Pomoc w usunieciu strong signal ads

[koras90]

Witam,

Podczas przeglądania stron internetowych wyskakuje mnóstwo reklam spowodowanych przez Strong Signal Ads.
Dołączam logi ze skanowania.

[ordynat]

1) Odinstaluj ten program:
Winamp Full 5.666.3516 Packages (HKU\S-1-5-21-1524802706-1411095962-1550111973-1000\...\Winamp Full 5.666.3516 Packages) (Version: - ) <==== ATTENTION

2) Użyj Adw-Cleaner http://www.programosy.pl/program,adwcleaner.html
najpierw kliknij na SZUKAJ (SCAN), a dopiero po zakończeniu skanowania, gdy uaktywni się przycisk USUŃ (CLEANING), to kliknij na niego.

3) Otwórz Notatnik i wklej w nim:

2015-03-22 12:35 - 2015-08-20 12:27 - 01196816 _____ () C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\PluginContainer.exe
2015-03-22 12:36 - 2015-08-20 12:28 - 00706320 _____ () C:\Program Files\Common Files\0780f478-67ce-4ec3-98db-39a65f4618ce\updater.exe
2015-08-20 12:28 - 2015-08-20 12:28 - 01375504 _____ () C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugins\3\plugin.exe
2015-08-20 12:28 - 2015-08-20 12:28 - 01182992 _____ () C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugins\6\plugin.exe
2015-08-20 12:28 - 2015-08-20 12:28 - 00760592 _____ () C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugins\12\plugin.exe
2015-08-20 12:28 - 2015-08-20 12:28 - 01873680 _____ () C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugins\2\plugin.exe
2015-08-20 13:46 - 2015-08-20 13:46 - 01380624 _____ () C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugins\8\plugin.exe
2015-08-20 13:46 - 2015-08-20 13:46 - 01045264 _____ () C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugins\7\plugin.exe
2015-08-20 13:51 - 2015-08-20 13:51 - 01371408 _____ () C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugins\5\plugin.exe
C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce
C:\Program Files\Common Files\0780f478-67ce-4ec3-98db-39a65f4618ce
2014-10-04 04:38 - 2015-08-20 13:15 - 00128240 _____ () C:\ProgramData\d7a0fe93-7bf3-4f3d-89c3-fe4e144b2eb8\maintainer.exe
2014-08-07 12:00 - 2014-08-07 12:00 - 0575544 _____ (ClickMeIn Limited) C:\Users\Dariusz\AppData\Local\nsxA2FA.tmp
Task: {33DD0D84-DA78-4192-858B-F52D7322E5B8} - \APSnotifierPP3 -> No File <==== ATTENTION
Task: {46E5BE5B-E0B6-4690-9201-0C00984E5130} - System32\Tasks\{49CAB9FD-D95C-4A7E-9D7B-CA59CA575D05} => pcalua.exe -a D:\Install.exe -d D:\
Task: {4C5CFC42-6D44-4666-9545-30C4712758CD} - \APSnotifierPP2 -> No File <==== ATTENTION
Task: {D134CBC6-4F7B-4FCE-9AEE-9F2F16BB4648} - \APSnotifierPP1 -> No File <==== ATTENTION
Reg: reg delete "HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f
C:\Users\Dariusz\Downloads\SpyHunter-Installer.exe
2015-07-25 12:30 - 2014-10-05 12:10 - 00000000 ____D C:\Program Files\Elex-tech
2015-07-25 12:21 - 2015-07-16 14:02 - 00000000 ____D C:\Program Files\WinZipper
2015-07-24 11:50 - 2015-07-16 14:02 - 00000000 ____D C:\Users\Dariusz\AppData\Roaming\WinZipper
S3 AgereSoftModem; system32\DRIVERS\AGRSM.sys [X]
R1 {1d7d694e-604c-4da2-9100-b2601d3a1c57}Gt; C:\Windows\System32\drivers\{1d7d694e-604c-4da2-9100-b2601d3a1c57}Gt.sys [55832 2015-01-25] (StdLib)
