Strong signal


(Jaroslaw Kucharski) #1

jak w temacie - http://wklej.org/id/1649683/

 


(Acorus) #2

Brak loga Addition.txt


(Jaroslaw Kucharski) #3

http://wklej.org/id/1650077/

czy o to chodzi?


(Atis) #4

Zaznacz GFI Software Firewall NDIS IM Filter i kliknij Uninstall.

To połączenie wykorzystuje następujące składniki::

http://windows.microsoft.com/pl-pl/windows7/change-tcp-ip-settings

W panelu sterowania odinstaluj:

FLV Player Packages

McAfee Security Scan Plus

Norton Online Backup

Strong Signal

STOPzilla

Pobierz i uruchom AdwCleaner Kliknij Scan i później Cleaning.

Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :

CloseProcesses:
HKU\S-1-5-21-1723553978-2802888846-1565877305-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.interia.pl/#utm_source=instalki&utm_medium=installer&utm_campaign=instalki
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.interia.pl/#utm_source=instalki&utm_medium=installer&utm_campaign=instalki
HKU\S-1-5-21-1723553978-2802888846-1565877305-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.interia.pl/#utm_source=instalki&utm_medium=installer&utm_campaign=instalki
SearchScopes: HKU\S-1-5-21-1723553978-2802888846-1565877305-1001 -> {E88E0043-C9D4-4e33-8555-FEE4F5B63060} URL = http://go.mail.ru/search?q={searchTerms}&utf8in=1&fr=ietb
Toolbar: HKU\S-1-5-21-1723553978-2802888846-1565877305-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-1723553978-2802888846-1565877305-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
FF Extension: Fast Start - C:\Users\Jarek\AppData\Roaming\Mozilla\Firefox\Profiles\lut1n8fv.default-1400512899921\Extensions\1422630586_xpi [2015-01-30]
FF Extension: Fast Start - C:\Users\Jarek\AppData\Roaming\Mozilla\Firefox\Profiles\lut1n8fv.default-1400512899921\Extensions\1423040732_xpi [2015-02-04]
FF Extension: Security Protection - C:\Users\Jarek\AppData\Roaming\Mozilla\Firefox\Profiles\lut1n8fv.default-1400512899921\Extensions\detgdp@gmail.com [2014-12-29]
FF Extension: Strong Signal - C:\Users\Jarek\AppData\Roaming\Mozilla\Firefox\Profiles\lut1n8fv.default-1400512899921\Extensions\{9ee10050-a207-4c90-b7d8-9d3059940ab5}.xpi [2015-02-04]
FF Extension: ArcaBit Ext. - C:\Program Files (x86)\Mozilla Firefox\extensions\arcabit@www.arcabit.pl [2014-05-10]
FF HKLM-x32\...\Firefox\Extensions: [detgdp@gmail.com] - C:\Users\Jarek\AppData\Roaming\Mozilla\Firefox\Profiles\lut1n8fv.default-1400512899921\extensions\detgdp@gmail.com
CHR DefaultSearchKeyword: Default -> omiga-plus
CHR DefaultSearchURL: Default -> http://isearch.omiga-plus.com/web/?type=ds&ts=1423040724&from=cor&uid=WDCXWD5000BEVT-22A0RT0_WD-WX41A901890818908&q={searchTerms}
CHR Extension: (Strong Signal) - C:\Users\Jarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibaohalbkhkpimmjlhbkpingcigmpffa [2015-02-04]
S4 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 SBAMSvc; C:\Program Files (x86)\STOPzilla\SBAMSvc.exe [3937472 2014-01-07] (ThreatTrack Security, Inc.)
R2 sz7; C:\Program Files (x86)\STOPzilla\SZServer.exe [1530160 2015-02-09] (iS3, Inc.)
R2 Update Mgr StrongSignal; C:\Program Files (x86)\Common Files\0780f478-67ce-4ec3-98db-39a65f4618ce\updater.exe [388856 2015-02-27] ()
S2 Service Mgr StrongSignal; "C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugincontainer.exe" [X]
S3 EsgScanner; system32\DRIVERS\EsgScanner.sys [X]
S3 k57nd60a; system32\DRIVERS\k57nd60a.sys [X]
S3 RSUSBSTOR; System32\Drivers\RtsUStor.sys [X]
S3 usbbus; system32\DRIVERS\lgx64bus.sys [X]
S3 USBModem; system32\DRIVERS\lgx64modem.sys [X]
2015-02-27 18:07 - 2015-02-27 18:07 - 00000000 ____ D () C:\Users\Jarek\Downloads\FRST-OlderVersion
2015-02-23 22:07 - 2015-02-23 22:07 - 00000000 _____ () C:\Windows\SysWOW64\shoD9B2.tmp
2015-02-04 23:56 - 2015-02-04 23:56 - 00000000 _____ () C:\Windows\SysWOW64\sho2BB5.tmp
2015-02-04 11:13 - 2015-02-04 11:13 - 01999600 _____ (Elex do Brasil Participações Ltda) C:\Users\Jarek\Downloads\yet_another_cleaner_sk_354996.exe
2015-02-04 10:34 - 2015-02-04 10:58 - 00003338 _____ () C:\Windows\System32\Tasks\SpyHunter4Startup
2015-02-04 10:34 - 2015-02-04 10:34 - 00000000 ____ D () C:\Users\Jarek\AppData\Roaming\Enigma Software Group
2015-02-04 10:33 - 2015-02-04 10:34 - 00000000 ____ D () C:\sh4ldr
2015-02-03 16:01 - 2015-02-03 16:01 - 00000000 ____ D () C:\Users\Jarek\AppData\Local\{757BAB37-89B6-4D63-8977-923D48807370}
2015-01-29 10:08 - 2015-01-29 10:08 - 00000000 _____ () C:\Windows\SysWOW64\sho117F.tmp
2015-02-26 08:55 - 2013-01-15 21:49 - 00000000 ____ D () C:\Users\Jarek\AppData\Roaming\{90140011-0066-0415-0000-0000000FF1CE}
2015-02-04 12:17 - 2014-12-30 16:36 - 00000000 ____ D () C:\AdwCleaner
2013-06-26 19:05 - 2014-04-27 18:48 - 0003730 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
