Oct 2008         4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS00F6BC7C-50F5-441A-A3E0-71F0C5ACC63C.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS03494F5A-9EE1-46F0-8C63-14073AC95245.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS06EF0EA2-FFDB-49EF-A578-BB4196F92789.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS08285640-9E21-4824-B879-D4AB86162F70.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS0B5979D8-E858-44FB-A6C7-473B87B99236.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS0D15A13A-FE12-48EE-833F-6986EEC7B7BD.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS0EEFD3E9-6B86-4B7F-B2C2-BC1C054F79F0.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS0FF6BBC3-5A3D-46CC-8B33-7142601C2F0A.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS0F9F726A-4431-4226-A16E-D0BB7F0914C2.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS11ACFA87-FD18-4CBB-A2A0-7C5E73864F9A.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS1323D669-ABD9-4C7E-BC5E-E426DABEC230.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS156FA113-FC93-4376-8F0F-5D2306BADBD0.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS16C7A15A-033C-48D1-AE1D-2A4FE6B1D1BE.tmp"
Sat 15 Nov 2008        65,536 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS177D9903-66E2-47C4-8B8E-B5C48C0AA6CF.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS18FEF398-A83C-4721-9A20-851901FEF038.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS1893FBBB-908D-4992-8C3E-240858DCEF8A.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS25FB6952-033D-43EA-850B-94E6E862337C.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS28384942-2914-486E-A1EF-8A303E37DE0D.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS2AF20724-74A5-4309-9638-3686B46C7FD7.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS30549642-AF8A-4FCC-B23B-B42B6A6F51ED.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS326D6353-0B88-49A8-9999-D78CABE8BF67.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS3A9AE52B-24B0-41AD-805C-72BF0D9A0464.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS3A9A5608-6C3C-463C-B9A3-8526D0E97A38.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS4171B915-82B7-4DFE-A6B4-60347BEB56CA.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS46C86E9F-76DD-4AC2-B71A-9C92733A1605.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS4B75D6A1-4896-49B1-9042-D12267AA4EB0.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS4D02051C-B5F3-4364-A6AA-8418E1C20FBD.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS4D63E4CC-C642-4D9B-9AFC-0446D21ADFA1.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS526C7385-0F66-4DC5-A06D-EFADAEEB4FBD.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS52299615-BDA0-4204-8930-E2BFFEA335F4.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS53557966-C90D-4439-B6B0-362AFED8A6E5.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS58252953-866F-4B24-8E51-CEB86F82BFB4.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS5CFBC407-30E4-4DF6-AABD-4F63C730E701.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS5C33CF86-579B-4FE2-80AD-D2287935FCA3.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS5DC69AC5-55CE-474E-A929-5DAF5213161A.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS5F18C571-E771-4D27-B9C7-9E2E1278B25E.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS623B7FC9-606C-4299-9755-CE4039E60F48.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS67B8191C-118A-4725-8A8E-25B933D383C3.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS67845AB2-30D9-4148-A1E6-A4861C353ACE.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS6B54EB29-5F29-4C07-950B-CF128F89FA93.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS71EF7DEC-9A28-42E1-B96E-582737A76F13.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS757EF6F8-823C-49E2-AEA5-C0B7FDAA5823.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS768251DE-0A61-4533-ADFB-A76566D82B0B.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS77AEB2A6-8CA8-4DBA-A5B3-8FB6449618D3.tmp"
Sat 15 Nov 2008        65,536 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS79DC815A-32C2-4EE6-AC7B-334D0EA4B1E8.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS7B25F5B2-ADA8-4B23-82B6-1D585F691917.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS7DE42932-9AF4-4C5C-A87E-B34F888E6B67.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS80D8DE07-9CC2-4C3E-A100-6458A11F205E.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS83591AF9-4275-443D-AE90-92D31BCCAF65.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS84269B67-4D73-4099-B705-CD59F74E12B3.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS84AA8C05-C3AC-4313-8828-3D020B62036F.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS84DD50DA-A5A2-47A2-850F-ACB81AABF76F.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS84CC07E0-1E59-455C-9CDA-8E3CE396D5A7.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS86938F1F-735C-4405-9B1C-587A8B2E6246.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS90EA41B1-9A87-4B9C-AE18-91637655005C.