Strong signal bardzo proszę o pomoc


(Dzieciakm) #1

Ślicznie  proszę o pomoc w imieniu mojej dziewczyny. Zainstalowała coś i jeszcze to: strong signal ads.

Jak się tego g.... pozbyć? Z góry dziękuję

 

Addition

http://wklej.org/id/1656836/

frst

http://wklej.org/id/1656840/


(Acorus) #2

Odinstaluj Adobe Reader 9.5.1 - Polish,WinZipper.Otwórz notatnik systemowy i wklej:

Task: {9B447B62-5C01-4091-8FD7-FEA045760976} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2306570727-782624759-3568690002-1000Core = C:\Users\Asia\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-26] (Facebook Inc.)
Task: {A1D45C8A-5D4A-4601-8121-7D5C21B588E4} - System32\Tasks\Omiga Plus RunAsStdUser = C:\Program Files (x86)\Omiga Plus\omigaplus.exe ==== ATTENTION
Task: {A7D5FC90-1670-4F46-84FA-67EA629C69B1} - System32\Tasks\Desk 365 RunAsStdUser = C:\Program Files (x86)\Desk 365\desk365.exe ==== ATTENTION
Task: {D75A319D-A157-4F1D-AE1E-E7B9AA222B03} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2306570727-782624759-3568690002-1000UA = C:\Users\Asia\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-26] (Facebook Inc.)
Task: {F4375FF6-E017-495E-88BB-351EBBCB569D} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv = C:\Windows\TEMP\{7313D1CB-C1F1-43BD-804B-44323AD3F75A}.exe
Task: {F53D2BBF-33B3-4079-B991-648F91CD2657} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv = C:\Windows\TEMP\{01DEBA00-F8E7-46CE-BBF5-2ED1CA4783CE}.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job = C:\Windows\TEMP\{01DEBA00-F8E7-46CE-BBF5-2ED1CA4783CE}.exe ==== ATTENTION
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job = C:\Windows\TEMP\{7313D1CB-C1F1-43BD-804B-44323AD3F75A}.exe ==== ATTENTION
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2306570727-782624759-3568690002-1000Core.job = C:\Users\Asia\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2306570727-782624759-3568690002-1000UA.job = C:\Users\Asia\AppData\Local\Facebook\Update\FacebookUpdate.exe
HKLM-x32\...\Run: [HP Software Update] = C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [37296 2012-03-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DATAMNGR] = C:\PROGRA~2\SEARCH~1\Datamngr\DATAMN~2.EXE
HKLM-x32\...\Run: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-2306570727-782624759-3568690002-1000\...\Run: [Facebook Update] = C:\Users\Asia\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-01-26] (Facebook Inc.)
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=dsts=1409426147from=coruid=ST9320310AS_5WV0NDT1XXXX5WV0NDT1q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=dsts=1409426147from=coruid=ST9320310AS_5WV0NDT1XXXX5WV0NDT1q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=dsts=1409426147from=coruid=ST9320310AS_5WV0NDT1XXXX5WV0NDT1q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=dsts=1409426147from=coruid=ST9320310AS_5WV0NDT1XXXX5WV0NDT1q={searchTerms}
HKU\S-1-5-21-2306570727-782624759-3568690002-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?type=dsts=1418846457from=wpm12173uid=ST9320310AS_5WV0NDT1XXXX5WV0NDT1q={searchTerms}
HKU\S-1-5-21-2306570727-782624759-3568690002-1000\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www2.delta-search.com/?babsrc=HP_ssmntrId=36A07C4FB573B1F9affID=119357tsp=4990
HKU\S-1-5-21-2306570727-782624759-3568690002-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?type=dsts=1418846457from=wpm12173uid=ST9320310AS_5WV0NDT1XXXX5WV0NDT1q={searchTerms}
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=iebgct=dsappid=706systemid=406v=a14976-115apn_uid=1335211274154170apn_dtid=BND406o=APN10645apn_ptnrs=AG6q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {159F7EF6-BEC2-40B3-82C4-0AB40BAF9CCB} URL = http://www.bing.com/search?q={searchTerms}form=TSHMDFpc=MATMsrc=IE-SearchBox
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=iebgct=dsappid=706systemid=406v=a14976-115apn_uid=1335211274154170apn_dtid=BND406o=APN10645apn_ptnrs=AG6q={searchTerms}
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}SearchSource=4ctid=CT1098640
SearchScopes: HKU\S-1-5-21-2306570727-782624759-3568690002-1000 - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=iebgct=dsappid=706systemid=406v=a14976-115apn_uid=1335211274154170apn_dtid=BND406o=APN10645apn_ptnrs=AG6q={searchTerms}
SearchScopes: HKU\S-1-5-21-2306570727-782624759-3568690002-1000 - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-2306570727-782624759-3568690002-1000 - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.searchgol.com/?q={searchTerms}babsrc=SP_ss_Btisdt7mntrId=36A07C4FB573B1F9affID=119357tsp=4990
SearchScopes: HKU\S-1-5-21-2306570727-782624759-3568690002-1000 - {159F7EF6-BEC2-40B3-82C4-0AB40BAF9CCB} URL =
