Mam problem z programem Strong Signal i Unideals!


(Filipfm1) #1

Witam,

mam problem z zaśmiecaniem okien przeglądarki przez wyskakujące reklamy Strong Signal i Unideals, jest to na tyle intensywne, iż uniemożliwia mi pracę na komputerze. Póki co żaden ze ściągniętych programów nie mógł tego usunąć.Próbowałem normalnie i CCcleaner....Te reklamy doprowadzają do szału ! Wiem ,że to błahostka ale bardzo mi przeszkadza.


(Acorus) #2

Pobierz Farbar Recovery Scan Tool http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/ zgodny z wersją systemu 32-bit lub 64-bit.


(Filipfm1) #3

jakoś się pomęczyłem tamtego samego dnia i poszukałem na innych forach … Ale problem z miliardem okienek nie zniknął więc pytam czy wysłać ten raport czy nie?


(Atis) #4

Przecież otrzymałeś odpowiedź, że wymagane są logi z FRST.


(Filipfm1) #5

FRST: http://wklej.org/id/1668724/

 

Addition : http://wklej.org/id/1668727/


(Atis) #6

W panelu sterowania odinstaluj McAfee LiveSafe – Internet Security i omiga-plus uninstall.

Usuń szkodliwe rozszerzenie SourceApp w przeglądarce Chrome

Pobierz i uruchom AdwCleaner Kliknij Scan i później Cleaning.

Kliknij Scan i pokaż nowy raport z FRST bez Addition.


(Acorus) #7

Otwórz notatnik systemowy i wklej:

AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\ProgramData:NT2
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\Users\All Users:NT2
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT2
AlternateDataStreams: C:\ProgramData\Dane aplikacji:NT
AlternateDataStreams: C:\ProgramData\Dane aplikacji:NT2
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2
AlternateDataStreams: C:\Users\Filip\Dane aplikacji:NT
AlternateDataStreams: C:\Users\Filip\Dane aplikacji:NT2
AlternateDataStreams: C:\Users\Filip\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Filip\AppData\Roaming:NT
AlternateDataStreams: C:\Users\Filip\AppData\Roaming:NT2
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
AppInit_DLLs-x32: e = "e" File Not Found
GroupPolicy: Group Policy on Chrome detected ======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction ======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hpppts=1420581102from=coruid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX41A930298602986
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hpppts=1420581102from=coruid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX41A930298602986
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=dsts=1420581087from=coruid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX41A930298602986q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=dsppts=1420581102from=coruid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX41A930298602986q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hpppts=1420581102from=coruid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX41A930298602986
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hpppts=1420581102from=coruid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX41A930298602986
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=dsts=1420581087from=coruid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX41A930298602986q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=dsppts=1420581102from=coruid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX41A930298602986q={searchTerms}
HKU\S-1-5-21-4170966284-4039336-1555398239-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=dsppts=1420581102from=coruid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX41A930298602986q={searchTerms}
HKU\S-1-5-21-4170966284-4039336-1555398239-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hpppts=1420581102from=coruid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX41A930298602986
HKU\S-1-5-21-4170966284-4039336-1555398239-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hpppts=1420581102from=coruid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX41A930298602986
HKU\S-1-5-21-4170966284-4039336-1555398239-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=dsppts=1420581102from=coruid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX41A930298602986q={searchTerms}
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=dsts=1420581087from=coruid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX41A930298602986q={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=dsts=1420581087from=coruid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX41A930298602986q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=dsppts=1420581102from=coruid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX41A930298602986q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=dsppts=1420581102from=coruid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX41A930298602986q={searchTerms}
SearchScopes: HKU\.DEFAULT - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\.DEFAULT - {3A20F87B-069B-4C78-913B-C9360FF955C0} URL =
SearchScopes: HKU\S-1-5-21-4170966284-4039336-1555398239-1001 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=dsppts=1420581102from=coruid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX41A930298602986q={searchTerms}
SearchScopes: HKU\S-1-5-21-4170966284-4039336-1555398239-1001 - {045AD61E-1584-4C0B-9AC4-F5BD18EF7AFE} URL = http://q.search-simple.com/?affID=naq={searchTerms}r=39
SearchScopes: HKU\S-1-5-21-4170966284-4039336-1555398239-1001 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=dsppts=1420581102from=coruid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX41A930298602986q={searchTerms}
BHO-x32: No Name - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - No File
CHR HomePage: Default - hxxp://isearch.omiga-plus.com/?type=hpppts=1420581102from=coruid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX41A930298602986
CHR RestoreOnStartup: Default - "hxxp://q.search-simple.com/?affID=pr_439087cb-0b93-4a0d-8fec-3aa5455ee338"
CHR StartupUrls: Default - "hxxp://q.search-simple.com/?affID=pr_439087cb-0b93-4a0d-8fec-3aa5455ee338"
CHR DefaultSearchKeyword: Default - yahoo.com
CHR DefaultNewTabURL: Default - http://q.search-simple.com/?m=tabaffID=pr_439087cb-0b93-4a0d-8fec-3aa5455ee338
CHR Extension: (SourceApp) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjmmongnldnffjiiciiploahbeihoah [2015-03-22]
CHR Extension: (Poper Blocker) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2015-03-22]
CHR Extension: (Keep My Opt-Outs) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhnjdplhmcnkiecampfdgfjilccfpfoe [2015-03-22]
S2 IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [158864 2014-12-29] (XTab system)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [473088 2015-01-06] (Fuyu LIMITED) [File not signed]
S2 Update SourceApp; "C:\Program Files (x86)\SourceApp\updateSourceApp.exe" [X]
R1 {4291b504-d331-41fb-90ff-daaf14dd7f49}Gw64; C:\Windows\System32\drivers\{4291b504-d331-41fb-90ff-daaf14dd7f49}Gw64.sys [48784 2015-01-21] (StdLib)
R1 {44219168-7340-43df-bbc2-89f0b26c112f}Gw64; C:\Windows\System32\drivers\{44219168-7340-43df-bbc2-89f0b26c112f}Gw64.sys [48784 2015-01-18] (StdLib)
R1 {4f8c067a-e55a-4229-81e6-7be1491578a2}Gw64; C:\Windows\System32\drivers\{4f8c067a-e55a-4229-81e6-7be1491578a2}Gw64.sys [48784 2015-02-01] (StdLib)
R1 {549b1cd8-769f-468a-ad93-f57bfc8402c2}Gw64; C:\Windows\System32\drivers\{549b1cd8-769f-468a-ad93-f57bfc8402c2}Gw64.sys [48784 2015-01-13] (StdLib)
R1 {b40efc75-ad36-4607-9465-eb41963e9c42}w64; C:\Windows\System32\drivers\{b40efc75-ad36-4607-9465-eb41963e9c42}w64.sys [48784 2015-03-13] (StdLib)
R1 {cad8ac99-1831-4a75-b758-e4235c95af75}Gw64; C:\Windows\System32\drivers\{cad8ac99-1831-4a75-b758-e4235c95af75}Gw64.sys [48784 2015-01-15] (StdLib)
S3 FairplayKD; \\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
2015-03-16 19:15 - 2015-03-16 19:15 - 00000000 ____ D () C:\Users\Filip\AppData\Local\Pay-By-Ads
2015-03-03 15:37 - 2015-03-03 15:37 - 00003218 _____ () C:\WINDOWS\System32\Tasks\{C0F45D70-7217-4107-97B3-6B90BD8BB0C7}
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.


(Filipfm1) #8

,umieść obok FRST w tym samym folderze.’’ Znaczy gdzie dokładnie ?


(Acorus) #9

Tam gdzie masz FRST czyli C:\Users\Filip\Downloads


(Filipfm1) #10

Ale tam tak po prostu wrzucić do pobranych ??


(Acorus) #11

Nie do FRST tylko do katalogu Pobrane.


(Filipfm1) #12

agg… wyślesz mi screen ? bo ja zielony i głupi i nie wiem o co ci chodzi , ok ?


(Atis) #13

FRST i Fixlist zapisz w tym samym folderze i nie ma znaczenia jaki to będzie folder.