Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Wirus w przeglądarce? so-v.com

xWilqu 05 Mar 2016 16:44 1491 3
  • #1 05 Mar 2016 16:44
    xWilqu
    Poziom 8  

    Witam.

    Rano włączając przeglądarkę wyskoczyła mi wyszukiwarka so-v.com. od razu ściągnąłem ADWcleaner. Niby go usunął, ale problem nadal występuje. Mianowice
    gdy wpisuje coś w pasku adresu wyszukiwanie odbywa się przez so-v.com

    Wirus w przeglądarce? so-v.com

    Kolejna sprawa.
    Gdy chcę zmienić wyszukiwarkę w ustawieniach chrome, moim oczom ukazuję następujący komunikat: "O tym ustawieniu decyduje administrator"

    Wirus w przeglądarce? so-v.com

    Wirus w przeglądarce? so-v.com


    Liczę na Was !

    0 3
  • Pomocny post
    #2 05 Mar 2016 16:47
    Kolobos
    Spec od komputerów

    Obok frst.exe utworz plik fixlist.txt z zawartoscia:
    Task: {1A98B2C2-E7B9-4C93-BB2D-F13CA9F7F943} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
    Task: {2155D164-6D44-4A9D-AF60-234AE554E358} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
    Task: {36DB9E4F-8E59-462A-91F5-F311ED2A5709} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
    Task: {4C4E014F-9BD7-4E60-B6CE-53FD4DDDFA19} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
    Task: {4D2833FB-1F5B-4312-ADC1-9D803EA65FC2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
    Task: {5A53AD4D-94FD-491B-8487-FBA3D8A4D118} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
    Task: {6234F089-A2FF-4287-9A60-135AD9F32A48} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
    Task: {7711D3EA-C37F-496D-8B5A-2A4D80BED24C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
    Task: {8108152A-C187-4CEB-807B-37D40D48C018} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
    Task: {852D6FDC-D00D-4113-960C-77211E1BEACF} - System32\Tasks\Opera scheduled Autoupdate 1447197899 => C:\Program Files (x86)\Opera\launcher.exe [2016-03-01] (Opera Software
    Task: {AB3BD6B0-3718-423C-90E7-E8E53468FB81} - System32\Tasks\GameNet => C:\Program Files (x86)\QGNA\qGNA.exe
    Task: {DE517632-1CFA-461B-BBB8-2633327F4466} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
    Task: {EA32DF52-8FAC-4754-93E8-28A802611015} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
    Task: {EB59570B-9C6A-43AD-8748-7ECA6C5B5B7D} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
    HKU\S-1-5-21-639878128-1914113224-3881086900-1001\...\Run: [Norton Download Manager{NIS2250400-SHPD-FSD51083}] => C:\Users\Public\Downloads\Norton\{NIS2250400-SHPD-FSD51083}\FSDUI_Custom.exe /m /SHOWONECLICK /WIN10_UPGRADE "C:\Users\Wolf\AppData\Local\Temp\{F6915F1E-76EE-4AB0-86A5-BA69ACB40DD6}\Upgrade.exe" <===== ATTENTION
    GroupPolicy: Restriction - Chrome <======= ATTENTION
    StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.so-v.com/?type=ll&uid=8544cab6-3e28-4f1f-aad9-1450c8185ba1
    CHR HomePage: Profile 1 -> mysearch.avg.com/?rvt=1
    CHR DefaultSearchURL: Profile 1 -> hxxps://mysearch.avg.com/search?rvt=1&sap=dsp&q={searchTerms}
    CHR DefaultSearchKeyword: Profile 1 -> https://mysearch.avg.com
    CHR DefaultSuggestURL: Profile 1 -> hxxps://toolbar.avg.com/acp?q={searchTerms}&o=1
    StartMenuInternet: (HKLM) OperaStable - C:\Program Files (x86)\Opera\Launcher.exe hxxp://www.so-v.com/?type=ll&uid=8544cab6-3e28-4f1f-aad9-1450c8185ba1
    S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
    2016-03-05 13:52 - 2016-03-05 16:48 - 00001331 _____ C:\Users\Wolf\Desktop\Norton Installation Files.lnk
    2016-03-05 11:14 - 2016-03-05 16:57 - 00000000 ____D C:\AdwCleaner
    EmptyTemp:

    W FRST wybierz Napraw.

