Strong Signal Ads


(Kasperkoz1) #1

Witam!

Proszę o pomoc w zwalczeniu tego śmiecia, którym jest strong signal ads. Osobiście ani trochę się na tym nie znam, więc proszę radzić jak idiocie  :smiley:

Zamieszczam raport ze scanu FRST, chyba to muszę na początku zrobić :slight_smile:

 

FRST_28-06-2015_12-53-00.txt


(Acorus) #2

Brak loga Addition.txt


(Kasperkoz1) #3

Przepraszam, mój błąd.

Już załączam

FRST_28-06-2015_14-47-10.txt

Addition_28-06-2015_14-47-10.txt


(Acorus) #4

Odinstaluj Search App by Ask.Otwórz notatnik systemowy i wklej:

HKLM\...\Run: [RtHDVCpl] = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11776104 2011-02-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2188904 2011-01-18] (Realtek Semiconductor)
HKU\S-1-5-21-1735659881-3873260729-3265285808-1000\...\Run: [] = [X]
GroupPolicy: Group Policy on Chrome detected ======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction ======= ATTENTION
SearchScopes: HKU\.DEFAULT - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1735659881-3873260729-3265285808-1000 - OldSearch URL =
SearchScopes: HKU\S-1-5-21-1735659881-3873260729-3265285808-1000 - {1CC4415E-0042-473B-8CBE-44D4175C67C3} URL = http://www.amazon.co.uk/gp/search?ie=UTF8keywords={searchTerms}tag=tochibauk-win7-ie-search-21index=blendedlinkCode=ur2
SearchScopes: HKU\S-1-5-21-1735659881-3873260729-3265285808-1000 - {2BE1B94D-C6EB-4690-BE30-14328C3E6FD0} URL =
SearchScopes: HKU\S-1-5-21-1735659881-3873260729-3265285808-1000 - {A22173E0-F442-4E7F-A7B4-620A4D6E49D6} URL = http://rover.ebay.com/rover/1/4908-44618-9400-8/4?satitle={searchTerms}
FF NewTab: hxxp://search.yahoo.com/?fr=hp-ddc-bd-tabtype=bg_616_bl-is-24 __alt__ ddc_dsssyctab_bd_com
FF SelectedSearchEngine: Yahoo Search!
FF Homepage: hxxp://search.yahoo.com/?fr=hp-ddc-bdtype=bg_616_bl-is-24 __alt__ ddc_dsssyc_bd_com
FF Keyword.URL: hxxp://search.yahoo.com/yhs/search?hspart=ddchsimp=yhs-ddc_bdtype=bg_616_bl-is-24 __alt__ ddc_dss_bd_comp={searchTerms}
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\.xml [2015-06-06]
FF Extension: Strong Signal - C:\Users\Kacper\AppData\Roaming\Mozilla\Firefox\Profiles\eccfskla.default\Extensions\{38557805-f7a3-4a68-ba6e-ee08fbcdb280}.xpi [2015-03-15]
CHR RestoreOnStartup: Default - "hxxp://search.yahoo.com/?fr=hp-ddc-bdtype=bg_616_bl-is-21 __alt__ ddc_dsssyc_bd_com"
CHR Extension: (Strong Signal) - C:\Users\Kacper\AppData\Local\Google\Chrome\User Data\Default\Extensions\fepampipjplnigjhkaijlbeppicakggl [2015-02-09]
OPR StartupUrls: "hxxp://search.yahoo.com/?fr=hp-ddc-bdtype=bg_616_bl-is-19 __alt__ ddc_dsssyc_bd_com"
OPR Extension: (Strong Signal) - C:\Users\Kacper\AppData\Roaming\Opera Software\Opera Stable\Extensions\fepampipjplnigjhkaijlbeppicakggl [2015-05-05]
S2 Update Mgr StrongSignal; "C:\Program Files (x86)\Common Files\0780f478-67ce-4ec3-98db-39a65f4618ce\updater.exe" [X]
U3 a2zw6ks0; C:\Windows\System32\Drivers\a2zw6ks0.sys [0] (Advanced Micro Devices) ==== ATTENTION (zero byte File/Folder)
S3 EagleX64; \\C:\Windows\system32\drivers\EagleX64.sys [X]
2015-06-13 14:51 - 2015-06-13 14:53 - 03109248 _____ (Enigma Software Group USA, LLC.) C:\Users\Kacper\Downloads\SpyHunter-Installer (1).exe
2015-06-13 13:20 - 2015-06-13 13:20 - 00000000 _____ C:\autoexec.bat
2015-06-13 13:03 - 2015-06-20 20:00 - 00000000 ____ D C:\Program Files\Enigma Software Group
2015-06-13 13:02 - 2015-06-13 13:03 - 03109248 _____ (Enigma Software Group USA, LLC.) C:\Users\Kacper\Downloads\SpyHunter-Installer.exe
2015-06-20 12:47 - 2014-10-04 15:33 - 00000000 ____ D C:\AdwCleaner
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.


(Kasperkoz1) #5

Wklejam kolejny scan FRST po tym co zrobiłem. 

Co dalej każesz, o mistrzu :wink:


(Acorus) #6

Skasuj folder C:\FRST