ComboFix 15-03-01.01 - Monika 2015-03-06  12:05:44.1.4 - x64 NETWORK
Microsoft Windows 7 Home Premium   6.1.7601.1.1250.48.1045.18.4032.3288 [GMT 1:00]
Uruchomiony z: E:\Pulpit\ComboFix.exe
AV: Avira Desktop *Enabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
FW: FireWall *Disabled* {753F9273-B322-2907-AC37-03D0F1702F22}
SP: Avira Desktop *Enabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Utworzono nowy punkt przywracania

[i] ADS - Windows: deleted 0 bytes in 1 streams. [/i]

(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))


C:\128_16022893_MVM_0.tmp
C:\3596_15155949_MVM_0.tmp
C:\3600_7915334_MVM_0.tmp
C:\3792_11387339_MVM_0.tmp
C:\5088_113746054_MVM_0.tmp
C:\DSC_0007.JPG
C:\END
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ColorMunkiPhotoTray.exe.lnk
C:\Users\Monika\AppData\Local\dpqs.exe
C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage
C:\Windows\pkunzip.pif
C:\Windows\pkzip.pif
C:\Windows\XSxS
F:\install.exe


(((((((((((((((((((((((((   Pliki utworzone od 2015-02-06 do 2015-03-06  )))))))))))))))))))))))))))))))


2015-03-06 10:45:43 . 2015-03-06 10:45:43	--------	d-----w-	C:\Users\Monika\AppData\Local\Adobe
2015-03-06 10:45:43 . 2015-03-06 10:45:43	--------	d-----w-	C:\Program Files (x86)\Common Files\Adobe
2015-03-04 10:37:02 . 2015-03-04 13:11:26	--------	d-----w-	C:\Users\Monika\AppData\Roaming\Adobe-BackupByPhotoshopCS6Portable
2015-02-27 11:04:07 . 2015-02-27 11:04:07	--------	d-----w-	C:\Users\Monika\AppData\Local\Adobe-BackupByPhotoshopCS6Portable
2015-02-27 11:04:07 . 2015-02-27 11:04:07	--------	d-----w-	C:\ProgramData\Adobe-BackupByPhotoshopCS6Portable
2015-02-18 10:48:07 . 2015-02-18 10:48:07	71344	----a-w-	C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2015-02-18 10:48:07 . 2015-02-18 10:48:07	701616	----a-w-	C:\Windows\SysWow64\FlashPlayerApp.exe
2015-02-11 15:53:39 . 2015-02-11 15:53:39	--------	d-----w-	C:\Windows\PCHEALTH
2015-02-10 16:38:21 . 2015-02-10 16:38:22	--------	d-----r-	C:\Users\Monika\Creative Cloud Files
2015-02-10 16:35:20 . 2015-02-10 16:35:37	--------	d-----w-	C:\ProgramData\Package Cache
2015-02-07 09:06:04 . 2015-02-07 09:06:09	--------	d-----w-	C:\po 1 szt. 10 x 15 bysk
.


((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))

2015-02-12 08:15:06 . 2013-06-26 05:57:33	44088	----a-w-	C:\Windows\system32\drivers\avnetflt.sys
2015-02-12 08:15:04 . 2013-06-26 03:57:19	132120	----a-w-	C:\Windows\system32\drivers\avipbb.sys
2015-02-12 08:15:04 . 2013-06-26 03:57:19	128536	----a-w-	C:\Windows\system32\drivers\avgntflt.sys


(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))


*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2015-03-03 10:09:21 703280]
"Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2013-05-08 21:20:00 41056]
"Adobe Creative Cloud"="C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" [2015-01-07 20:27:22 2694320]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
ColorMunki Gamma.lnk - C:\Program Files (x86)\X-Rite\ColorMunki Photo\Gamma\CalibrationLoader.exe [2013-6-28 802816]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