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS939E91F5-ACD9-404D-9AA6-78DEFBE81ADE.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS943C6D70-23CD-43EE-B78D-076E0059909A.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS94BDFB6F-ABB1-490B-8E12-7838C26E8F22.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS9679982C-3381-436C-B456-78C774EDEE46.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS97ABF0BF-51C5-4F63-8B6C-C0C22CD00DFA.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS9AAD5D5E-84F6-4CD4-83E6-E3FE186ED4CE.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMS9CFC492F-A866-46ED-9AB8-B4B4604BF0B6.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMSA2E16C7D-1D32-457D-BF45-0DE62DBA1320.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMSA49A158F-D220-4A44-BBC9-8E4DBA90153E.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMSA8D3D46D-DBCD-4B05-A4C5-24C85B255F63.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMSA8C1315C-D224-4C9A-9A8E-72DA8D972BB7.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMSAA2915B0-4C06-4DF8-B5F0-460EA99E21D7.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMSABA73A75-2975-4A41-ADC9-AF51CDD85078.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMSB07DED32-ED12-487F-A60E-83CCAD4E43D1.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMSB2C29C64-76EC-4C60-AE8F-C9391361EB0D.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMSB635A26A-6A22-41FA-9C24-5CD28BB76FC2.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMSB8149686-DFB5-44F5-B725-5B2E93820BE1.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMSBA042CDE-2B63-4968-A2D6-EE937269E003.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMSBAE9C584-C9D9-4FF1-8B91-CBD908968CFE.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMSBB7CD146-FCC7-4DB1-9150-01F81EC85F2E.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMSC11D42CB-6116-44B2-B191-F670F27508F1.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMSC4909BB7-90DB-4CC7-A11D-ECB112FAC94C.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMSC6FAAB55-D03D-41B4-B123-1DFF2440054D.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMSC7CCDE10-B4FE-4F59-99CE-3A552E73F66B.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMSC7EF94C2-9530-4550-B6C3-9B1DEB700C7C.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMSC95EBA04-5492-4103-85DD-D31C17406DBF.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMSCDECAC22-0725-4242-B9AA-443B20F4873E.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMSCFF78216-DAFC-4ECC-89AC-3DFC4268DDA6.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMSCFB72CD2-EB77-4805-BE22-F80F627FCD72.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMSD09D63FB-BC2A-4223-95D7-F622D35A0DE0.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMSD09014A0-94F0-4BEB-AE21-39215DE60538.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMSD11C545C-643B-4BD9-8558-84027CAE535B.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMSD25EC7BC-D9E4-46ED-AA01-B81951D0396A.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMSD2B1F5B9-47EA-4E6E-A874-6018AD242203.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMSD2CE7773-24EB-4146-A7F0-83ACBC3CF468.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMSD672FFB6-F6F8-471C-A371-795AE26A8174.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMSDBB7B224-CFE3-45A3-B5FF-E339AA2F08EA.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMSDF9A2B96-55D4-4908-847D-8EC1534F22D0.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMSE59C63AF-6DA5-44FD-AEC7-6F53D4E01E24.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMSE549B144-D9C5-44AD-B998-07A425F306EA.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMSEC97C8AE-E773-40BB-A965-7E95FB841CC9.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMSECB67FEA-1CCA-4FEB-810B-768C575678C6.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMSED47B52D-D4D2-47B5-BA76-44B10ED78791.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMSEE5770E6-6679-4CEF-AB40-C64511974D63.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMSF1E76D08-2E3B-4F07-BEB4-C916819D6E1A.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMSF58CBBAB-4F55-4DFE-BDC8-F5B8792214E6.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMSF6385572-E93A-40DE-AF53-CDDE22A73510.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMSF836032A-F8AE-4818-A1C2-6F6732BE1D43.tmp"
Sat 15 Nov 2008             0 A..H. --- "C:\WINDOWS\temp\wrstemp\SSMSFBDBDB0B-B156-48E0-BB90-449A2AA77465.tmp"
Tue 21 Oct 2008     1,912,832 A..H. --- "C:\Documents and Settings\wlasciciel\Dane aplikacji\Kingston\securetravelera.exe"
Tue 21 Oct 2008     3,309,568 A..H. --- "C:\Documents and Settings\wlasciciel\Dane aplikacji\Kingston\securetravelerb.exe"
Tue 21 Oct 2008     1,921,024 A..H. --- "C:\Documents and Settings\wlasciciel\Dane aplikacji\Kingston\tmp\securetravelera.exe"
Tue 21 Oct 2008     3,305,472 A..H. --- "C:\Documents and Settings\wlasciciel\Dane aplikacji\Kingston\tmp\securetravelerb.exe"

