Usunięcie Strong Signal

lusiaaam · 1 Marzec 2015 19:37

Witam,

potrzebuję pomocy w usunięciu Strong Signal. Przeczytałam, że należy ściągnąć i zainstalować Farbar Recovery Scan Tool. Tak też zrobiłam i nacisnęłam ‘scan’.

Link do raportu FRST

http://wklej.to/4rZ9Z

i Addition

http://wklej.to/NJq7S

Proszę o pomoc!

krzych5610 · 1 Marzec 2015 19:39

Pobierz na pulpit Adwcleaner - https://toolslib.net…d/1-adwcleaner/

Po uruchomieniu wykonaj polecenia scan i cleaning. Pokaż raport.

Pokaż aktualne raporty FRST i Addition.

Wszystkie raporty umieszczasz na http://wklej.org/

Na forum podajesz tylko wklejki.

lusiaaam · 1 Marzec 2015 19:58

Przepraszam, ale nie mam pojęcia co to są te wklejki.

Raport Adwcleanera : http://wklej.org/id/1652158/

Raport FRST: http://wklej.org/id/1652163/

Addition: http://wklej.org/id/1652164/

krzych5610 · 1 Marzec 2015 20:28

Odinstaluj ( Dodaj / Usuń programy ) - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

Wklej do systemowego notatnika i zapisz jako fixlist:

