Strong Signal Ads


(Kajasz) #1

Witam,


(Acorus) #2

Otwórz notatnik systemowy i wklej:

CustomCLSID: HKU\S-1-5-21-70293307-1573521303-1024797241-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 - C:\Users\Kaya\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-70293307-1573521303-1024797241-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 - C:\Users\Kaya\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-70293307-1573521303-1024797241-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 - C:\Users\Kaya\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-70293307-1573521303-1024797241-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 - C:\Users\Kaya\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-70293307-1573521303-1024797241-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 - C:\Users\Kaya\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
Hosts:
HKLM-x32\...\Run: [ASUSWebStorage] = C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe [3423104 2012-08-31] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [RemoteControl10] = C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
ShellIconOverlayIdentifiers: [SkyDrive1] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} = No File
ShellIconOverlayIdentifiers: [SkyDrive2] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} = No File
ShellIconOverlayIdentifiers: [SkyDrive3] - {BBACC218-34EA-4666-9D7A-C78F2274A524} = No File
ShellIconOverlayIdentifiers-x32: [SkyDrive1] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} = No File
ShellIconOverlayIdentifiers-x32: [SkyDrive2] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} = No File
ShellIconOverlayIdentifiers-x32: [SkyDrive3] - {BBACC218-34EA-4666-9D7A-C78F2274A524} = No File
GroupPolicy: Group Policy on Chrome detected ======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction ======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction ======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://q.search-simple.com/?affID=bl_897b9405-3ec3-46a8-92c2-dea1c93db903
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-70293307-1573521303-1024797241-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://q.search-simple.com/?affID=bl_897b9405-3ec3-46a8-92c2-dea1c93db903
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://q.search-simple.com/?affID=bl_897b9405-3ec3-46a8-92c2-dea1c93db903q={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://q.search-simple.com/?affID=bl_897b9405-3ec3-46a8-92c2-dea1c93db903q={searchTerms}
SearchScopes: HKU\.DEFAULT - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-70293307-1573521303-1024797241-1001 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://q.search-simple.com/?affID=bl_897b9405-3ec3-46a8-92c2-dea1c93db903q={searchTerms}
SearchScopes: HKU\S-1-5-21-70293307-1573521303-1024797241-1001 - URL http://q.search-simple.com/?affID=bl_897b9405-3ec3-46a8-92c2-dea1c93db903q={searchTerms}
SearchScopes: HKU\S-1-5-21-70293307-1573521303-1024797241-1001 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://q.search-simple.com/?affID=bl_897b9405-3ec3-46a8-92c2-dea1c93db903q={searchTerms}
BHO-x32: No Name - {c723a437-2eaf-466d-a95b-3fa0966bf88c} - No File
CHR RestoreOnStartup: Default - "hxxp://search.yahoo.com/?fr=hp-ddc-bdtype=bg_616_bl-is-15 __alt__ ddc_dsssyc_bd_com"
CHR StartupUrls: Default - "hxxp://search.yahoo.com/?fr=hp-ddc-bdtype=bg_616_bl-is-15 __alt__ ddc_dsssyc_bd_com"
CHR Extension: (Strong Signal) - C:\Users\Kaya\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibkenfpakmbdmlalmhgcpdbeennobfho [2015-05-01]
OPR StartupUrls: "hxxp://search.yahoo.com/?fr=hp-ddc-bdtype=bg_616_bl-is-18 __alt__ ddc_dsssyc_bd_com"
OPR Extension: (Strong Signal) - C:\Users\Kaya\AppData\Roaming\Opera Software\Opera Stable\Extensions\ibkenfpakmbdmlalmhgcpdbeennobfho [2015-05-01]
R2 Service Mgr StrongSignal; C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\PluginContainer.exe [556304 2015-05-01] ()
R2 Update Mgr StrongSignal; C:\Program Files (x86)\Common Files\0780f478-67ce-4ec3-98db-39a65f4618ce\updater.exe [478992 2015-05-01] ()
U4 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]
S2 McSchedulerSvc; "C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]
U4 VBoxAswDrv; \\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
U4 WMCoreService; No ImagePath
2015-05-01 15:04 - 2015-05-01 15:04 - 00000000 ____ D () C:\Program Files (x86)\Strong Signal
2015-05-01 15:32 - 2014-05-27 16:57 - 00000000 ____ D () C:\AdwCleaner
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.