Task: {6FAF42AC-B0C1-4C3E-A87C-2DACEA347347} - No Task path could be read. Access denied. 
Task: {77505A34-539B-4190-86EB-A2D9FDDECA05} - System32\Tasks\{D3656FE7-EF7A-49B8-9D1B-103F05E42C31} => pcalua.exe -a C:\Users\Jarek\Downloads\InstallPlus500(2).exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {78569195-F200-4C6D-B8BD-F68EDBC3C6BC} - System32\Tasks\{D8AF9623-7046-40B8-8736-54D19E3D42C4} => Firefox.exe 
Task: {836225AD-C60A-4EDB-B1E4-B7F99B63626E} - System32\Tasks\{760C37D3-25D3-48A7-9A94-AB3F9F0A33A1} => Firefox.exe 
Task: {8509A3BF-B58E-4F2E-8968-0968DDB7BDE1} - System32\Tasks\{AEC1ED30-5832-4EEA-92EE-B69D26FDFF05} => C:\Users\Jarek\Downloads\InstallPlus500(4).exe [2012-10-26] ()
Task: {8DB37BC4-2715-4854-97D7-9669AA0A6F03} - System32\Tasks\{3A88895A-4E27-47B1-BB69-6E7D73D71A38} => pcalua.exe -a C:\Users\Jarek\Downloads\7diamentow_demo.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {8FAFA230-31C1-456A-859E-184E4BD1CC41} - System32\Tasks\{5496E2AB-C87D-4B8F-9655-F05A0647DCD7} => Firefox.exe 
Task: {9B999177-C3F5-4A00-B880-D60FA3484FDF} - System32\Tasks\{FD8EF315-2569-4CB4-A3A2-7D51D444D42E} => Firefox.exe 
Task: {9EF15E31-3C08-40E2-B52E-CD24320FAF24} - System32\Tasks\{1D5232A4-F111-449E-ABB3-7589E5E60690} => pcalua.exe -a D:\setup.exe -d D:\
Task: {A6986144-EDF0-4A88-8062-D5F76175B4C2} - System32\Tasks\{B2594292-6C09-47CF-B0D9-4D9E46CB9054} => D:\AutoRun.exe [2002-03-12] (Dipl.-Ing. Stefan Krueger <skrueger@installsite.org>)
Task: {B168B0AA-1238-45B2-B4B8-F45EAEB40296} - System32\Tasks\{4217AD4D-0D1B-4190-8C29-04ED8B72599B} => C:\Program Files (x86)\Electronic Arts\Need for Speed(TM) Hot Pursuit\NFSHP_Activator.exe
Task: {B1BEFD48-F159-40FC-A190-2F1E6C0EDE20} - System32\Tasks\{26007414-5868-458D-8119-095978F6E4E5} => C:\Users\Jarek\Downloads\InstallPlus500(4).exe [2012-10-26] ()
Task: {B305225F-E6EF-444A-8F45-1E36D224221E} - System32\Tasks\{D0D4B9CB-71FF-47EA-B81C-B30A814D634B} => C:\Program Files (x86)\Electronic Arts\Need for Speed(TM) Hot Pursuit\NFSHP_Activator.exe
Task: {B40C4493-74E2-4FF3-80C4-94299188E54C} - System32\Tasks\{AC9DDC13-B197-49BA-814F-E86774C8D5D2} => C:\Program Files (x86)\Electronic Arts\Need for Speed(TM) Hot Pursuit\NFSHP_Activator.exe
Task: {BF0989CF-532D-4704-9543-9A1D40D3563C} - System32\Tasks\{9DE195AC-365B-41AA-A75F-2AA301B43BD3} => C:\Users\Jarek\Downloads\InstallPlus500(4).exe [2012-10-26] ()
Task: {BFBA77DF-9B63-45CC-9569-ACAB1344DD66} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2015-02-04] (Enigma Software Group USA, LLC.)
Task: {C44FA746-7558-46C4-A4C4-B00E1FF194B9} - System32\Tasks\{19C90768-E28A-4448-A552-90F3ED35B4FA} => D:\setup.exe
Task: {C7DCC5DF-E5B3-4348-BFAA-4E807D54338D} - System32\Tasks\{26F25126-CA2C-47C6-88A3-BCCC508632F0} => C:\Program Files (x86)\Electronic Arts\Need for Speed(TM) Hot Pursuit\NFSHP_Activator.exe
Task: {CB89F9AF-F12E-4764-9326-44332E233007} - System32\Tasks\{9D841F43-A986-4123-9058-40E39DE267AE} => pcalua.exe -a C:\Users\Jarek\AppData\Local\Temp\free-downloads.net.exe -d "C:\Program Files (x86)\Alcohol Soft\Alcohol 120" -c /s -silent -DefaultSearch=TRUE -StartPage=TRUE -showPersonalCompDialog=FALSE
Task: {CE512509-40F9-46D3-BEEF-46F3A23B08DE} - System32\Tasks\{2E67ACA2-17AA-49F7-844A-F5E57D635EBC} => C:\Users\Jarek\Downloads\InstallPlus500(4).exe [2012-10-26] ()
Task: {CEE990D6-6E73-4EE7-9147-191E17110D06} - System32\Tasks\{267EE1A4-F8F3-4CE0-8590-C973367CD498} => Firefox.exe 
Task: {D45C5939-ADE5-4A3F-8803-A74C003980E8} - System32\Tasks\{562ABCE8-3518-4072-9A72-36FC4C817795} => pcalua.exe -a C:\Users\Jarek\Downloads\7diamentow_demo(2).exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {D8249DC7-708A-41B7-980C-EC4DF76ED17D} - System32\Tasks\{81DB95E2-D73F-47EF-B60A-76B55EE107D6} => C:\Program Files (x86)\Electronic Arts\Need for Speed(TM) Hot Pursuit\NFSHP_Activator.exe
Task: {E2519F60-37AB-4167-A313-E98AD202240D} - System32\Tasks\{03DF92DE-430E-49D3-A940-23614DB3E96F} => C:\Program Files (x86)\Electronic Arts\Need for Speed(TM) Hot Pursuit\NFSHP_Activator.exe
Task: {F33AF7C7-EF26-40F4-BFFA-AE44DBF9D0AC} - System32\Tasks\{96FA63FF-9FBD-4FBC-8380-DDB1EA1392FF} => pcalua.exe -a C:\Users\Jarek\Documents\blood\Blood.exe -d C:\Users\Jarek\Documents\blood
Task: {FC3FA17E-74A3-4866-9D0A-73CDD575228D} - System32\Tasks\{D04EACE7-AA31-4314-818D-BDF1D7B2EBCC} => Firefox.exe 
C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce
C:\Program Files (x86)\Common Files\0780f478-67ce-4ec3-98db-39a65f4618ce
HKU\S-1-5-21-1723553978-2802888846-1565877305-1001\Software\Classes\.exe: exefile => <===== ATTENTION!
HKU\S-1-5-21-1723553978-2802888846-1565877305-1001\Software\Classes\exefile: <===== ATTENTION!
EmptyTemp:

