Strong signal. proszę o pomoc

[westerngold]

Wirus chyba już dobrze znany na tym forym. Nie mogę sobie z nim poradzić. Proszę, pomógłby mi ktoś się tego pozbyć?

[ordynat]

Zrób logi z FRST > http://forum.programosy.pl/frst-otl-zoek-vt139692.html
Przed skanem zaznacz "Additional"

[westerngold]

Logi zrobione

[ordynat]

Otwórz Notatnik i wklej w nim:

2015-03-21 21:36 - 2015-08-24 10:17 - 00708880 _____ () C:\Program Files (x86)\Common Files\0780f478-67ce-4ec3-98db-39a65f4618ce\updater.exe
2015-03-21 21:35 - 2015-08-24 10:23 - 01202448 _____ () C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\PluginContainer.exe
2015-08-24 10:22 - 2015-08-24 10:22 - 01878288 _____ () C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugins\2\plugin.exe
2015-08-24 10:22 - 2015-08-24 10:22 - 01366288 _____ () C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugins\3\plugin.exe
2015-08-24 10:22 - 2015-08-24 10:22 - 00907536 _____ () C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugins\4\plugin.exe
2015-08-24 10:22 - 2015-08-24 10:22 - 01369872 _____ () C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugins\5\plugin.exe
2015-08-24 10:22 - 2015-08-24 10:22 - 01045776 _____ () C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugins\7\plugin.exe
2015-08-24 10:22 - 2015-08-24 10:22 - 00752400 _____ () C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugins\12\plugin.exe
2015-08-23 21:46 - 2015-08-23 21:46 - 01188624 _____ () C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugins\6\plugin.exe
C:\Program Files (x86)\Common Files\0780f478-67ce-4ec3-98db-39a65f4618ce
C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce
BHO-x32: Strong Signal -> {c723a437-2eaf-466d-a95b-3fa0966bf88c} -> C:\Program Files (x86)\Strong Signal\Extensions\c723a437-2eaf-466d-a95b-3fa0966bf88c.dll No File
CHR Extension: (Strong Signal) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhenmccifbacmpkimjenglmplcpiehke [2015-08-23]
R2 Service Mgr StrongSignal; C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\PluginContainer.exe [1202448 2015-08-24] ()
R2 Update Mgr StrongSignal; C:\Program Files (x86)\Common Files\0780f478-67ce-4ec3-98db-39a65f4618ce\updater.exe [708880 2015-08-24] ()
Reg: reg delete "HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f
CustomCLSID: HKU\S-1-5-21-1158114498-668093066-885307042-1002_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Simona\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1158114498-668093066-885307042-1002_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Simona\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1158114498-668093066-885307042-1002_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Simona\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1158114498-668093066-885307042-1002_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Simona\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1158114498-668093066-885307042-1002_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Simona\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
Task: {EC05187B-BDF7-422D-956A-2C37DE1E1E6F} - System32\Tasks\{DBCAA3D9-855E-48A4-A183-6BA0E93BE7E5} => pcalua.exe -a C:\Users\Simona\Desktop\nfs\sd4hide.exe -d C:\Users\Simona\Desktop\nfs
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.search.yahoo.com/?fr=hp-ddc-bd&type=bl-bir-is__alt__ddc_dsssyc_bd_com
HKU\S-1-5-21-1158114498-668093066-885307042-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.search.yahoo.com/?fr=hp-ddc-bd&type=bl-bir-is__alt__ddc_dsssyc_bd_com
HKU\S-1-5-21-1158114498-668093066-885307042-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.search.yahoo.com/?fr=hp-ddc-bd&type=bl-bir-is__alt__ddc_dsssyc_bd_com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=bl-bir-is__alt__ddc_dss_bd_com&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=bl-bir-is__alt__ddc_dss_bd_com&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1158114498-668093066-885307042-1001 -> DefaultScope {C5BCF4D5-30F2-47FA-86CD-E815FC4F88B9} URL = hxxp://de.search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=bl-bir-is__alt__ddc_dss_bd_com&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1158114498-668093066-885307042-1001 -> {C5BCF4D5-30F2-47FA-86CD-E815FC4F88B9} URL = hxxp://de.search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=bl-bir-is__alt__ddc_dss_bd_com&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1158114498-668093066-885307042-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=bl-bir-is__alt__ddc_dss_bd_com&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1158114498-668093066-885307042-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=bl-bir-is__alt__ddc_dss_bd_com&p={searchTerms}
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll [No File]
OPR StartupUrls: "hxxp://de.search.yahoo.com/?fr=hp-ddc-bd&type=bl-bcr-is__alt__ddc_dsssyc_bd_com"
OPR Extension: (Strong Signal) - C:\Users\Simona\AppData\Roaming\Opera Software\Opera Stable\Extensions\fhenmccifbacmpkimjenglmplcpiehke [2015-08-15]
S2 Update Dynamo Combo; "C:\Program Files (x86)\Dynamo Combo\updateDynamoCombo.exe" [X]
S3 VCService; "C:\Program Files\Sony\VAIO Care\VCService.exe" [X]
S3 ewusbmbb; \SystemRoot\system32\DRIVERS\ewusbwwan.sys [X]
S3 ew_hwusbdev; \SystemRoot\system32\DRIVERS\ew_hwusbdev.sys [X]
S3 huawei_enumerator; \SystemRoot\System32\drivers\ew_jubusenum.sys [X]
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST.exe
Uruchom FRST i kliknij przycisk Fix.


----------------------
Jeśli będzie OK, to będziemy kończyć:
Otwórz Notatnik i wklej w nim:

DeleteQuarantine:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST. Uruchom FRST i kliknij w Fix.
przez SHIFT+DEL usuń pozostały folder C:\FRST.

W Adw-Cleaner kliknij na przycisk Odinstaluj (UNINSTALL).

.
=================

Jeśli natomiast problem nie zniknie, to przeinstalujesz przeglądarkę, na której to jeszcze będzie.
.

Autor postu otrzymał pochwałę

[westerngold]

Wygląda na to, że problem zniknął.
Dziękuję bardzo