Problem z wirusem "strong signal ads"

Dla specjalistów Bezpieczeństwo
#1

Witam mam ciagły problem z ww. wirusem . Usuwalem adw clenerem nic nie dało. System windows 8.1 x64 bity.post-15776-0-43240000-1433518979_thumb.j

 

Tu zrobilem skany.

 

FRST: http://wklej.org/id/1730425/  

ADDITION: http://wklej.org/id/1730426/

SHORTCUT: http://wklej.org/id/1730427/

ADW CLEANER: http://wklej.org/id/1730408

 

 

#2

Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :

CloseProcesses:
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3993033051-2726522234-3665654853-1001\...\Run: [Opos] => [X]
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO-x32: Strong Signal -> {c723a437-2eaf-466d-a95b-3fa0966bf88c} -> C:\Program Files (x86)\Strong Signal\Extensions\c723a437-2eaf-466d-a95b-3fa0966bf88c.dll No File
FF Extension: Strong Signal - C:\Users\domownicy\AppData\Roaming\Mozilla\Firefox\Profiles\dy58lgll.default\Extensions\{fcd621a9-4efd-4303-b9f6-addf668a8a03}.xpi [2015-06-05]
FF Keyword.URL: hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=bg_616_bl-is-23 __alt__ ddc_dss_bd_com&p={searchTerms}
CHR Extension: (Strong Signal) - C:\Users\domownicy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apbdnjjgnjoaoblhcfodnkcnfdofdnke [2015-06-05]
CHR Extension: (Bookmark Manager) - C:\Users\domownicy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-26]
R2 Service Mgr StrongSignal; C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\PluginContainer.exe [652048 2015-06-05] ()
R2 Update Mgr StrongSignal; C:\Program Files (x86)\Common Files\0780f478-67ce-4ec3-98db-39a65f4618ce\updater.exe [573712 2015-06-05] ()
C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce
C:\Program Files (x86)\Common Files\0780f478-67ce-4ec3-98db-39a65f4618ce
2015-06-05 17:40 - 2015-06-05 17:40 - 00000000 ____ D C:\Program Files (x86)\Strong Signal
2015-06-05 14:37 - 2015-06-05 15:20 - 00000000 ____ D C:\AdwCleaner
2015-05-21 20:08 - 2015-05-21 20:09 - 00000000 ____ D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
Task: {40BA9E34-B3AB-475B-BC02-7F488CD002DB} - System32\Tasks\{610B0F41-DA11-4612-B289-9A5A1A1DD962} => pcalua.exe -a "C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwlu00.exe" -c verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter" driver
EmptyTemp:

Uruchom FRST i kliknij Fix. Pokaż raport z usuwania Fixlog.

Kliknij Scan i pokaż nowy raport z FRST bez Addition i Shortcut.

#3

FIXLOG: http://wklej.org/id/1730519/

FRST: http://wklej.org/id/1730520/

#4

Skasuj folder C:\FRST

Usuń stare punkty przywracania: Przywracanie systemu i kopie w tle

Dysk przeskanuj Malwarebytes Anti-Malware

Podczas instalacji usuń zaznaczenie przy Uruchom okres testowy Malwarebytes Anti-Malware Premium.

http://wstaw.org/m/2014/03/25/2014-03-25_123039.png

Język PL > Settings > General Settings > Language > Polish

Przeczytaj w jaki sposób należy instalować programy: KLIK - KLIK - KLIK - KLIK

Silverlight 5.1.30514.0

Odinstaluj Microsoft Silverlight i zainstaluj Silverlight 5.1.40416.0