ComboFix 13-04-15.01 - Administrator 04/16/2013   8:20.3.2 - x86 NETWORK
Microsoft Windows XP Professional  5.1.2600.3.1250.48.1033.18.2046.1818 [GMT 2:00]
Uruchomiony z: c:\documents and settings\Administrator\Desktop\ComboFix.exe
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2013-03-16 do 2013-04-16  )))))))))))))))))))))))))))))))
.
.
2013-04-15 19:55 . 2013-04-15 20:37	--------	d-----w-	c:\documents and settings\Administrator
2013-04-15 19:06 . 2013-04-15 19:06	13824	----a-w-	c:\windows\system32\OstizxePmawm.dll
2013-04-15 19:05 . 2013-04-15 19:05	297472	----a-w-	c:\windows\system32\apcups.exe
2013-04-09 18:24 . 2013-04-09 18:24	--------	d-----w-	c:\windows\system32\AGEIA
2013-04-09 18:24 . 2013-04-09 18:24	--------	d-----w-	c:\program files\AGEIA Technologies
2013-04-09 18:24 . 2013-04-09 18:24	--------	d-----w-	c:\program files\Common Files\Wise Installation Wizard
2013-04-09 18:21 . 2008-10-02 08:07	453152	----a-w-	c:\windows\system32\NVUNINST.EXE
2013-04-03 19:23 . 2013-04-03 19:23	242240	----a-w-	c:\windows\system32\drivers\dtsoftbus01.sys
2013-04-03 19:22 . 2013-04-03 19:23	--------	d-----w-	c:\program files\DAEMON Tools Lite
2013-03-24 09:48 . 2013-03-25 14:34	--------	d-----w-	c:\program files\TuneUp Utilities 2013
2013-03-24 09:43 . 2012-06-09 18:21	178688	----a-w-	c:\windows\system32\unrar.dll
2013-03-22 11:54 . 2007-03-22 19:24	28160	----a-w-	c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2013-03-22 11:53 . 2006-06-29 12:07	14048	------w-	c:\windows\system32\spmsg2.dll
2013-03-22 11:53 . 2006-06-29 12:07	22752	----a-w-	c:\windows\system32\spupdsvc.exe
2013-03-20 12:55 . 2013-03-20 12:56	--------	d-----w-	c:\documents and settings\UpdatusUser
2013-03-20 12:50 . 2013-01-31 11:22	65536	----a-w-	c:\windows\system32\OpenCL.dll
2013-03-20 12:50 . 2013-03-20 12:50	1072544	----a-w-	c:\windows\system32\nvdrsdb0.bin
2013-03-20 12:50 . 2013-03-20 12:50	1	----a-w-	c:\windows\system32\nvdrssel.bin
2013-03-20 12:50 . 2013-03-20 12:50	1072544	----a-w-	c:\windows\system32\nvdrsdb1.bin
2013-03-20 12:48 . 2013-01-31 11:22	892704	----a-w-	c:\windows\system32\nvdispgenco32.dll
2013-03-20 12:48 . 2013-01-31 11:22	5967872	----a-w-	c:\windows\system32\nvopencl.dll
2013-03-20 12:48 . 2013-01-31 11:22	2581792	----a-w-	c:\windows\system32\nvcuvid.dll
2013-03-20 12:48 . 2013-01-31 11:22	1869088	----a-w-	c:\windows\system32\nvcuvenc.dll
2013-03-20 12:48 . 2013-01-31 11:22	1010464	----a-w-	c:\windows\system32\nvdispco32.dll
2013-03-20 12:48 . 2008-10-07 11:33	1368064	----a-w-	c:\windows\system32\nvcuda.dll
2013-03-20 12:48 . 2013-01-31 11:22	17551360	----a-w-	c:\windows\system32\nvcompiler.dll
2013-03-20 12:48 . 2008-10-07 11:33	475136	----a-w-	c:\windows\system32\nvapi.dll
2013-03-20 12:47 . 2013-03-20 12:55	--------	d-----w-	c:\program files\NVIDIA Corporation
2013-03-20 12:47 . 2013-04-09 18:21	--------	d-----w-	C:\NVIDIA
2013-03-20 12:41 . 2013-03-20 12:41	--------	d-----w-	c:\windows\Sun
2013-03-20 12:41 . 2013-03-20 12:41	--------	d-----w-	c:\program files\Common Files\Java
2013-03-20 12:41 . 2013-03-20 12:40	143872	----a-w-	c:\windows\system32\javacpl.cpl
2013-03-20 12:41 . 2013-03-20 12:39	861088	----a-w-	c:\windows\system32\npDeployJava1.dll
2013-03-20 12:41 . 2013-03-20 12:39	782240	----a-w-	c:\windows\system32\deployJava1.dll
2013-03-20 12:40 . 2013-03-20 12:40	94112	----a-w-	c:\windows\system32\WindowsAccessBridge.dll
2013-03-20 12:39 . 2013-03-20 12:39	--------	d-----w-	c:\program files\Java
2013-03-20 10:51 . 2013-03-20 10:50	3851784	----a-w-	c:\windows\system32\d3dx9_39.dll
2013-03-20 10:48 . 2013-03-20 10:48	1892184	----a-w-	c:\windows\system32\d3dx9_42.dll
2013-03-20 09:58 . 2013-03-25 10:25	--------	d-----w-	c:\program files\McAfee Security Scan
