Odmowa dostępu?!

[soltys007]

Witam niestety nie jestem jakimś ekspertem w dziedzinie komputerów dlatego zwracam się z prośbą....
użyłem combofix'a który wygenerwoał:

(nie wiem co jest nie moge wejść na dyski bo pojawia się odmowa dostępu co mam zrobić?) proszę o pomoc dziękuje

ComboFix 08-11-05.02 - Sołtys 2008-11-06 17:33:04.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.1625 [GMT 1:00]
Uruchomiony z: c:\documents and settings\Sołtys\Pulpit\ComboFix.exe
* Utworzono nowy punkt przywracania

UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA !!
.

((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\IE4 Error Log.txt
c:\windows\system32\Dvbpws.dll
D:\Autorun.inf
E:\Autorun.inf

.
((((((((((((((((((((((((( Pliki utworzone od 2008-10-06 do 2008-11-06 )))))))))))))))))))))))))))))))
.

2008-11-05 19:04 . 2008-11-05 19:04 <DIR> d--h----- c:\windows\PIF
2008-11-05 18:58 . 2008-11-06 13:35 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\Norton
2008-11-05 18:54 . 2008-11-05 18:54 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\NortonInstaller
2008-11-05 14:09 . 2003-07-18 13:58 516,784 -ra------ c:\windows\system32\XceedCry.dll
2008-11-05 14:09 . 2002-02-28 09:46 217,088 --a------ c:\windows\system32\DartSock.dll
2008-11-05 14:09 . 2002-02-21 10:12 118,784 --a------ c:\windows\system32\DartWeb.dll
2008-11-05 14:09 . 1998-06-18 00:00 89,360 --a------ c:\windows\system32\VB5DB.DLL
2008-11-05 14:09 . 1998-06-13 22:53 44,544 --a------ c:\windows\system32\Gif89.dll
2008-11-05 14:09 . 2002-04-12 13:19 28,672 --a------ c:\windows\system32\DartWeb.oca
2008-10-19 19:34 . 2008-10-19 19:38 <DIR> d-------- c:\documents and settings\Sołtys\Dane aplikacji\CyberLink
2008-10-12 18:41 . 2008-10-12 18:41 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\Cyberlink
2008-10-12 18:41 . 2006-06-04 14:48 198,144 --------- c:\windows\system32\_psisdecd.dll
2008-10-12 18:40 . 2006-06-04 14:48 44,544 --a------ c:\windows\system32\msxml4a.dll
2008-10-12 18:39 . 2006-06-04 14:48 1,047,552 --------- c:\windows\system32\MFC71u.dll
2008-10-12 18:39 . 2006-06-04 14:48 89,088 --------- c:\windows\system32\atl71.dll
2008-10-12 18:37 . 2008-10-12 18:41 <DIR> d-------- c:\program files\CyberLink
2008-10-12 18:37 . 2008-10-19 20:05 <DIR> d-------- C:\MyWorks
2008-10-06 16:05 . 2004-08-22 15:31 155,136 --a------ c:\windows\system32\drivers\d347bus.sys
2008-10-06 16:05 . 2004-08-22 15:31 5,248 --a------ c:\windows\system32\drivers\d347prt.sys
2008-10-06 16:04 . 2008-10-06 16:04 <DIR> d-------- c:\windows\Downloaded Installations

.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-05 13:09 --------- d--h--w c:\program files\InstallShield Installation Information
2008-10-01 18:16 7,780 ----a-w c:\documents and settings\Sołtys\FMCodec.dat
2008-10-01 18:16 7,780 ----a-w c:\documents and settings\Sołtys\FMCodec.dat
2008-10-01 18:16 4 ----a-w c:\documents and settings\Sołtys\WFSCHDL.dat
2008-10-01 18:16 4 ----a-w c:\documents and settings\Sołtys\WFSCHDL.dat
2008-09-30 06:46 292,309 ---ha-r c:\program files\Norton2009Reset.exe
2008-09-29 12:16 --------- d-----w c:\program files\Common Files\Ulead Systems
2008-09-18 12:21 --------- d-----w c:\program files\MSECache
2008-09-13 14:51 --------- d-----w c:\documents and settings\Sołtys\Dane aplikacji\ACD Systems
2008-09-13 14:51 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\ACD Systems
2008-09-09 22:51 --------- d-----w c:\program files\Microsoft Silverlight
2007-12-24 14:28 32 ----a-w c:\documents and settings\All Users\Dane aplikacji\ezsid.dat
.

