Zrobiłam już logi z FRST:
Aktualizacje na programosy.pl:
Microsoft Safety Scanner • Kaspersky Virus Removal Tool • Dr.WEB CureIt! • K7 UltimateSecurity • Alternate Task Manager • Loom – Video Recorder for Chrome • reaConverter Lite • Alternate File Shredder • Prey
-
- Ogłoszenie:
Strong signal ads - jak się pozbyć?
3 posty(ów) • Strona 1 z 1
Strong signal ads - jak się pozbyć?
przez Katherine 26 Kwi 2015, 10:28
Zrobiłam już logi z FRST:
- Załączniki
-
FRST.txt- (55.97 KiB) Ściągnięto 24 razy
-
- Addition.txt
- (31.25 KiB) Ściągnięto 36 razy
Strong signal ads - jak się pozbyć?
przez ordynat 26 Kwi 2015, 11:16
1) Odinstaluj te programy:
2) Użyj Adw-Cleaner http://www.programosy.pl/program,adwcleaner.html
najpierw kliknij na SZUKAJ (SCAN), a dopiero po zakończeniu skanowania, gdy uaktywni się przycisk USUŃ (CLEANING), to kliknij na niego.
3) Otwórz Notatnik i wklej w nim:
Plik zapisz pod nazwą fixlist.txt i umieść obok FRST.exe
Uruchom FRST i kliknij przycisk Fix.
----------------------
Jeśli będzie OK, to będziemy kończyć:
Otwórz Notatnik i wklej w nim:
Plik zapisz pod nazwą fixlist.txt i umieść obok FRST. Uruchom FRST i kliknij w Fix.
przez SHIFT+DEL usuń pozostały folder C:\FRST.
W Adw-Cleaner kliknij na przycisk Odinstaluj (UNINSTALL).
.
PC Data App (HKLM-x32\...\PCData App) (Version: - ) <==== ATTENTION
ss helper 1.74 (HKLM-x32\...\SP_eea72b4f) (Version: - ) <==== ATTENTION
2) Użyj Adw-Cleaner http://www.programosy.pl/program,adwcleaner.html
najpierw kliknij na SZUKAJ (SCAN), a dopiero po zakończeniu skanowania, gdy uaktywni się przycisk USUŃ (CLEANING), to kliknij na niego.
3) Otwórz Notatnik i wklej w nim:
BHO-x32: Strong Signal -> {c723a437-2eaf-466d-a95b-3fa0966bf88c} -> C:\Program Files (x86)\Strong Signal\Extensions\c723a437-2eaf-466d-a95b-3fa0966bf88c.dll No File
C:\Program Files (x86)\Strong Signal
CHR Extension: (Strong Signal) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aamaaompokdjbebnfbcfobpkklfkmddp [2015-03-16]
Task: {2F102DED-3A62-4F1A-B180-30E38667747E} - System32\Tasks\OptimizerProUpdaterTask{FA624614-B3EC-43D6-B2CE-D09A8282D730} => C:\ProgramData\Premium\OptimizerPro\OptimizerPro.exe <==== ATTENTION
C:\ProgramData\Premium
Task: {35900BF3-9D17-4513-92C6-0FAAAA0007AA} - System32\Tasks\BitGuard => Sc.exe start BitGuard <==== ATTENTION
Task: {605FE76A-B26A-481B-B030-8B1B77D0230C} - System32\Tasks\Searchya => C:\Users\acer\AppData\Roaming\Searchya\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
C:\Users\acer\AppData\Roaming\Searchya
Task: {719D3639-5D1F-421A-87D1-20D931ED8F5A} - System32\Tasks\ROC_JAN2013_TB_rmv => C:\Program Files (x86)\AVG Secure Search\PostInstall\ROC.exe
C:\Program Files (x86)\AVG Secure Search
Task: C:\windows\Tasks\ROC_JAN2013_TB_rmv.job => C:\Program Files (x86)\AVG Secure Search\PostInstall\ROC.exe
Task: C:\windows\Tasks\OptimizerProUpdaterTask{FA624614-B3EC-43D6-B2CE-D09A8282D730}.job => C:\ProgramData\Premium\OptimizerPro\OptimizerPro.exeI/schedule /profilepath C:\ProgramData\Premium\OptimizerPro\profile.ini <==== ATTENTION
Reg: reg delete "HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f
HKLM-x32\...\Run: [fst_pl_107] => [X]
HKLM-x32\...\Run: [DApp] => C:\Program Files\PCDApp\start.vbs [178 2014-04-10] ()
AppInit_DLLs: c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll => c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll File Not Found
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-2920931274-1917813200-694548064-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type=hp&ts=1399489052&from=amt&uid=WDCXWD3200BPVT-22ZEST0_WD-WXB1A31M9721M9721
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type=hp&ts=1399489052&from=amt&uid=WDCXWD3200BPVT-22ZEST0_WD-WXB1A31M9721M9721
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?type=ds&ts=1399489052&from=amt&uid=WDCXWD3200BPVT-22ZEST0_WD-WXB1A31M9721M9721&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?type=ds&ts=1399489052&from=amt&uid=WDCXWD3200BPVT-22ZEST0_WD-WXB1A31M9721M9721&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp&ts=1399489052&from=amt&uid=WDCXWD3200BPVT-22ZEST0_WD-WXB1A31M9721M9721
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp&ts=1399489052&from=amt&uid=WDCXWD3200BPVT-22ZEST0_WD-WXB1A31M9721M9721