2013-03-20 09:58 . 2013-03-20 09:58	73432	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-20 09:58 . 2013-03-20 09:58	693976	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2013-03-20 09:37 . 2013-03-25 10:23	17488	----a-w-	c:\windows\gdrv.sys
2013-03-20 09:34 . 2008-10-07 11:33	453152	----a-w-	c:\windows\system32\nvudisp.exe
2013-03-20 09:33 . 2004-05-02 08:47	23040	----a-r-	c:\windows\system32\drivers\GVCplDrv.sys
2013-03-20 09:25 . 2001-08-17 13:59	3072	----a-w-	c:\windows\system32\drivers\audstub.sys
2013-03-20 09:24 . 2008-04-14 00:10	57600	----a-w-	c:\windows\system32\drivers\redbook.sys
2013-03-20 09:23 . 2008-04-14 04:42	74240	----a-w-	c:\windows\system32\usbui.dll
2013-03-20 09:19 . 2007-04-24 09:49	11776	----a-w-	c:\windows\system32\drivers\pdiddcci.sys
2013-03-20 09:17 . 2013-04-15 19:05	--------	d-----w-	c:\documents and settings\All Users.WINDOWS
2013-03-20 09:17 . 2013-03-20 08:43	--------	d--h--w-	c:\documents and settings\Default User.WINDOWS
2013-03-20 09:07 . 2008-04-13 23:15	2944	-c--a-w-	c:\windows\system32\dllcache\drmkaud.sys
2013-03-20 09:07 . 2008-04-13 23:15	2944	----a-w-	c:\windows\system32\drivers\drmkaud.sys
2013-03-20 09:07 . 2008-04-13 23:15	172416	-c--a-w-	c:\windows\system32\dllcache\kmixer.sys
2013-03-20 09:07 . 2008-04-13 23:15	172416	----a-w-	c:\windows\system32\drivers\kmixer.sys
2013-03-20 09:07 . 2008-04-13 23:15	52864	-c--a-w-	c:\windows\system32\dllcache\dmusic.sys
2013-03-20 09:07 . 2008-04-13 23:15	52864	----a-w-	c:\windows\system32\drivers\DMusic.sys
2013-03-20 09:07 . 2008-04-13 23:15	56576	----a-w-	c:\windows\system32\drivers\swmidi.sys
2013-03-20 09:07 . 2008-04-13 21:09	142592	-c--a-w-	c:\windows\system32\dllcache\aec.sys
2013-03-20 09:07 . 2008-04-13 21:09	142592	----a-w-	c:\windows\system32\drivers\aec.sys
2013-03-20 09:07 . 2008-04-13 23:15	6272	----a-w-	c:\windows\system32\drivers\splitter.sys
2013-03-20 09:07 . 2009-07-27 07:09	44032	----a-r-	c:\windows\system32\drivers\l1c51x86.sys
2013-03-20 09:07 . 2008-04-13 23:45	60800	----a-w-	c:\windows\system32\drivers\sysaudio.sys
2013-03-20 09:06 . 2008-04-13 23:47	83072	----a-w-	c:\windows\system32\drivers\wdmaud.sys
2013-03-20 09:01 . 2009-06-25 06:07	540672	------r-	c:\windows\RtlExUpd.dll
2013-03-20 08:58 . 2009-07-08 23:34	53248	----a-r-	c:\windows\system32\CSVer.dll
2013-03-20 08:58 . 2013-03-20 08:58	--------	d--h--w-	c:\program files\DeviceVM
2013-03-20 08:57 . 2005-04-03 22:02	753664	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll
2013-03-20 08:57 . 2005-04-03 22:02	69714	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll
2013-03-20 08:57 . 2005-04-03 22:01	274432	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll
2013-03-20 08:57 . 2005-04-03 22:00	184320	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll
2013-03-20 08:57 . 2005-04-03 21:59	5632	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
2013-03-20 08:57 . 2013-03-20 08:57	331908	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll
2013-03-20 08:57 . 2013-03-20 08:57	200836	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll
2013-03-20 08:57 . 2009-08-27 07:04	207400	----a-r-	c:\windows\GSetup.exe
2013-03-20 08:51 . 2013-04-15 20:37	--------	d-----w-	c:\documents and settings\fryta
2013-03-20 08:50 . 2013-03-20 08:50	--------	d-sh--w-	c:\documents and settings\LocalService.NT AUTHORITY
2013-03-20 08:49 . 2013-03-20 08:49	--------	d-sh--w-	c:\documents and settings\NetworkService.NT AUTHORITY
2013-03-20 08:47 . 2001-08-17 21:36	7168	-c--a-w-	c:\windows\system32\dllcache\EXCH_snprfdll.dll
2013-03-20 08:47 . 2001-08-17 21:36	12288	-c--a-w-	c:\windows\system32\dllcache\EXCH_smtpctrs.dll
2013-03-20 08:45 . 2008-04-14 12:00	92416	-c--a-w-	c:\windows\system32\dllcache\mga.sys