    Usun katalog C:\FRST.

    0
  • Pomocny post
    #3 05 Mar 2016 17:18
    Acorus 20
    Spec od komputerów

    Otwórz notatnik systemowy i wklej:

    Cytat:
    Task: {1A98B2C2-E7B9-4C93-BB2D-F13CA9F7F943} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
    Task: {2155D164-6D44-4A9D-AF60-234AE554E358} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
    Task: {36DB9E4F-8E59-462A-91F5-F311ED2A5709} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
    Task: {4C4E014F-9BD7-4E60-B6CE-53FD4DDDFA19} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
    Task: {4D2833FB-1F5B-4312-ADC1-9D803EA65FC2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
    Task: {5A53AD4D-94FD-491B-8487-FBA3D8A4D118} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
    Task: {6234F089-A2FF-4287-9A60-135AD9F32A48} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
    Task: {7711D3EA-C37F-496D-8B5A-2A4D80BED24C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
    Task: {8108152A-C187-4CEB-807B-37D40D48C018} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
    Task: {852D6FDC-D00D-4113-960C-77211E1BEACF} - System32\Tasks\Opera scheduled Autoupdate 1447197899 => C:\Program Files (x86)\Opera\launcher.exe [2016-03-01] (Opera Software)
    Task: {AB3BD6B0-3718-423C-90E7-E8E53468FB81} - System32\Tasks\GameNet => C:\Program Files (x86)\QGNA\qGNA.exe
    Task: {DE517632-1CFA-461B-BBB8-2633327F4466} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
    Task: {EA32DF52-8FAC-4754-93E8-28A802611015} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
    Task: {EB59570B-9C6A-43AD-8748-7ECA6C5B5B7D} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
    GroupPolicy: Restriction - Chrome <======= ATTENTION
    HKU\S-1-5-21-639878128-1914113224-3881086900-1001\...\Run: [Norton Download Manager{NIS2250400-SHPD-FSD51083}] => C:\Users\Public\Downloads\Norton\{NIS2250400-SHPD-FSD51083}\FSDUI_Custom.exe /m /SHOWONECLICK /WIN10_UPGRADE "C:\Users\Wolf\AppData\Local\Temp\{F6915F1E-76EE-4AB0-86A5-BA69ACB40DD6}\Upgrade.exe" <===== ATTENTION
    StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.so-v.com/?type=ll&uid=8544cab6-3e28-4f1f-aad9-1450c8185ba1
    CHR HomePage: Profile 1 -> mysearch.avg.com/?rvt=1
    CHR DefaultSearchURL: Profile 1 -> hxxps://mysearch.avg.com/search?rvt=1&sap=dsp&q={searchTerms}
    CHR DefaultSearchKeyword: Profile 1 -> https://mysearch.avg.com
    CHR DefaultSuggestURL: Profile 1 -> hxxps://toolbar.avg.com/acp?q={searchTerms}&o=1
    CHR Extension: (AVG Secure Search) - C:\Users\Wolf\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2016-03-05]
    StartMenuInternet: (HKLM) OperaStable - C:\Program Files (x86)\Opera\Launcher.exe hxxp://www.so-v.com/?type=ll&uid=8544cab6-3e28-4f1f-aad9-1450c8185ba1
    S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
    2016-03-05 11:14 - 2016-03-05 16:57 - 00000000 ____D C:\AdwCleaner
    EmptyTemp:


    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom jako administrator FRST i kliknij w Fix/Napraw.

    0
  • #4 05 Mar 2016 17:54
    xWilqu
    Poziom 8  

    Dzięki za pomoc.
    Problem rozwiązany.
    Wirus w przeglądarce? so-v.com

    0