R1 avkmgr;avkmgr;C:\Windows\system32\DRIVERS\avkmgr.sys;C:\Windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
R2 AntiVirFirewallService;Avira FireWall;C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe;C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe [x]
R2 AntiVirMailService;Avira Mail Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe;C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [x]
R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [x]
R2 AntiVirWebService;Avira Web Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE;C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 ColorMunkiService;X-Rite Device ColorMunki;C:\Program Files (x86)\X-Rite\Devices\Services\ColorMunki\ColorMunkiDeviceService.exe;C:\Program Files (x86)\X-Rite\Devices\Services\ColorMunki\ColorMunkiDeviceService.exe [x]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
R2 xritedeviced;X-Rite Device Manager;C:\Program Files (x86)\X-Rite\Devices\Services\xritedeviced.exe;C:\Program Files (x86)\X-Rite\Devices\Services\xritedeviced.exe [x]
R3 colormunki;colormunki;C:\Windows\system32\Drivers\colormunki_x64.sys;C:\Windows\SYSNATIVE\Drivers\colormunki_x64.sys [x]
R3 cpudrv64;cpudrv64;C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys;C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudbus.sys;C:\Windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;C:\Windows\system32\DRIVERS\RTL8187.sys;C:\Windows\SYSNATIVE\DRIVERS\RTL8187.sys [x]
R3 s1039bus;Sony Ericsson Device 1039 driver (WDM);C:\Windows\system32\DRIVERS\s1039bus.sys;C:\Windows\SYSNATIVE\DRIVERS\s1039bus.sys [x]
R3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;C:\Windows\system32\DRIVERS\s1039mdfl.sys;C:\Windows\SYSNATIVE\DRIVERS\s1039mdfl.sys [x]
R3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;C:\Windows\system32\DRIVERS\s1039mdm.sys;C:\Windows\SYSNATIVE\DRIVERS\s1039mdm.sys [x]
R3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);C:\Windows\system32\DRIVERS\s1039mgmt.sys;C:\Windows\SYSNATIVE\DRIVERS\s1039mgmt.sys [x]
R3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS);C:\Windows\system32\DRIVERS\s1039nd5.sys;C:\Windows\SYSNATIVE\DRIVERS\s1039nd5.sys [x]
R3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;C:\Windows\system32\DRIVERS\s1039obex.sys;C:\Windows\SYSNATIVE\DRIVERS\s1039obex.sys [x]
R3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM);C:\Windows\system32\DRIVERS\s1039unic.sys;C:\Windows\SYSNATIVE\DRIVERS\s1039unic.sys [x]
R3 scsiscan;Sterownik skanera SCSI;C:\Windows\system32\DRIVERS\scsiscan.sys;C:\Windows\SYSNATIVE\DRIVERS\scsiscan.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudmdm.sys;C:\Windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudserd.sys;C:\Windows\SYSNATIVE\DRIVERS\ssudserd.sys [x]
R3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys;C:\Windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;C:\Windows\system32\Wat\WatAdminSvc.exe;C:\Windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 nlsX86cc;Nalpeiron Licensing Service;C:\Windows\SysWOW64\nlssrv32.exe;C:\Windows\SysWOW64\nlssrv32.exe [x]
R4 OMSI download service;Sony Ericsson OMSI download service;C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe;C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [x]
S1 avfwot;avfwot;C:\Windows\system32\DRIVERS\avfwot.sys;C:\Windows\SYSNATIVE\DRIVERS\avfwot.sys [x]
S3 avfwim;AvFw Packet Filter Miniport;C:\Windows\system32\DRIVERS\avfwim.sys;C:\Windows\SYSNATIVE\DRIVERS\avfwim.sys [x]
S3 iusb3xhc;Sterownik kontrolera hosta Intel(R) USB 3.0 eXtensible;C:\Windows\system32\DRIVERS\iusb3xhc.sys;C:\Windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys;C:\Windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]


[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-03-04 13:31:03	1059656	----a-w-	C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.76\Installer\chrmstp.exe

Zawartość folderu 'Zaplanowane zadania'

2015-03-06 C:\Windows\Tasks\Adobe Flash Player Updater.job
- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-18 10:48:07 . 2015-02-18 10:48:07]

2015-03-06 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-26 03:24:13 . 2013-06-26 03:24:13]

2015-03-06 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-26 03:24:13 . 2013-06-26 03:24:13]


--------- X64 Entries -----------


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2014-12-19 14:57:46	1039008	----a-w-	C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2014-12-19 14:57:46	1039008	----a-w-	C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2014-12-19 14:57:46	1039008	----a-w-	C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [2013-03-22 15:32:56 165872]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2013-03-22 15:32:52 407536]
"nwiz"="C:\Program Files\NVIDIA Corporation\nview\nwiz.exe" [2013-02-25 22:32:42 2041192]
"Zune Launcher"="C:\Program Files\Zune\ZuneLauncher.exe" [2011-08-05 11:53:06 163552]

------- Skan uzupełniający -------

uLocal Page = C:\Windows\system32\blank.htm
uStart Page = hxxp://www2.delta-search.com/?babsrc=HP_ss&mntrId=DAEF60A44C3D6B62&affID=123627&tsp=4997
mLocal Page = C:\Windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200
LSP: C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{CAAE416B-DC6B-49D1-B184-B62FC0679534}: NameServer = 8.8.8.8,8.8.4.4
FF - ProfilePath - C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\nauc59kk.default\
FF - prefs.js: browser.startup.homepage - chrome://fastdial/content/fastdial.html
FF - user.js: extensions.delta.tlbrSrchUrl - 
FF - user.js: extensions.delta.id - daefc60500000000000060a44c3d6b62
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15954
FF - user.js: extensions.delta.vrsn - 1.8.24.6
FF - user.js: extensions.delta.vrsni - 1.8.24.6
FF - user.js: extensions.delta.vrsnTs - 1.8.24.611:35:19
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - en
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta_i.babTrack - affID=123627&tsp=4997
FF - user.js: extensions.delta_i.babExt - 
FF - user.js: extensions.delta_i.srcExt - ss
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false

- - - - USUNIĘTO PUSTE WPISY - - - -

Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKCU-Run-QuickScanner - (no file)
Wow6432Node-HKLM-Run-Adobe ARM - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Wow6432Node-HKU-Default-RunOnce-SPReview - C:\Windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{10880D85-AAD9-4558-ABDC-2AB1552D831F} - C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-AdobeAAMUpdater-1.0 - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
AddRemove-D3Studio [nfoto.com.pl]_nfotokreator - promo - C:\Windows\system32\D3Studio [nfoto.com.pl]_nfotokreator - promo_uninstaller.exe
AddRemove-Najlepszefoto.pl_NKreator - C:\Windows\system32\Najlepszefoto.pl_NKreator_uninstaller.exe
AddRemove-Najlepszefoto.pl_nKreator 3.0 - C:\Windows\system32\Najlepszefoto.pl_nKreator 3.0_uninstaller.exe