CloseProcesses: (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe HKU\S-1-5-21-3959723216-3981987401-1054325455-1000…\MountPoints2: {2c2ce76c-5526-11e4-9828-806e6f6e6963} - D:\LV5T_Deluxe.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.) GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.<!— Page(page_ppp_no_server)=[] —><HTML><HEAD><META HTTP-EQUIV=“Content-Type” CONTENT=“text/html; charset=UTF-8”><META HTTP-EQUIV=“EXPIRES” CONTENT=“Tue, 17 Feb 2015 21:26:55 GMT”><META HTTP-EQUIV=“CACHE-CONTROL” CONTENT=“NO-CACHE”><META HTTP-EQUIV="PRNz?d???f&.com/?type=hppp&ts=1423166522&from=cor&uid=SAMSUNGXHM321HI_S265J90Z834999834999 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.<!— Page(page_ppp_no_server)=[] —><HTML><HEAD><META HTTP-EQUIV=“Content-Type” CONTENT=“text/html; charset=UTF-8”><META HTTP-EQUIV=“EXPIRES” CONTENT=“Tue, 17 Feb 2015 21:26:55 GMT”><META HTTP-EQUIV=“CACHE-CONTROL” CONTENT=“NO-CACHE”><META HTTP-EQUIV="PRNz?d???f&.com/?type=hppp&ts=1423166522&from=cor&uid=SAMSUNGXHM321HI_S265J90Z834999834999 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.<!— Page(page_ppp_no_server)=[] —><HTML><HEAD><META HTTP-EQUIV=“Content-Type” CONTENT=“text/html; charset=UTF-8”><META HTTP-EQUIV=“EXPIRES” CONTENT=“Tue, 17 Feb 2015 21:26:55 GMT”><META HTTP-EQUIV=“CACHE-CONTROL” CONTENT=“NO-CACHE”><META HTTP-EQUIV="PRNz?d???f&.com/?type=hppp&ts=1423166522&from=cor&uid=SAMSUNGXHM321HI_S265J90Z834999834999 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.<!— Page(page_ppp_no_server)=[] —><HTML><HEAD><META HTTP-EQUIV=“Content-Type” CONTENT=“text/html; charset=UTF-8”><META HTTP-EQUIV=“EXPIRES” CONTENT=“Tue, 17 Feb 2015 21:26:55 GMT”><META HTTP-EQUIV=“CACHE-CONTROL” CONTENT=“NO-CACHE”><META HTTP-EQUIV="PRNz?d???f&.com/?type=hppp&ts=1423166522&from=cor&uid=SAMSUNGXHM321HI_S265J90Z834999834999 HKU\S-1-5-21-3959723216-3981987401-1054325455-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.<!— Page(page_ppp_no_server)=[] —><HTML><HEAD><META HTTP-EQUIV=“Content-Type” CONTENT=“text/html; charset=UTF-8”><META HTTP-EQUIV=“EXPIRES” CONTENT=“Tue, 17 Feb 2015 21:26:55 GMT”><META HTTP-EQUIV=“CACHE-CONTROL” CONTENT=“NO-CACHE”><META HTTP-EQUIV="PRNz?d???f&.com/web/?type=dspp&ts=1423166522&from=cor&uid=SAMSUNGXHM321HI_S265J90Z834999834999&q={searchTerms} HKU\S-1-5-21-3959723216-3981987401-1054325455-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.<!— Page(page_ppp_no_server)=[] —><HTML><HEAD><META HTTP-EQUIV=“Content-Type” CONTENT=“text/html; charset=UTF-8”><META HTTP-EQUIV=“EXPIRES” CONTENT=“Tue, 17 Feb 2015 21:26:55 GMT”><META HTTP-EQUIV=“CACHE-CONTROL” CONTENT=“NO-CACHE”><META HTTP-EQUIV="PRNz?d???f&.com/?type=hppp&ts=1423166522&from=cor&uid=SAMSUNGXHM321HI_S265J90Z834999834999 HKU\S-1-5-21-3959723216-3981987401-1054325455-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.<!— Page(page_ppp_no_server)=[] —><HTML><HEAD><META HTTP-EQUIV=“Content-Type” CONTENT=“text/html; charset=UTF-8”><META HTTP-EQUIV=“EXPIRES” CONTENT=“Tue, 17 Feb 2015 21:26:55 GMT”><META HTTP-EQUIV=“CACHE-CONTROL” CONTENT=“NO-CACHE”><META HTTP-EQUIV="PRNz?d???f&.com/?type=hppp&ts=1423166522&from=cor&uid=SAMSUNGXHM321HI_S265J90Z834999834999 HKU\S-1-5-21-3959723216-3981987401-1054325455-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.<!— Page(page_ppp_no_server)=[] —><HTML><HEAD><META HTTP-EQUIV=“Content-Type” CONTENT=“text/html; charset=UTF-8”><META HTTP-EQUIV=“EXPIRES” CONTENT=“Tue, 17 Feb 2015 21:26:55 GMT”><META HTTP-EQUIV=“CACHE-CONTROL” CONTENT=“NO-CACHE”><META HTTP-EQUIV="PRNz?d???f&.com/web/?type=dspp&ts=1423166522&from=cor&uid=SAMSUNGXHM321HI_S265J90Z834999834999&q={searchTerms} SearchScopes: HKU.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3959723216-3981987401-1054325455-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.<!— Page(page_ppp_no_server)=[] —><HTML><HEAD><META HTTP-EQUIV=“Content-Type” CONTENT=“text/html; charset=UTF-8”><META HTTP-EQUIV=“EXPIRES” CONTENT=“Tue, 17 Feb 2015 21:26:55 GMT”><META HTTP-EQUIV=“CACHE-CONTROL” CONTENT=“NO-CACHE”><META HTTP-EQUIV="PRNz?d???f&.com/web/?type=dspp&ts=1423166522&from=cor&uid=SAMSUNGXHM321HI_S265J90Z834999834999&q={searchTerms} BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.) FF Homepage: hxxp://www.<!— Page(page_ppp_no_server)=[] —><HTML><HEAD><META HTTP-EQUIV=“Content-Type” CONTENT=“text/html; charset=UTF-8”><META HTTP-EQUIV=“EXPIRES” CONTENT=“Tue, 17 Feb 2015 21:26:55 GMT”><META HTTP-EQUIV=“CACHE-CONTROL” CONTENT=“NO-CACHE”><META HTTP-EQUIV="PRNz?d???f&.com/?type=hppp&ts=1423166522&from=cor&uid=SAMSUNGXHM321HI_S265J90Z834999834999 FF SearchPlugin: C:\Users\Ola\AppData\Roaming\Mozilla\Firefox\Profiles\54l3s2yg.default\searchplugins\key-find.xml FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-01-28] FF HKU\S-1-5-21-3959723216-3981987401-1054325455-1000…\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found] S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.) S3 VGPU; System32\drivers\rdvgkmd.sys [X] 2015-03-01 20:43 - 2015-03-01 20:45 - 00000000 ____D () C:\AdwCleaner 2015-02-28 14:51 - 2015-03-01 20:47 - 00001038 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-02-28 14:51 - 2015-03-01 19:56 - 00001042 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-02-28 14:51 - 2015-02-28 14:51 - 00004038 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-02-28 14:51 - 2015-02-28 14:51 - 00003786 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore key-find uninstall (HKLM-x32…\key-find uninstall) (Version: - key-find) <==== ATTENTION! McAfee Security Scan Plus (HKLM…\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.) Strong Signal (HKLM-x32…\Strong Signal) (Version: 2.0.5514.19469 - Strong Signal) <==== ATTENTION! Hosts: EmptyTemp: Plik fixlist umieść obok skanera FRST. Uruchom skaner i wykonaj polecenie FIX. Po restarcie pokaż fixlog i aktualny raport FRST.