Uruchom FRST i kliknij Fix. Pokaż raport z usuwania Fixlog.

Kliknij Scan i pokaż nowy raport z FRST bez Addition.


(Jaroslaw Kucharski) #5

Niestety, nadal to samo - http://wklej.org/id/1650475/ http://wklej.org/id/1650477/


(Atis) #6

Nie cytuj moich odpowiedzi.

Wyłącz Avasta na czas usuwania.

Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
FF Extension: Strong Signal - C:\Users\Jarek\AppData\Roaming\Mozilla\Firefox\Profiles\lut1n8fv.default-1400512899921\Extensions\{1c00b031-52f0-4616-bdcf-2e1a2c46eb7a}.xpi [2015-02-27]
CHR Extension: (Strong Signal) - C:\Users\Jarek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcdmgnpdjibgflhdpdiadieiellikmge [2015-02-27]
2015-02-27 17:11 - 2015-02-28 10:41 - 00000000 ____ D () C:\Program Files (x86)\STOPzilla
2015-02-27 17:11 - 2015-02-28 10:39 - 00000000 ____ D () C:\ProgramData\STOPzilla!

Uruchom FRST i kliknij Fix. Pokaż raport z usuwania Fixlog.

Kliknij Scan i pokaż nowy raport z FRST bez Addition.


(Jaroslaw Kucharski) #7

http://wklej.org/id/1650664/

Dzięki bardzo!


(Atis) #8

Skasuj folder C:\FRST

Dysk przeskanuj Malwarebytes Anti-Malware

Podczas instalacji usuń zaznaczenie przy Uruchom okres testowy Malwarebytes Anti-Malware Premium.

http://wstaw.org/m/2014/03/25/2014-03-25_123039.png

Język PL > Settings > General Settings > Language > Polish

Przeczytaj w jaki sposób należy instalować programy: KLIK - KLIK - KLIK - KLIK

Odinstaluj:

Adobe Reader XI

Java 6 Update 34

Zainstaluj:

Adobe Reader XI 11.0.10

Java 8 Update 31