

złapałam gdzieś to cudo i bardzo bardzo proszę o pomoc:
Addition: http://www.wklej.org/id/1642999/
FRST: http://www.wklej.org/id/1643002/
złapałam gdzieś to cudo
Strong Signal - C:\Users\Paula\AppData\Roaming\Mozilla\Firefox\Profiles\izz6sk1c.default\Extensions\{6dc74982-0c33-45a3-aaec-8285d2089296}.xpi [2015-02-18]
2015-02-18 21:50 - 2015-02-18 21:50 - 00717216 _____ (Web Generic ) C:\Users\Paula\Downloads\GoldWave(30566)-dp.exe
2015-02-18 01:52 - 2015-02-18 01:52 - 00717216 _____ (Web Generic ) C:\Users\Paula\Downloads\SMRecorder(25175)-dp.exe
FF Extension: Strong Signal - C:\Users\Paula\AppData\Roaming\Mozilla\Firefox\Profiles\izz6sk1c.default\Extensions\{6dc74982-0c33-45a3-aaec-8285d2089296}.xpi [2015-02-18]
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [770944 2015-02-21] (Enigma Software Group USA, LLC.)
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpyHunter 4" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpyHunter" /f
C:\Users\Paula\AppData\Local\Akamai\netsession_win.exe
Reg: reg delete "HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f
Task: {EFD4899E-1160-4FCF-B879-70A1CB03D9BD} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2015-02-21] (Enigma Software Group USA, LLC.)
C:\Program Files\Enigma Software Group
Task: C:\windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\windows\TEMP\{8621F898-108C-4E6F-A878-C548029E9AA7}.exe <==== ATTENTION
HKLM\...\Run: [] => [X]
HKU\S-1-5-21-4008927240-3801032164-148358910-1004\...\Run: [Akamai NetSession Interface] => C:\Users\Paula\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
URLSearchHook: HKU\S-1-5-21-4008927240-3801032164-148358910-1004 - (No Name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No File
SearchScopes: HKU\S-1-5-21-4008927240-3801032164-148358910-1004 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={D93C8C02-7050-4554-9BCD-C8E7C9C603AF}&mid=42f2f837cbc847d092aa173d7d7a5401-70be99eaaa3dc6f29225bd6895cce3f61e516fbe&lang=pl&ds=AVG&coid=avgtbavg&cmpid=1214tb&pr=fr&d=2014-08-31 00:17:03&v=4.0.5.7&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4008927240-3801032164-148358910-1004 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={D93C8C02-7050-4554-9BCD-C8E7C9C603AF}&mid=42f2f837cbc847d092aa173d7d7a5401-70be99eaaa3dc6f29225bd6895cce3f61e516fbe&lang=pl&ds=AVG&coid=avgtbavg&cmpid=1214tb&pr=fr&d=2014-08-31 00:17:03&v=4.0.5.7&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: No Name -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> No File
Toolbar: HKLM - No Name - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No File
Toolbar: HKLM - No Name - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No File
Toolbar: HKU\S-1-5-21-4008927240-3801032164-148358910-1004 -> No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
FF SearchPlugin: C:\Users\Paula\AppData\Roaming\Mozilla\Firefox\Profiles\izz6sk1c.default\searchplugins\key-find.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\key-find.xml
R3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [16432 2015-02-21] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\windows\System32\DRIVERS\EsgScanner.sys [19984 2015-02-21] ()
C:\windows\System32\DRIVERS\EsgScanner.sys
S3 4C14D4E89; \??\C:\Users\Paula\AppData\Local\Temp\4C14D4E89.sys [X]
S3 519D54ED89620D6C; \??\C:\Users\Paula\AppData\Local\Temp\28B908918.sys [X]
S3 519D54ED89626DC1; \??\C:\Users\Paula\AppData\Local\Temp\69C3DC73D.sys [X]
S3 56BA4330B; \??\C:\Users\Paula\AppData\Local\Temp\56BA4330B.sys [X]
S3 BAEAF1E37; \??\C:\Users\Paula\AppData\Local\Temp\BAEAF1E37.sys [X]
S3 GPU-Z; \??\C:\Users\Paula\AppData\Local\Temp\GPU-Z.sys [X]
C:\Users\Paula\Desktop\SpyHunter.lnk
C:\sh4ldr
C:\Users\Paula\Downloads\SpyHunter-Installer(1).exe
C:\Users\Paula\AppData\Roaming\Enigma Software Group
C:\Users\Paula\Downloads\SpyHunter-Installer.exe
C:\Users\Paula\Downloads\GoldWave(30566)-dp.exe
C:\Users\Paula\Downloads\SMRecorder(25175)-dp.exe
C:\Users\Paula\AppData\Local\Temp*.html
C:\Users\Paula\FreeDWGViewer.exe
C:\Users\Paula\IP_Log_Data.js
EmptyTemp:
DeleteQuarantine:
Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 2 gości