R1 {4cff408a-d9e7-47c3-a711-95133fcf7f45}Gt; C:\Windows\System32\drivers\{4cff408a-d9e7-47c3-a711-95133fcf7f45}Gt.sys [55832 2015-01-19] (StdLib)
R1 {5c281c6e-0132-4ac6-ad9d-d1d95d218412}Gt; C:\Windows\System32\drivers\{5c281c6e-0132-4ac6-ad9d-d1d95d218412}Gt.sys [55832 2015-01-24] (StdLib)
R1 {6e9af5d3-a8f9-4461-ad38-1433888f55dc}Gt; C:\Windows\System32\drivers\{6e9af5d3-a8f9-4461-ad38-1433888f55dc}Gt.sys [55832 2015-01-18] (StdLib)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [545280 2015-07-16] (Windows SysTool) [File not signed] <==== ATTENTION
C:\ProgramData\WindowsMangerProtect
C:\Windows\System32\drivers\{1d7d694e-604c-4da2-9100-b2601d3a1c57}Gt.sys
C:\Windows\System32\drivers\{4cff408a-d9e7-47c3-a711-95133fcf7f45}Gt.sys
C:\Windows\System32\drivers\{5c281c6e-0132-4ac6-ad9d-d1d95d218412}Gt.sys
C:\Windows\System32\drivers\{6e9af5d3-a8f9-4461-ad38-1433888f55dc}Gt.sys
R2 IHProtect Service; C:\Program Files\MiuiTab\ProtectService.exe [125112 2015-07-15] (XTab system)
R2 MaintainerSvc2.02.5636706; C:\ProgramData\d7a0fe93-7bf3-4f3d-89c3-fe4e144b2eb8\maintainer.exe [128240 2015-08-20] ()
R2 Service Mgr StrongSignal; C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\PluginContainer.exe [1196816 2015-08-20] ()
R2 Update Mgr StrongSignal; C:\Program Files\Common Files\0780f478-67ce-4ec3-98db-39a65f4618ce\updater.exe [706320 2015-08-20] ()
C:\Program Files\MiuiTab
CHR HKLM\...\Chrome\Extension: [ihhaakklggjmcmdokfikbibobllfponc] - C:\Program Files\Crawler Toolbar\Chrome\crawlertbr_chr.crx <not found>
CHR Extension: (Strong Signal) - C:\Users\Dariusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pimbeodheinjfgijbdifopkjoonifdap [2015-08-19]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\omiga-plus.xml [2015-03-12]
FF Extension: Browsers App - C:\Users\Dariusz\AppData\Roaming\Mozilla\Firefox\Profiles\p5hpa73g.default\Extensions\herman.thorne45@outlook.com [2015-03-11]
FF Extension: Site Matcher - C:\Users\Dariusz\AppData\Roaming\Mozilla\Firefox\Profiles\p5hpa73g.default\Extensions\sitematcher_srcs@sitematcher_srcs.com [2014-07-31]
FF Extension: CouponDownloader - C:\Users\Dariusz\AppData\Roaming\Mozilla\Firefox\Profiles\p5hpa73g.default\Extensions\j004-efxyrmbzyotmaw@jetpack.xpi [2014-07-28]
FF Extension: Express Find - C:\Users\Dariusz\AppData\Roaming\Mozilla\Firefox\Profiles\p5hpa73g.default\Extensions\{3b6f34b9-1a26-44a4-9d9d-8a370a3aae4a}.xpi [2015-03-20]
FF SelectedSearchEngine: omiga-plus
HKU\S-1-5-21-1524802706-1411095962-1550111973-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?type=hp&ts=1437047933&z=3ed9e42c63284510ed16166g1z1c7m5eezem3t5ccb&from=wpm07163&uid=WDCXWD1200BEVT-35ZCT0_WD-WXEX08D8139581395
HKU\S-1-5-21-1524802706-1411095962-1550111973-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1421605734&from=cor&uid=WDCXWD1200BEVT-35ZCT0_WD-WXEX08D8139581395&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch. language="javaScript">location.href="hxxp://tplinkextender.net/";</script>web/?type=dspp&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch. language="javaScript">location.href="hxxp://tplinkextender.net/";</script>web/?type=dspp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1524802706-1411095962-1550111973-1000 