Spowolniony Komputer i wolno działajacy internet

Dla specjalistów Bezpieczeństwo
#1

Witam

Od kilku dni mam problem z wolno działającym kompem. Dodatkowo generowane sa jakieś dziwne pakiety. Czy ktoś może przejrzeć log z combofixa?

ComboFix 10-06-15.03 - Kazik 2010-06-16 18:22:46.1.2 - x86

Microsoft Windows 7 Professional 6.1.7600.0.1250.48.1045.18.3071.2451 [GMT 2:00]

Uruchomiony z: c:\users\Kazik\Desktop\ComboFix.exe

.


((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))

.


c:\windows\system32\setup.ini


.

((((((((((((((((((((((((( Pliki utworzone od 2010-05-16 do 2010-06-16 )))))))))))))))))))))))))))))))

.


2010-06-16 16:29 . 2010-06-16 16:29	--------	d-----w-	c:\users\Kazik\AppData\Local\temp

2010-06-16 16:29 . 2010-06-16 16:29	--------	d-----w-	c:\users\Default\AppData\Local\temp

2010-06-15 16:08 . 2010-06-15 16:08	133648 begin_of_the_skype_highlighting              08 133648      end_of_the_skype_highlighting	----a-w-	c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav9exec\9.0.0.736\mmpprtc.dll

2010-06-15 16:08 . 2010-06-15 16:08	133720	----a-w-	c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.736\mmpprtc.dll

2010-06-11 22:07 . 2010-06-02 02:55	74072	----a-w-	c:\windows\system32\XAPOFX1_5.dll

2010-06-11 22:07 . 2010-06-02 02:55	527192	----a-w-	c:\windows\system32\XAudio2_7.dll

2010-06-11 22:07 . 2010-06-02 02:55	239960	----a-w-	c:\windows\system32\xactengine3_7.dll

2010-06-11 22:07 . 2010-05-26 09:41	470880	----a-w-	c:\windows\system32\d3dx10_43.dll

2010-06-11 22:07 . 2010-05-26 09:41	248672	----a-w-	c:\windows\system32\d3dx11_43.dll

2010-06-11 22:07 . 2010-05-26 09:41	2106216	----a-w-	c:\windows\system32\D3DCompiler_43.dll

2010-06-11 22:07 . 2010-05-26 09:41	1868128	----a-w-	c:\windows\system32\d3dcsx_43.dll

2010-06-11 22:07 . 2010-05-26 09:41	1998168	----a-w-	c:\windows\system32\D3DX9_43.dll

2010-06-11 22:07 . 2010-02-04 08:01	74072	----a-w-	c:\windows\system32\XAPOFX1_4.dll

2010-06-11 22:07 . 2010-02-04 08:01	528216	----a-w-	c:\windows\system32\XAudio2_6.dll

2010-06-11 22:07 . 2010-02-04 08:01	238936	----a-w-	c:\windows\system32\xactengine3_6.dll

2010-06-11 22:07 . 2010-02-04 08:01	22360	----a-w-	c:\windows\system32\X3DAudio1_7.dll

2010-06-11 21:54 . 2009-11-25 19:47	49472	----a-w-	c:\windows\system32\netfxperf.dll

2010-06-11 21:54 . 2009-11-25 19:47	99176	----a-w-	c:\windows\system32\PresentationHostProxy.dll

2010-06-11 21:54 . 2009-11-25 19:47	295264	----a-w-	c:\windows\system32\PresentationHost.exe

2010-06-11 21:54 . 2009-11-25 19:47	297808	----a-w-	c:\windows\system32\mscoree.dll

2010-06-11 21:54 . 2009-11-25 19:47	1130824	----a-w-	c:\windows\system32\dfshim.dll

2010-06-11 18:01 . 2010-06-11 18:01	--------	d-----w-	c:\windows\system32\URTTEMP

2010-06-10 18:26 . 2010-06-10 18:26	--------	d-----w-	c:\program files\Common Files\Skype

2010-06-09 23:01 . 2010-06-09 23:09	--------	d-----w-	c:\program files\Digital Photo Recovery

2010-06-09 22:38 . 2010-06-10 18:28	--------	d-----w-	c:\program files\Common Files\ACD Systems

2010-06-09 22:35 . 2010-06-09 22:35	--------	d-----w-	C:\Image Doctor

2010-06-08 22:01 . 2010-06-08 22:59	--------	d-----w-	c:\programdata\stamina

2010-06-07 23:24 . 2010-06-07 23:25	--------	d-----w-	c:\program files\Recuva

2010-06-07 23:20 . 2010-06-07 23:20	--------	d-----w-	c:\program files\Digital Image Recovery

2010-06-07 23:16 . 2010-06-07 23:16	--------	d-----w-	c:\program files\PC Inspector File Recovery