lusiaaam · 1 Marzec 2015 20:54

Fixlog: http://wklej.org/id/1652219/

Raport FRST: http://wklej.org/id/1652220/

krzych5610 · 1 Marzec 2015 21:39

Wklej do systemowego notatnika i zapisz jako fixlist:

CloseProcesses: HKLM…\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-09] (Realtek Semiconductor) GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.<!— Page(page_ppp_no_server)=[] —><HTML><HEAD><META HTTP-EQUIV=“Content-Type” CONTENT=“text/html; charset=UTF-8”><META HTTP-EQUIV=“EXPIRES” CONTENT=“Tue, 17 Feb 2015 21:26:55 GMT”><META HTTP-EQUIV=“CACHE-CONTROL” CONTENT=“NO-CACHE”><META HTTP-EQUIV="PRNz?d???f&.com/?type=hppp&ts=1423166522&from=cor&uid=SAMSUNGXHM321HI_S265J90Z834999834999 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.<!— Page(page_ppp_no_server)=[] —><HTML><HEAD><META HTTP-EQUIV=“Content-Type” CONTENT=“text/html; charset=UTF-8”><META HTTP-EQUIV=“EXPIRES” CONTENT=“Tue, 17 Feb 2015 21:26:55 GMT”><META HTTP-EQUIV=“CACHE-CONTROL” CONTENT=“NO-CACHE”><META HTTP-EQUIV="PRNz?d???f&.com/?type=hppp&ts=1423166522&from=cor&uid=SAMSUNGXHM321HI_S265J90Z834999834999 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.<!— Page(page_ppp_no_server)=[] —><HTML><HEAD><META HTTP-EQUIV=“Content-Type” CONTENT=“text/html; charset=UTF-8”><META HTTP-EQUIV=“EXPIRES” CONTENT=“Tue, 17 Feb 2015 21:26:55 GMT”><META HTTP-EQUIV=“CACHE-CONTROL” CONTENT=“NO-CACHE”><META HTTP-EQUIV="PRNz?d???f&.com/?type=hppp&ts=1423166522&from=cor&uid=SAMSUNGXHM321HI_S265J90Z834999834999 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.<!— Page(page_ppp_no_server)=[] —><HTML><HEAD><META HTTP-EQUIV=“Content-Type” CONTENT=“text/html; charset=UTF-8”><META HTTP-EQUIV=“EXPIRES” CONTENT=“Tue, 17 Feb 2015 21:26:55 GMT”><META HTTP-EQUIV=“CACHE-CONTROL” CONTENT=“NO-CACHE”><META HTTP-EQUIV="PRNz?d???f&.com/?type=hppp&ts=1423166522&from=cor&uid=SAMSUNGXHM321HI_S265J90Z834999834999 HKU\S-1-5-21-3959723216-3981987401-1054325455-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.<!— Page(page_ppp_no_server)=[] —><HTML><HEAD><META HTTP-EQUIV=“Content-Type” CONTENT=“text/html; charset=UTF-8”><META HTTP-EQUIV=“EXPIRES” CONTENT=“Tue, 17 Feb 2015 21:26:55 GMT”><META HTTP-EQUIV=“CACHE-CONTROL” CONTENT=“NO-CACHE”><META HTTP-EQUIV="PRNz?d???f&.com/web/?type=dspp&ts=1423166522&from=cor&uid=SAMSUNGXHM321HI_S265J90Z834999834999&q={searchTerms} HKU\S-1-5-21-3959723216-3981987401-1054325455-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.<!— Page(page_ppp_no_server)=[] —><HTML><HEAD><META HTTP-EQUIV=“Content-Type” CONTENT=“text/html; charset=UTF-8”><META HTTP-EQUIV=“EXPIRES” CONTENT=“Tue, 17 Feb 2015 21:26:55 GMT”><META HTTP-EQUIV=“CACHE-CONTROL” CONTENT=“NO-CACHE”><META HTTP-EQUIV="PRNz?d???f&.com/?type=hppp&ts=1423166522&from=cor&uid=SAMSUNGXHM321HI_S265J90Z834999834999 HKU\S-1-5-21-3959723216-3981987401-1054325455-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.<!— Page(page_ppp_no_server)=[] —><HTML><HEAD><META HTTP-EQUIV=“Content-Type” CONTENT=“text/html; charset=UTF-8”><META HTTP-EQUIV=“EXPIRES” CONTENT=“Tue, 17 Feb 2015 21:26:55 GMT”><META HTTP-EQUIV=“CACHE-CONTROL” CONTENT=“NO-CACHE”><META HTTP-EQUIV="PRNz?d???f&.com/?type=hppp&ts=1423166522&from=cor&uid=SAMSUNGXHM321HI_S265J90Z834999834999 HKU\S-1-5-21-3959723216-3981987401-1054325455-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.