Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

www.so-v.com Jak usunąć ?

lukyaz 14 Mar 2016 20:46 645 3
  • #2 14 Mar 2016 21:06
    Kolobos
    Spec od komputerów

    Odinstaluj: SpyHunter 4

    Fixlist.txt dla FRST:
    Task: {18F619C5-4DAD-4CF7-BD85-92E6D6A568D8} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2016-03-14] (Enigma Software Group USA, LLC.)
    Task: {2BD05BA6-988D-4BD3-A9CD-9A39F80AF524} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> Brak pliku <==== UWAGA
    Task: {587E468C-A1F3-4125-979F-E2E0A4310A95} - System32\Tasks\{87669F0A-965D-46B7-91ED-60B58A9FB5B5} => pcalua.exe -a "D:\GRY\Asasin 2\assassins_creed_2_1.01_us.exe" -d "D:\GRY\Asasin 2"
    Task: {5B184694-64C3-4633-94C5-945B3FA561D6} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> Brak pliku <==== UWAGA
    Task: {9F54B95F-5096-4803-AE61-E9B3AC5B616D} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> Brak pliku <==== UWAGA
    Task: {C56A321F-0438-4772-B1FD-CBA8549F2609} - System32\Tasks\{78039F9D-C21D-4EF7-9203-A5D69EDD3A1D} => D:\GRY\Ravia.eu\RaviaMod #Final.exe
    Task: {D05FB443-3393-4DDF-ACA8-1C3A08F81DEF} - System32\Tasks\{BC386EA0-5F3B-4B6C-80DD-B77E1BE5D729} => pcalua.exe -a C:\Users\Łukasz\AppData\Roaming\mystartsearch\UninstallManager.exe -c -ptid=smt
    Task: {D21F6024-191F-4454-BBBC-09A650DA2549} - \Microsoft\Windows\Application Experience\AitAgent -> Brak pliku <==== UWAGA
    ShortcutWithArgument: C:\Users\Łukasz\Desktop\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.so-v.com/?type=ll&uid=2398c6fe-7655-460a-96ea-f9af727f33ba
    ShortcutWithArgument: C:\Users\Łukasz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.so-v.com/?type=ll&uid=2398c6fe-7655-460a-96ea-f9af727f33ba
    ShortcutWithArgument: C:\Users\Łukasz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.so-v.com/?type=ll&uid=2398c6fe-7655-460a-96ea-f9af727f33ba
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.so-v.com/?type=ll&uid=2398c6fe-7655-460a-96ea-f9af727f33ba
    ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.so-v.com/?type=ll&uid=2398c6fe-7655-460a-96ea-f9af727f33ba




    (Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
    HKLM\...\Run: [] => [X]
    HKU\S-1-5-21-4133331468-359560253-2037224312-1001\...\MountPoints2: {04063773-bb88-11e4-a37d-001fd08e038a} - J:\Startme.exe
    HKU\S-1-5-21-4133331468-359560253-2037224312-1001\...\MountPoints2: {0406379c-bb88-11e4-a37d-001fd08e038a} - J:\Startme.exe
    HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2015-02-21] (Microsoft Corporation)
    GroupPolicy: Ograniczenia - Chrome <======= UWAGA
    StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.so-v.com/?type=ll&uid=2398c6fe-7655-460a-96ea-f9af727f33ba
    StartMenuInternet: Google Chrome - C:\Program Files\Google\Chrome\Application\chrome.exe hxxp://www.so-v.com/?type=ll&uid=2398c6fe-7655-460a-96ea-f9af727f33ba
    OPR Extension: (Brak nazwy) - C:\Users\Łukasz\AppData\Roaming\Opera Software\Opera Stable\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan [2015-10-08]
    S2 MustangService_2015_10_10; C:\ProgramData\TempMoudleSet\MustangSer1247.exe [235776 2015-12-15] (MustangService)
    S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [19984 2016-03-14] ()
    U3 a2xms603; C:\Windows\system32\Drivers\a2xms603.sys [0 ] (Microsoft Corporation) <==== UWAGA (zerobajtowy plik/folder)
    U3 aak8zw2u; C:\Windows\system32\Drivers\aak8zw2u.sys [0 ] (Microsoft Corporation) <==== UWAGA (zerobajtowy plik/folder)
    2016-03-14 20:03 - 2016-03-14 20:03 - 00001240 _____ C:\Users\Łukasz\Desktop\SpyHunter.lnk
    2016-03-14 20:03 - 2016-03-14 20:03 - 00000000 ____D C:\Users\Łukasz\AppData\Roaming\Enigma Software Group
    2016-03-14 20:02 - 2016-03-14 20:03 - 00000000 ____D C:\sh4ldr
    2016-03-14 20:01 - 2016-03-14 20:01 - 00019984 _____ C:\Windows\system32\Drivers\EsgScanner.sys
    2016-03-14 20:00 - 2016-03-14 20:00 - 00000000 ____D C:\Program Files\Enigma Software Group
    2016-03-14 19:59 - 2016-03-14 19:59 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\Łukasz\Downloads\SpyHunter-Installer.exe
    2016-03-12 10:47 - 2016-03-12 10:47 - 00000000 ____D C:\ProgramData\TempMoudleSet
    EmptyTemp:

    0
  • #3 14 Mar 2016 21:08
    Rudder
    Poziom 18  

    Pobierz Adwcleaner ze strony producenta przeskanuj i usuń złe pliki. Tak samo zrób z malwarebytes Antimalware- przeskanuj i usuń złe pliki.

    0
  • #4 15 Mar 2016 08:16
    Acorus 20
    Spec od komputerów

    Złe pliki usunie skrypt.

    0