2010-06-05 19:14 . 2010-06-05 19:14	--------	d-----w-	c:\windows\system32\InsFiles

2010-06-04 15:01 . 2007-04-13 12:15	688864	----a-w-	c:\windows\system32\drivers\torususb.sys

2010-06-04 15:01 . 2007-03-21 15:29	167936	----a-w-	c:\windows\system32\stmctrl.dll

2010-06-04 15:01 . 2006-12-06 08:43	102400	----a-w-	c:\windows\stmtrace.exe

2010-06-04 15:01 . 2004-07-27 15:18	36864	----a-w-	c:\windows\system32\stmclean.exe

2010-06-04 15:01 . 2010-06-04 15:01	--------	d-----w-	c:\program files\ZTE ZXDSL 852

2010-06-04 15:01 . 2007-04-10 11:56	442368	----a-w-	c:\windows\system32\stmcfg32.dll

2010-06-04 15:01 . 2007-01-22 09:52	60533	----a-w-	c:\windows\system32\drivers\stmatm.sys

2010-06-04 15:01 . 2005-07-07 14:02	65536	----a-w-	c:\windows\DSLTest.exe

2010-06-04 14:45 . 2010-06-04 14:45	--------	d-----w-	C:\ZTE_ZXDSL_852_for_Vista_32bit

2010-06-03 19:52 . 2004-07-27 15:18	36864	----a-w-	c:\windows\StmClean.exe

2010-05-26 20:21 . 2010-05-26 20:21	1024	----a-w-	c:\windows\system32\pdf2word.DAT

2010-05-21 06:01 . 2009-06-22 16:58	89600	----a-w-	c:\windows\system32\Spool\prtprocs\w32x86\HPZPPLHN.DLL

2010-05-20 22:04 . 2001-10-28 14:42	116224	----a-w-	c:\windows\system32\pdfcmnnt.dll

2010-05-20 22:04 . 2010-05-20 22:05	--------	d-----w-	c:\program files\PDFCreator

2010-05-20 22:04 . 1998-07-05 22:00	23552	----a-w-	c:\windows\system32\MSMPIDE.DLL

2010-05-18 21:15 . 2010-05-18 21:16	--------	d-----w-	c:\temp\Office Visio Professional 2007 (Polish)

2010-05-18 08:23 . 2010-05-18 08:23	--------	d-----w-	c:\users\Kazik\AppData\Local\ElevatedDiagnostics

2010-05-18 08:22 . 2010-05-18 08:22	--------	d-----w-	c:\programdata\Hewlett-Packard

2010-05-18 08:22 . 2007-03-12 19:08	286208	----a-w-	c:\windows\system32\Spool\prtprocs\w32x86\hpzpp4wn.DLL

2010-05-18 07:41 . 2010-05-18 07:41	--------	d-----w-	C:\HP_CLJ_3600_Installer_English

2010-05-18 07:36 . 2006-09-17 23:57	19456	----a-w-	c:\windows\system32\Spool\prtprocs\w32x86\SSGH1pc.dll

2010-05-18 07:35 . 2006-12-03 23:25	22723	----a-w-	c:\windows\system32\SSGH1l3.dll

2010-05-18 07:35 . 2006-11-21 09:40	65536	----a-w-	c:\windows\system32\SSGH1ci.dll

2010-05-18 07:35 . 2006-11-20 06:22	151552	----a-w-	c:\windows\system32\SSGH1ci.exe

2010-05-18 07:34 . 2009-03-02 12:12	38400	------w-	c:\windows\system32\drivers\DGIVECP.SYS

2010-05-18 07:34 . 2010-05-18 07:34	--------	d-----w-	c:\temp\ML-2250_Win7_GDI

2010-05-17 23:44 . 2010-05-17 23:44	--------	d-----w-	c:\users\Kazik\AppData\Local\Google


.

(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-06-16 12:34 . 2010-03-07 08:36	--------	d-----w-	c:\programdata\Kaspersky Lab

2010-06-16 07:16 . 2009-07-14 08:07	747090	----a-w-	c:\windows\system32\perfh015.dat

2010-06-16 07:16 . 2009-07-14 08:07	159650	----a-w-	c:\windows\system32\perfc015.dat

2010-06-16 04:44 . 2010-03-22 23:14	--------	d-----w-	c:\users\Kazik\AppData\Roaming\uTorrent

2010-06-16 04:44 . 2010-03-07 10:25	--------	d-----w-	c:\users\Kazik\AppData\Roaming\Skype

2010-06-13 09:17 . 2010-05-09 06:54	--------	d-----w-	c:\users\Kazik\AppData\Roaming\DC++

2010-06-11 21:55 . 2010-03-07 13:06	--------	d-----w-	c:\program files\Microsoft.NET