SearchScopes: HKU\S-1-5-21-2306570727-782624759-3568690002-1000 - {21F09F12-0113-45A7-BC8E-A936E62DC58B} URL = http://websearch.ask.com/redirect?client=ietb=ORJo=100000027src=kwq={searchTerms}locale=en_USapn_ptnrs=^U3apn_dtid=^OSJ000^YY^PLapn_uid=DB97A2C8-2204-4CDA-836C-BB362B1CF5AAapn_sauid=246984AA-9911-49FD-8776-A912C8ED4A5A
SearchScopes: HKU\S-1-5-21-2306570727-782624759-3568690002-1000 - {52A00DAF-B296-4EC5-A4EF-516CAC2B2F65} URL = http://rover.ebay.com/rover/1/4908-44618-9400-8/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-2306570727-782624759-3568690002-1000 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=iebgct=dsappid=706systemid=406v=a14976-115apn_uid=1335211274154170apn_dtid=BND406o=APN10645apn_ptnrs=AG6q={searchTerms}
SearchScopes: HKU\S-1-5-21-2306570727-782624759-3568690002-1000 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}SearchSource=4ctid=CT1098640
SearchScopes: HKU\S-1-5-21-2306570727-782624759-3568690002-1000 - {CB19B22E-F616-426A-AE52-260559039E1B} URL = http://www.amazon.co.uk/gp/search?ie=UTF8keywords={searchTerms}tag=tochibauk-win7-ie-search-21index=blendedlinkCode=ur2
BHO-x32: Search-Results Toolbar - {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\PROGRA~2\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll No File
BHO-x32: No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
BHO-x32: Strong Signal - {c723a437-2eaf-466d-a95b-3fa0966bf88c} - C:\Program Files (x86)\Strong Signal\Extensions\c723a437-2eaf-466d-a95b-3fa0966bf88c.dll No File
Toolbar: HKLM-x32 - Search-Results Toolbar - {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\PROGRA~2\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll No File
Toolbar: HKU\S-1-5-21-2306570727-782624759-3568690002-1000 - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
FF SearchPlugin: C:\Users\Asia\AppData\Roaming\Mozilla\Firefox\Profiles\am4c48g1.default\searchplugins\Ask.xml [2014-08-08]
FF SearchPlugin: C:\Users\Asia\AppData\Roaming\Mozilla\Firefox\Profiles\am4c48g1.default\searchplugins\askcom.xml [2012-05-04]
FF SearchPlugin: C:\Users\Asia\AppData\Roaming\Mozilla\Firefox\Profiles\am4c48g1.default\searchplugins\askcomsearch.xml [2013-06-05]
FF SearchPlugin: C:\Users\Asia\AppData\Roaming\Mozilla\Firefox\Profiles\am4c48g1.default\searchplugins\babylon.xml [2013-07-01]
FF SearchPlugin: C:\Users\Asia\AppData\Roaming\Mozilla\Firefox\Profiles\am4c48g1.default\searchplugins\delta.xml [2013-07-01]
FF SearchPlugin: C:\Users\Asia\AppData\Roaming\Mozilla\Firefox\Profiles\am4c48g1.default\searchplugins\Search_Results.xml [2013-06-16]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\Ask.xml [2014-08-08]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml [2015-03-07]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\delta-homes.xml [2014-12-17]
FF Extension: Strong Signal - C:\Users\Asia\AppData\Roaming\Mozilla\Firefox\Profiles\am4c48g1.default\Extensions\{02df6ed9-d89d-425c-afc3-3a79ad6ce5ef}.xpi [2015-03-07]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Asia\AppData\Roaming\Mozilla\Firefox\Profiles\am4c48g1.default\extensions\faststartff@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [shortcutff@gmail.com] - C:\Users\Asia\AppData\Roaming\Mozilla\Firefox\Profiles\am4c48g1.default\extensions\shortcutff@gmail.com
CHR HKLM-x32\...\Chrome\Extension: [jbajpeofkjjeiamcglnmldoboonfkiol] - C:\Program Files (x86)\Search Results Toolbar\Datamngr\chromeExtension.crx [Not Found]
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [485376 2014-12-16] (Fuyu LIMITED) [File not signed]
R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [424624 2015-01-12] (Taiwan Shui Mu Chih Ching Technology Limited.) ==== ATTENTION
S2 Util Clock Hand; "C:\Program Files (x86)\Clock Hand\bin\utilClockHand.exe" [X]
S2 Util Round World; "C:\Program Files (x86)\Round World\bin\utilRoundWorld.exe" [X]
R1 {7f21ea28-929b-4f19-b057-483d53f11b0d}w64; C:\Windows\System32\drivers\{7f21ea28-929b-4f19-b057-483d53f11b0d}w64.sys [48784 2015-03-06] (StdLib)
R1 {8f5b8fd1-2f96-4fbf-974b-7f28fa0f93d7}Gw64; C:\Windows\System32\drivers\{8f5b8fd1-2f96-4fbf-974b-7f28fa0f93d7}Gw64.sys [48784 2015-03-06] (StdLib)
R1 {a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64; C:\Windows\System32\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64.sys [61120 2014-06-11] (StdLib)
U3 a5ydcpb6; C:\Windows\System32\Drivers\a5ydcpb6.sys [0] (Advanced Micro Devices) ==== ATTENTION (zero size file/folder)
U3 ad3krfm0; C:\Windows\System32\Drivers\ad3krfm0.sys [0] (Advanced Micro Devices) ==== ATTENTION (zero size file/folder)
S1 iSafeKrnlMon; \\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [X]
2013-06-26 21:44 - 2014-06-23 20:13 - 0003730 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.


(Dzieciakm) #3

 wygląda na to że pomogło wielki dzięki. A coś jeszcze mam zrobić coś usunąć itp?


(Acorus) #4

Skasuj folder C:\FRST