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1524802706-1411095962-1550111973-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1524802706-1411095962-1550111973-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1524802706-1411095962-1550111973-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1524802706-1411095962-1550111973-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1524802706-1411095962-1550111973-1000 -> {7767EFD8-7E9E-40F7-A4BC-30842151AB20} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1524802706-1411095962-1550111973-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1524802706-1411095962-1550111973-1000 -> {szukaj.gazeta.pl} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
BHO: GoodTab Class -> {1F91A9A1-01BA-4c81-863D-3BA0751E1419} -> C:\Program Files\MiuiTab\SupTab.dll [2015-07-15] (Thinkgood Co. Limited)
BHO: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files\XTab\SupTab.dll No File
BHO: Strong Signal -> {c723a437-2eaf-466d-a95b-3fa0966bf88c} -> C:\Program Files\Strong Signal\Extensions\c723a437-2eaf-466d-a95b-3fa0966bf88c.dll No File
BHO: CouponDownloader -> {c817d3d8-b9da-521d-971d-2c0a747ea697} -> C:\Program Files\C78087A8-C960-4464-A618-3D351DF6C0D7\gohymlmtrh.dll [2014-07-28] ()
BHO: Express Find -> {d39539bb-f65e-4088-a9d1-6e5f01a42a3e} -> C:\Program Files\Express Find\Extensions\d39539bb-f65e-4088-a9d1-6e5f01a42a3e.dll No File
Toolbar: HKU\S-1-5-21-1524802706-1411095962-1550111973-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-homes.com/?type=hp&ts=1437047933&z=3ed9e42c63284510ed16166g1z1c7m5eezem3t5ccb&from=wpm07163&uid=WDCXWD1200BEVT-35ZCT0_WD-WXEX08D8139581395
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.delta-homes.com/web/?type=ds&ts=1432126101&z=dc264b591fcf2e869d1fcbagdz7c0o3g3o9q9e1tct&from=wpm05203&uid=WDCXWD1200BEVT-35ZCT0_WD-WXEX08D8139581395&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?type=hp&ts=1437047933&z=3ed9e42c63284510ed16166g1z1c7m5eezem3t5ccb&from=wpm07163&uid=WDCXWD1200BEVT-35ZCT0_WD-WXEX08D8139581395
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.delta-homes.com/web/?type=ds&ts=1432126101&z=dc264b591fcf2e869d1fcbagdz7c0o3g3o9q9e1tct&from=wpm05203&uid=WDCXWD1200BEVT-35ZCT0_WD-WXEX08D8139581395&q={searchTerms}
HKU\S-1-5-21-1524802706-1411095962-1550111973-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1421605734&from=cor&uid=WDCXWD1200BEVT-35ZCT0_WD-WXEX08D8139581395&q={searchTerms}
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST.exe
Uruchom FRST i kliknij przycisk Fix.


----------------------
Jeśli będzie OK, to będziemy kończyć:
Otwórz Notatnik i wklej w nim:

DeleteQuarantine:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST. Uruchom FRST i kliknij w Fix.
przez SHIFT+DEL usuń pozostały folder C:\FRST.

W Adw-Cleaner kliknij na przycisk Odinstaluj (UNINSTALL).

.
=================

Jeśli natomiast problem nie zniknie, to przeinstalujesz przeglądarkę, na której to jeszcze będzie.

[AdamPL234]

Radze zapamiętać by zawsze być ostrożnym przed instalacją programów typu: Freeware oraz Shareware. Bo programy takiego rodzaju zawsze mogą zawierać instalacje reklam czy niechcianego oprogramowania. Najgorsze rzeczy pobierają menedżery pobierania.