2010-06-11 16:59 . 2010-04-25 08:28	--------	d-----w-	c:\program files\Microsoft Games

2010-06-10 18:27 . 2010-03-07 10:25	--------	d-----r-	c:\program files\Skype

2010-06-10 18:26 . 2010-03-07 10:25	--------	d-----w-	c:\programdata\Skype

2010-06-09 22:37 . 2010-03-13 18:52	--------	d-----w-	c:\users\Kazik\AppData\Roaming\BESTplayer

2010-06-07 23:16 . 2010-03-07 08:43	--------	d--h--w-	c:\program files\InstallShield Installation Information

2010-06-05 19:15 . 2010-03-07 09:08	140840	----a-w-	c:\users\Kazik\AppData\Local\GDIPFONTCACHEV1.DAT

2010-06-03 21:02 . 2010-03-07 10:29	--------	d-----w-	c:\program files\Google

2010-05-18 21:22 . 2010-03-07 13:01	--------	d-----w-	c:\programdata\Microsoft Help

2010-05-18 08:14 . 2010-05-18 08:14	--------	d-----w-	c:\program files\Common Files\Hewlett-Packard

2010-05-18 07:34 . 2010-05-07 11:33	--------	d-----w-	c:\program files\Samsung

2010-05-15 23:35 . 2010-04-09 19:25	--------	d-----w-	c:\program files\CCleaner

2010-05-09 22:41 . 2010-05-09 22:41	--------	d-----w-	c:\program files\Computer Alarm Clock

2010-05-09 06:49 . 2010-05-09 06:49	--------	d-----w-	c:\program files\DC++

2010-05-09 06:12 . 2010-05-09 06:12	--------	d-----w-	c:\users\Kazik\AppData\Roaming\Thinstall

2010-05-05 12:50 . 2010-03-07 08:37	97549	----a-w-	c:\windows\system32\drivers\klick.dat

2010-05-05 12:50 . 2010-03-07 08:37	113933	----a-w-	c:\windows\system32\drivers\klin.dat

2010-05-05 12:33 . 2010-03-07 12:47	--------	d-----w-	c:\program files\Common Files\Autodesk Shared

2010-05-05 12:33 . 2010-03-07 12:47	--------	d-----w-	c:\program files\AutoCAD 2009

2010-05-04 08:12 . 2010-05-04 08:12	--------	d-----w-	c:\program files\Common Files\Java

2010-05-04 08:12 . 2010-05-04 08:12	411368	----a-w-	c:\windows\system32\deployJava1.dll

2010-05-04 08:12 . 2010-05-04 08:12	--------	d-----w-	c:\program files\Java

2010-04-30 13:47 . 2010-04-30 13:47	1925088	----a-w-	c:\users\Kazik\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe

2010-04-30 13:37 . 2010-04-23 23:31	281760	----a-w-	c:\windows\system32\drivers\atksgt.sys

2010-04-30 13:37 . 2010-04-23 23:31	25888	----a-w-	c:\windows\system32\drivers\lirsgt.sys

2010-04-26 19:45 . 2010-04-26 19:45	--------	d-----w-	c:\program files\HP

2010-04-25 18:41 . 2010-03-07 10:27	--------	d-----w-	c:\users\Kazik\AppData\Roaming\skypePM

2010-04-24 18:17 . 2010-04-24 18:10	--------	d-----w-	c:\users\Kazik\AppData\Roaming\PC Suite

2010-04-24 18:17 . 2010-04-24 18:11	--------	d-----w-	c:\users\Kazik\AppData\Roaming\Nokia

2010-04-24 18:17 . 2010-04-24 18:17	0	---ha-w-	c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf

2010-04-24 18:16 . 2010-04-24 18:10	--------	d-----w-	c:\programdata\PC Suite

2010-04-24 18:12 . 2010-04-24 18:12	0	---ha-w-	c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf

2010-04-24 18:01 . 2010-04-24 18:01	--------	d-----w-	c:\program files\DIFX

2010-04-24 18:01 . 2010-04-24 18:01	--------	d-----w-	c:\program files\Common Files\PCSuite

2010-04-24 18:01 . 2010-04-24 18:01	--------	d-----w-	c:\program files\Common Files\Nokia

2010-04-24 18:01 . 2010-04-24 18:00	--------	d-----w-	c:\program files\Nokia

2010-04-24 18:00 . 2010-04-24 18:00	--------	d-----w-	c:\program files\PC Connectivity Solution

2010-04-24 17:59 . 2010-04-24 17:59	95232	----a-w-	c:\programdata\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\pcswpcsi.exe

2010-04-24 17:59 . 2010-04-24 17:59	8192	----a-w-	c:\programdata\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstCCD.exe

2010-04-24 17:59 . 2010-04-24 17:59	61440	----a-w-	c:\programdata\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstPCSFEMsi.exe