((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]
"Creative Detector"="d:\programy\Creaive\Media Source\Detector\CTDetect.exe" [2004-10-05 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2007-06-01 823296]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-20 8462336]
"WinFastDTV"="d:\programy\WinFast\WFDTV\DTVSchdl.exe" [2007-12-21 90112]
"WinFast Schedule"="d:\programy\WinFast\WFDTV\WFWIZ.exe" [2008-02-21 2846720]
"DAEMON Tools-1033"="d:\programy\daemon\daemon.exe" [2004-08-22 81920]
"EverioService"="c:\program files\CyberLink\PCM4Everio\EverioService.exe" [2006-11-22 151552]
"nwiz"="nwiz.exe" [2007-06-20 c:\windows\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableStatusMessages"= 0 (0x0)

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Gamma Loader.lnk]
path=c:\documents and settings\All Users\Menu Start\Programy\Autostart\Adobe Gamma Loader.lnk
backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Bluetooth Manager.lnk]
path=c:\documents and settings\All Users\Menu Start\Programy\Autostart\Bluetooth Manager.lnk
backup=c:\windows\pss\Bluetooth Manager.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2007-05-11 13:06 40048 d:\programy\Adobe Reader\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKOSD2]
--a------ 2007-07-03 10:48 7708672 c:\program files\ATKOSD2\ATKOSD2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative Detector]
--------- 2004-10-05 08:52 98304 d:\programy\Creaive\Media Source\Detector\CTDetect.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelWireless]
--a------ 2007-06-01 10:49 974848 c:\program files\Intel\Wireless\Bin\iFrmewrk.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--------- 2004-08-04 00:55 1667584 c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2007-03-01 15:57 153136 c:\program files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
--a------ 2007-06-20 12:21 8462336 c:\windows\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
--a------ 2007-06-20 12:21 81920 c:\windows\system32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL]
--a------ 2006-11-22 17:31 630784 c:\program files\Motorola\SMSERIAL\sm56hlpr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
--a------ 2006-10-12 18:55 815104 c:\program files\Synaptics\SynTP\SynTPEnh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
--a------ 2005-05-03 18:43 69632 c:\windows\Alcmtr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EXPLORER.EXE]
--a------ 2004-08-03 23:44 1033728 c:\windows\explorer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
--a------ 2007-07-05 16:08 16380416 c:\windows\RTHDCPL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
--a------ 2007-06-15 16:45 1826816 c:\windows\SkyTel.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\GRY\\Sniper Elite\\SniperElite.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\CyberLink\\PCM4Everio\\PCM4Everio.exe"=
"c:\\Program Files\\CyberLink\\PCM4Everio\\EverioService.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\DRIVERS\l151x86.sys [2007-08-30 36864]
S2 .norton2009Reset;Norton2009 Reset;c:\program files\Norton2009Reset.exe [2008-09-30 292309]
S3 WFUSBIILE;WinFast PalmTop/Novo TV Pro Video;c:\windows\system32\drivers\wfremora.sys [2007-12-04 81536]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0a9aeddf-ee1f-11dc-b066-001cbf213ed8}]
\Shell\AutoRun\command - G:\xlu8a8sy.exe
\Shell\explore\Command - G:\xlu8a8sy.exe
\Shell\open\Command - G:\xlu8a8sy.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9c4ddf30-1ac0-11dd-b0bc-001d606a579b}]
\Shell\AutoRun\command - gy.cmd
\Shell\explore\Command - gy.cmd
\Shell\open\Command - gy.cmd

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d2f0ddd6-7ac8-11dd-b0ff-001d606a579b}]
\Shell\AutoRun\command - H:\EXPLORER.EXE
\Shell\explore\Command - H:\EXPLORER.EXE
\Shell\open\Command - H:\EXPLORER.EXE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e0d80f6b-5d7f-11dd-b0e8-001d606a579b}]
\Shell\AutoRun\command - G:\EXPLORER.EXE
\Shell\explore\Command - G:\EXPLORER.EXE
\Shell\open\Command - G:\EXPLORER.EXE

*Newly Created Service* - PROCEXP90

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Common Files\LightScribe\LSRunOnce.exe"
.
- - - - USUNIĘTO PUSTE WPISY - - - -

URLSearchHooks-{9CB65206-89C4-402c-BA80-02D8C59F9B1D} - c:\program files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
HKCU-Run-avpa - c:\windows\system32\avpo.exe
HKCU-Run-wsctf.exe - wsctf.exe
HKU-Default-RunOnce-<NO NAME> - (no file)
MSConfigStartUp-ZoneAlarm Client - d:\programy\ZoneAlarm\zlclient.exe
MSConfigStartUp-wsctf - wsctf.exe


.
------- Skan uzupełniający -------
.
FireFox -: Profile - c:\documents and settings\Sołtys\Dane aplikacji\Mozilla\Firefox\Profiles\t8xf5j8j.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - www.google.pl
.
.
------- Skojarzenia plików -------
.
inifile=%SystemRoot%\System32\NOTEPAD.EXE %1"
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-06 17:34:12
Windows 5.1.2600 Dodatek Service Pack 2 NTFS

skanowanie ukrytych procesów ...

skanowanie ukrytych wpisów autostartu ...

skanowanie ukrytych plików ...

skanowanie pomyślnie ukończone
ukryte pliki: 0

**************************************************************************
.
Czas ukończenia: 2008-11-06 17:34:45
ComboFix-quarantined-files.txt 2008-11-06 16:34:41

Przed: 15 790 305 280 bajtów wolnych
Po: 15,825,670,144 bajtów wolnych

169