[b]Finished![/b]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
At="Hdc"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
At="Keyboard"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
At="Mouse"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}]
At="Net"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}]
At="NetClient"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}]
At="NetService"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}]
At="NetTrans"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}]
At="PCMCIA Adapters"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
At="SCSIAdapter"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
At="System"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}]
At="Floppy disk drive"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
At="Volume"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
At="Human Interface Devices"

========================

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\procexp90.Sys
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\PSEXESVC
[/code]
 System operacyjny: windows_xp_2003 Przeglądarka: opera
#68
RE: denerwujacy komunikat - wloz dysk do stacji.....
Ok. w takim razie w awaryjnym do użycia ATF Cleaner. Zaznacz pięć pierwszeych fajek i naciśnij Empty Selected

Rozumiem, że taskmgr i regedit działa?
Przy "problemach po aktualizacji do Win10" oraz problemach ze "spadkami FPS w CS:GO"
Nie pomagam.

 System operacyjny: windows_xp_2003 Przeglądarka: opera
#69
RE: denerwujacy komunikat - wloz dysk do stacji.....
regedit dalej to samo. a jak wcisne ctr alt delete to pisze ze wystapil blad z aplikacja taskmgr... blabla....
Wlasnie skanuje kasperem dysk C, juz 130 zainfekowanych plikow wykryl. Obawiam sie ze nie usunalem serca wirusa.
 System operacyjny: windows_xp_2003 Przeglądarka: opera
#70
RE: denerwujacy komunikat - wloz dysk do stacji.....
(15.11.2008, 15:45)joolz napisał(a): jak wcisne ctr alt delete to pisze ze wystapil blad z aplikacja taskmgr...
Pewnie znowu go zainfekowało.

Po wyleczeniu plików kasperskim, przeskanuj komputer Spybot Search & Destroy (powinien przywrócić regedit do stanu używalności- wykryje to jako nieprawidłowe ustawienie)
Przy "problemach po aktualizacji do Win10" oraz problemach ze "spadkami FPS w CS:GO"
Nie pomagam.

 System operacyjny: windows_xp_2003 Przeglądarka: opera
Programy: Polecane / Nowe / Inne



Użytkownicy forum szukali:
w stacji nie ma dysku. włóż dysk do stacji device harddisk dr2w stacji nie ma dysku. włóż dysk do stacji device harddisk dr3w stacji nie ma dysku. włóż dysk do stacjiw stacji nie ma dysku. włóż dysk do stacji device harddiskdwm.exe brak dyskuw stacji nie ma dysku. włóż dysk do stacji device harddisk1 dr1device/harddisk1/dr3rundll32.exe włóż dysk do stacjiw stacji nie ma dysku acrord32.execo oznacza deviceharddisk

Podobne wątki (denerwujacy komunikat - wloz dysk do stacji.....)
Wątek: Autor Odpowiedzi: Wyświetleń: Ostatni post
Question Komputer nie widzi Stacji dysków CD/DVD MaxSkilZZ 5 6160 18.08.2015, 15:12
Ostatni post: Extra_93
  brak wymaganego sterownika urządzenia stacji dysków cd dvd gregorio99 3 3665 11.04.2014, 20:40
Ostatni post: broda99
  Dlugie włączanie/wyłaczanie się komputera/brak stacji dysków cd-rom. oliwia 6 4125 10.11.2013, 20:48
Ostatni post: kamil77

Skocz do:


Wybrane wątki (denerwujacy komunikat - wloz dysk do stacji.....)
Wątek: Autor Odpowiedzi: Wyświetleń: Ostatni post
  Automatyczne włączanie proxy 127.0.0.1 W o j a k 2 4628 28.10.2018 22:58
Ostatni post: W o j a k
  Słaby laptop - lepiej linux czy windows 10? Hang 13 10204 26.10.2018 17:38
Ostatni post: kamel16
  Instalacja systemu na HP Compaq 6005 Pro todo 2 5007 26.10.2018 05:27
Ostatni post: Michu_PL
  ŁĄCZNOŚĆ qwenn1239 1 4120 25.10.2018 14:58
Ostatni post: broda99
  Nowa instalacja W10 - brak ciemnego motywu w eksploratorze lucas7911 2 5863 25.10.2018 13:14
Ostatni post: lucas7911
  Rozszerzenie partycji systemowej. showtime90 1 4352 25.10.2018 00:20
Ostatni post: Officer Crabtree
  Powiększenie video przy odtwarzaniu maciomen201 1 4318 24.10.2018 12:57
Ostatni post: maciomen201
  Instalacja Windows 7, system nie widzi myszki i klawiatury. torcher15 0 4179 24.10.2018 11:41
Ostatni post: torcher15
Ściana Walka z Origin. Crossive 1 4750 14.10.2018 23:54
Ostatni post: Crossive
Question Dziwne zachowanie klawiatury numerycznej RobertIS 0 4359 14.10.2018 08:11
Ostatni post: RobertIS
  Własny Trainer david003 2 4541 13.10.2018 21:43
Ostatni post: david003
  Emulator PS3 na PC david003 1 4642 12.10.2018 22:26
Ostatni post: pieterman09
  Emulator XBOX 360 na pc david003 5 6852 12.10.2018 22:25
Ostatni post: pieterman09
  windows 10 1809 mordox 4 5601 12.10.2018 20:20
Ostatni post: mordox
  Explorer,exe przestał działać, usługa Windows Update nie została uruchomiona. wilk977 0 907 11.10.2018 11:00
Ostatni post: wilk977