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?type=ds&ts=1399489052&from=amt&uid=WDCXWD3200BPVT-22ZEST0_WD-WXB1A31M9721M9721&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?type=ds&ts=1399489052&from=amt&uid=WDCXWD3200BPVT-22ZEST0_WD-WXB1A31M9721M9721&q={searchTerms}
KU\S-1-5-21-2920931274-1917813200-694548064-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp&ts=1399489052&from=amt&uid=WDCXWD3200BPVT-22ZEST0_WD-WXB1A31M9721M9721
HKU\S-1-5-21-2920931274-1917813200-694548064-1000\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www2.delta-search.com/?affID=121845&tt=gc_&babsrc=HP_ss&mntrId=22F268A3C4D9071A
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.searchya.com/?q={searchTerms}&f=4&a=grupo1y&cd=2XzuyEtN2Y1L1Qzu0BzzyBtD0FyEzzzztA0CzyzyyEtBtD0CtN0D0Tzu0CyEtCyCtN1L2XzutBtFtBtFtCtFyDtDtAtN1L1Czu1N1C2Y1E1FtC2U&cr=5560273&ir=
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.searchya.com/?q={searchTerms}&f=4&a=grupo1y&cd=2XzuyEtN2Y1L1Qzu0BzzyBtD0FyEzzzztA0CzyzyyEtBtD0CtN0D0Tzu0CyEtCyCtN1L2XzutBtFtBtFtCtFyDtDtAtN1L1Czu1N1C2Y1E1FtC2U&cr=5560273&ir=
SearchScopes: HKLM-x32 -> {26398CFB-6762-1A2C-F6A3-73F81F8900D7} URL = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?type=ds&ts=1399489052&from=amt&uid=WDCXWD3200BPVT-22ZEST0_WD-WXB1A31M9721M9721&q={searchTerms}
SearchScopes: HKLM-x32 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.mocaflix.com/?l=1&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2920931274-1917813200-694548064-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?type=ds&ts=1399489052&from=amt&uid=WDCXWD3200BPVT-22ZEST0_WD-WXB1A31M9721M9721&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2920931274-1917813200-694548064-1000 -> bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-2920931274-1917813200-694548064-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www2.delta-search.com/?q={searchTerms}&affID=121845&tt=gc_&babsrc=SP_ss&mntrId=22F268A3C4D9071A
SearchScopes: HKU\S-1-5-21-2920931274-1917813200-694548064-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?type=ds&ts=1399489052&from=amt&uid=WDCXWD3200BPVT-22ZEST0_WD-WXB1A31M9721M9721&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2920931274-1917813200-694548064-1000 -> {6F1F3642-1B5D-45F3-7D66-2D7B15E0236E} URL =
SearchScopes: HKU\S-1-5-21-2920931274-1917813200-694548064-1000 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.mocaflix.com/?l=1&q={searchTerms}
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://istart.webssearches.com/?type=sc&ts=1399489052&from=amt&uid=WDCXWD3200BPVT-22ZEST0_WD-WXB1A31M9721M9721
CHR RestoreOnStartup: Default -> "hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=bg_616_bl-is-16__alt__ddc_dsssyc_bd_com"
CHR StartupUrls: Default -> "hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=bg_616_bl-is-16__alt__ddc_dsssyc_bd_com"
CHR HKLM-x32\...\Chrome\Extension: [akihmjkdohejiidjeeppnnccegjafnna] - C:\ProgramData\SaveAs\akihmjkdohejiidjeeppnnccegjafnna.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [Not Found]
S2 ProtectMonitor; C:\Program Files\PCDApp\StartHelp.exe [97113 2014-05-02] () [File not signed] <==== ATTENTION
S2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe -service [X]
C:\windows\Minidump\042515-27658-01.dmp
C:\windows\Minidump\042215-25287-01.dmp
C:\windows\Minidump\041915-25615-01.dmp
C:\windows\Minidump\041815-46893-01.dmp
C:\windows\Minidump\041615-80980-01.dmp
C:\windows\Minidump\032915-35505-01.dmp
C:\windows\Minidump\032815-35053-01.dmp
EmptyTemp:
Plik zapisz pod nazwą fixlist.txt i umieść obok FRST.exe
Uruchom FRST i kliknij przycisk Fix.
----------------------
Jeśli będzie OK, to będziemy kończyć:
Otwórz Notatnik i wklej w nim:
DeleteQuarantine:
Plik zapisz pod nazwą fixlist.txt i umieść obok FRST. Uruchom FRST i kliknij w Fix.
przez SHIFT+DEL usuń pozostały folder C:\FRST.
W Adw-Cleaner kliknij na przycisk Odinstaluj (UNINSTALL).
.
- ordynat
- ~user
- Posty: 4765
- Dołączenie: 02 Kwi 2010, 11:18
- Pochwały: 866
Strong signal ads - jak się pozbyć?
przez Katherine 26 Kwi 2015, 17:50
wszystko działa! 
wielkie dzięki <3
wielkie dzięki <3
3 posty(ów) • Strona 1 z 1
Kto jest na forum
Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 2 gości