2010-04-24 17:59 . 2010-04-24 17:59	10240	----a-w-	c:\programdata\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstPCS.exe

2010-04-24 17:59 . 2010-04-24 17:59	--------	d-----w-	c:\programdata\Installations

2010-04-24 17:59 . 2010-04-24 17:59	34760920	----a-w-	c:\programdata\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Nokia_PC_Suite_pol_web.exe

2010-04-24 17:56 . 2010-04-24 17:56	0	---ha-w-	c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf

2010-04-23 06:34 . 2010-04-22 21:15	--------	d--h--w-	c:\program files\InstallJammer Registry

2010-04-20 22:28 . 2010-04-20 22:28	--------	d-----w-	c:\program files\Microsoft Fix it Center

2010-04-18 15:47 . 2010-04-18 15:47	--------	d-----w-	c:\program files\PITy

2010-03-21 16:27 . 2010-03-21 16:27	98304	----a-w-	c:\windows\system32\CmdLineExt.dll

2009-06-10 21:26 . 2009-07-14 02:04	9633792	--sha-r-	c:\windows\Fonts\StaticCache.dat

2009-07-14 01:14 . 2009-07-13 23:42	396800	--sha-w-	c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe

.


((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  

REGEDIT4


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NVIDIA nTune"="c:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-09-04 81920]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-06-20 1316136]

"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-08-01 202032]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]

"AdslTaskBar"="stmctrl.dll" [2007-03-21 167936]


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\progra~1\KASPER~1\KASPER~1\mzvkbd3.dll


[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"


[HKLM\~\startupfolder\C:^Users^Kazik^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Registration Silent Hunter III.LNK]

path=c:\users\Kazik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Registration Silent Hunter III.LNK

backup=c:\windows\pss\Registration Silent Hunter III.LNK.Startup

backupExtension=.Startup


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2009-12-21 23:57	35760	----a-w-	c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdslTaskBar]

2007-03-21 15:29	167936	----a-w-	c:\windows\System32\stmctrl.dll


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ALLUpdate]

2009-11-11 15:18	870400	----a-w-	c:\program files\ALLPlayer\ALLUpdate.exe


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2010-02-15 17:50	417792	----a-w-	c:\program files\QuickTime\QTTask.exe


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StmRst]

2004-07-27 15:18	36864	----a-w-	c:\windows\StmClean.exe


[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]

"DisableMonitoring"=dword:00000001


R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-03-07 721904]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\Microsoft Fix it Center\Matsvc.exe [2010-04-10 266544]

R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2009-10-06 136704]

R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]

R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]

R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]

R3 TaurusUsb;ADSL Modem USB Service;c:\windows\system32\DRIVERS\torususb.sys [2007-04-13 688864]

R4 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]

S0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2009-10-14 36880]

S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2009-09-14 21520]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]

S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 20992]

S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2009-03-02 5120]

S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-10-02 19472]

S3 Stmatm;ATM/ADSL miniport;c:\windows\system32\DRIVERS\stmatm.sys [2007-01-22 60533]



[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceAndNoImpersonation	REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc Mcx2Svc

HsfXAudioService	REG_MULTI_SZ HsfXAudioService

HPZ12	REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

.

.

------- Skan uzupełniający -------

.

uStart Page = hxxp://www.wyborcza.pl/0,0.html?p=029

mStart Page = about:blank

IE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000

IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000

TCP: {BDA11E7B-544A-4AA2-96C4-900E0C7A5396} = 195.114.161.61,195.114.181.130

FF - ProfilePath - c:\users\Kazik\AppData\Roaming\Mozilla\Firefox\Profiles\556kzgci.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.wp.pl/|http://www.google.pl/

FF - component: c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll

FF - component: c:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll

FF - component: c:\users\Kazik\AppData\Roaming\Mozilla\Firefox\Profiles\556kzgci.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll

FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll

FF - plugin: c:\program files\Opera\program\plugins\nppl3260.dll

FF - plugin: c:\program files\Opera\program\plugins\nprpjplug.dll


---- FIREFOX - SPOSÓB POSTĘPOWANIA ----

c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);

c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);

c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");

c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);

c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);

.

.

------- Skojarzenia plików -------

.

.scr=AutoCADScriptFile

.

.

--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------


[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000


[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000


[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Czas ukończenia: 2010-06-16 18:31:49

ComboFix-quarantined-files.txt 2010-06-16 16:31


Przed: 1 720 557 568 bajtów wolnych

Po: 2 577 723 392 bajtów wolnych


- - End Of File - - EF16543CD5FFD68FB7EF258E44AD22CA

Dodatkowo w procesach ciągle sam sie uruchamia proces o nazwie klwtblfs.exe i Skypename 2.exe

Proszę o pomoc