<!— Page(page_ppp_no_server)=[] —><HTML><HEAD><META HTTP-EQUIV=“Content-Type” CONTENT=“text/html; charset=UTF-8”><META HTTP-EQUIV=“EXPIRES” CONTENT=“Tue, 17 Feb 2015 21:26:55 GMT”><META HTTP-EQUIV=“CACHE-CONTROL” CONTENT=“NO-CACHE”><META HTTP-EQUIV="PRNz?d???f&.com/web/?type=dspp&ts=1423166522&from=cor&uid=SAMSUNGXHM321HI_S265J90Z834999834999&q={searchTerms} SearchScopes: HKU.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3959723216-3981987401-1054325455-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.<!— Page(page_ppp_no_server)=[] —><HTML><HEAD><META HTTP-EQUIV=“Content-Type” CONTENT=“text/html; charset=UTF-8”><META HTTP-EQUIV=“EXPIRES” CONTENT=“Tue, 17 Feb 2015 21:26:55 GMT”><META HTTP-EQUIV=“CACHE-CONTROL” CONTENT=“NO-CACHE”><META HTTP-EQUIV="PRNz?d???f&.com/web/?type=dspp&ts=1423166522&from=cor&uid=SAMSUNGXHM321HI_S265J90Z834999834999&q={searchTerms} FF Homepage: hxxp://www.<!— Page(page_ppp_no_server)=[] —><HTML><HEAD><META HTTP-EQUIV=“Content-Type” CONTENT=“text/html; charset=UTF-8”><META HTTP-EQUIV=“EXPIRES” CONTENT=“Tue, 17 Feb 2015 21:26:55 GMT”><META HTTP-EQUIV=“CACHE-CONTROL” CONTENT=“NO-CACHE”><META HTTP-EQUIV="PRNz?d???f&.com/?type=hppp&ts=1423166522&from=cor&uid=SAMSUNGXHM321HI_S265J90Z834999834999 FF SearchPlugin: C:\Users\Ola\AppData\Roaming\Mozilla\Firefox\Profiles\54l3s2yg.default\searchplugins\key-find.xml FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-01-28] FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found] S3 VGPU; System32\drivers\rdvgkmd.sys [X] 2015-03-01 20:43 - 2015-03-01 21:03 - 00000000 ____D () C:\AdwCleaner 2015-02-28 14:51 - 2015-03-01 21:05 - 00001038 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-02-28 14:51 - 2015-03-01 20:56 - 00001042 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-02-28 14:51 - 2015-02-28 14:51 - 00004038 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-02-28 14:51 - 2015-02-28 14:51 - 00003786 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore EmptyTemp: Plik fixlist umieść obok skanera FRST. Uruchom skaner i wykonaj polecenie FIX. Po restarcie usuń fixlog i C:\FRST. Pobierz na pulpit Roguekiller ( Wszystkie wersje / we 64 bit ) - http://www.dobreprogramy.pl/RogueKiller,Program,Windows,39028.html Wyłącz program antywirusowy i uruchom jako daministrator Roguekiller. Skaner wykona skan wstępny i poprosi po zatwierdzeniu o wykonaniu skanu pełnego. Po zakończeniu skanowania zaznacz do usunięcia pozycje oznaczone na czerwono.

lusiaaam · 1 Marzec 2015 22:51

I to powinno już załatwić sprawę?

krzych5610 · 2 Marzec 2015 07:38

Tak. Strong Signal został usunięty przez Adwcleaner-a. FRST to kosmetyka.

Uruchom Mozillę -> Menu / Otwórz menu pomoc (?) /Informacje dla pomocy technicznej // Dostrój Firefoxa.

Uwaga: Dostrojenie ustawi Firefox w wersji domyślnej. Musisz ponownie zainstalować rozszerzenia i wtyczki.

lusiaaam · 4 Marzec 2015 14:32

Wielkie dzięki za pomoc:)