2013-03-20 08:44 . 2008-04-14 12:00	42496	-c--a-w-	c:\windows\system32\dllcache\davcdata.exe
2013-03-20 08:40 . 2008-04-14 12:00	99840	-c--a-w-	c:\windows\system32\dllcache\helphost.exe
2013-03-20 08:40 . 2008-04-14 12:00	6656	-c--a-w-	c:\windows\system32\dllcache\hcappres.dll
2013-03-20 08:40 . 2008-04-14 12:00	35328	-c--a-w-	c:\windows\system32\dllcache\notiflag.exe
2013-03-20 08:40 . 2008-04-14 12:00	21504	-c--a-w-	c:\windows\system32\dllcache\brpinfo.dll
2013-03-20 08:40 . 2008-04-14 12:00	11264	-c--a-w-	c:\windows\system32\dllcache\atrace.dll
2013-03-20 08:40 . 2008-04-14 12:00	11264	----a-w-	c:\windows\system32\atrace.dll
2013-03-20 08:37 . 2008-04-14 12:00	33792	----a-w-	c:\program files\Messenger\custsat.dll
2013-03-20 08:36 . 2008-04-14 12:00	75264	----a-w-	c:\windows\system32\wbem\wmipicmp.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-30 10:40 . 2011-03-30 10:40	517976	----a-w-	c:\program files\DXSETUP.exe
2011-03-30 10:40 . 2011-03-30 10:40	95576	----a-w-	c:\program files\DSETUP.dll
2011-03-30 10:40 . 2011-03-30 10:40	1566040	----a-w-	c:\program files\dsetup32.dll
2013-04-11 20:40 . 2013-04-11 20:39	263064	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2009-05-10 . 362BC5AF8EAF712832C58CC13AE05750 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCU"="c:\program files\DeviceVM\Browser Configuration Utility\BCU.exe" [2009-08-04 346320]
"RTHDCPL"="RTHDCPL.EXE" [2009-06-25 17887232]
"DT HPW"="c:\program files\Portrait Displays\HP My Display\DTHtml.exe" [2007-04-25 280064]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-07 13574144]
"nwiz"="nwiz.exe" [2008-10-07 1630208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-10-07 86016]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\Currentversion\policies\explorer\Run]
"38839"="c:\docume~1\ALLUSE~1.WIN\LOCALS~1\Temp\msvouuaqq.exe" [BU]
.
c:\documents and settings\All Users.WINDOWS\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-24 29696]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.0.318\SSScheduler.exe [2013-2-5 272248]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders	msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, OstizxePmawm.dll
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=
"d:\\torrent\\uTorrent.exe"=
"c:\\WINDOWS\\system32\\apcups.exe"=
.
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [4/3/2013 9:23 PM 242240]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [3/20/2013 11:07 AM 44032]
S2 BCUService;Browser Configuration Utility Service;c:\program files\DeviceVM\Browser Configuration Utility\BCUService.exe [3/20/2013 10:58 AM 219360]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [3/20/2013 11:02 AM 1684736]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.0.318\McCHSvc.exe [2/5/2013 5:48 PM 235216]
.
Zawartość folderu 'Zaplanowane zadania'
.
2013-04-16 c:\windows\Tasks\AmiUpdXp.job
- c:\documents and settings\fryta\Application Data\SwvUpdater\Updater.exe [2013-04-03 18:07]
.
.
------- Skan uzupełniający -------
.
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - 
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-04-16 08:29
Windows 5.1.2600 Service Pack 3 NTFS
.
skanowanie ukrytych procesów ...  
.
skanowanie ukrytych wpisów autostartu ... 
.
skanowanie ukrytych plików ...  
.
skanowanie pomyślnie ukończone
ukryte pliki: 0
.
**************************************************************************
.
Czas ukończenia: 2013-04-16  08:31:50
ComboFix-quarantined-files.txt  2013-04-16 06:31
ComboFix2.txt  2013-04-15 21:00
ComboFix3.txt  2013-04-15 20:40
.
Przed: 4,283,174,912 bytes free
Po: 4,271,652,864 bytes free
.
- - End Of File - - D58D63269E7FDE11C85EF6FAA6B383E7