Elektroda.pl
Elektroda.pl
X
CControls
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

So-v.com jako strona startowa.

cinek13 15 Mar 2016 18:45 435 2
  • CControls
  • #2 16 Mar 2016 02:09
    krzychupar
    Poziom 40  

    Otwórz notatnik systemowy i wklej:
    Task: {76BBBAF3-6B2E-4E77-A261-89E2942912B5} - System32\Tasks\{226305CA-C51A-4265-9349-B43CAF3F2CF1} => pcalua.exe -a E:\setup.exe -d E:\
    Task: {97FD9704-54F5-44BE-8E5A-7E943A79CB7B} - System32\Tasks\{7609B692-8702-43B4-B528-0890070F8FE8} => pcalua.exe -a C:\Users\user\Downloads\SecureW2_EAP_Suite_200_CE.exe -d C:\Users\user\Downloads
    Task: {A48185A3-0BDD-4AAD-A083-109BDC97ACEF} - System32\Tasks\AdobeAAMUpdater-1.0-user-Komputer-user => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
    Task: {DC908BDD-A91F-47C6-88FC-DCD10857C5A4} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-08] (Lenovo)
    ShortcutWithArgument: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.so-v.com/?type=ll&uid=813b6cfa-96ae-4efd-8ea4-5567d585d0c8
    HKLM\...\Run: [] => [X]
    HKU\S-1-5-21-2396846969-3739738235-342228827-1000\...\Run: [AdobeBridge] => [X]
    HKU\S-1-5-21-2396846969-3739738235-342228827-1000\...\Run: [Akamai NetSession Interface] => "C:\Users\user\AppData\Local\Akamai\netsession_win.exe"
    HKU\S-1-5-21-2396846969-3739738235-342228827-1000\...\Policies\Explorer: []
    HKU\S-1-5-21-2396846969-3739738235-342228827-1000\...\MountPoints2: E - E:\setup.exe
    HKU\S-1-5-21-2396846969-3739738235-342228827-1000\...\MountPoints2: {46a9aec1-b900-11e5-b664-6c626d342919} - E:\setup.exe
    GroupPolicy: Ograniczenia - Chrome <======= UWAGA
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&...D5000BPVT-22HXZT3_WD-WXS1A81Y0418Y0418&q={searchTerms}
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&...D5000BPVT-22HXZT3_WD-WXS1A81Y0418Y0418&q={searchTerms}
    HKU\S-1-5-21-2396846969-3739738235-342228827-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank




    SearchScopes: HKU\S-1-5-21-2396846969-3739738235-342228827-1000 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.mystartsearch.com/web/?utm_source=...418&ts=1435687968&type=default&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2396846969-3739738235-342228827-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.mystartsearch.com/web/?utm_source=...418&ts=1435687968&type=default&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2396846969-3739738235-342228827-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.mystartsearch.com/web/?utm_source=...418&ts=1435687968&type=default&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2396846969-3739738235-342228827-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://www.mystartsearch.com/web/?utm_source=...418&ts=1435687968&type=default&q={searchTerms}
    FF DefaultSearchEngine: so-v
    FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fmcsg5sf.default\searchplugins\so-v.xml [2016-03-05]
    FF HKLM\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fmcsg5sf.default\extensions\deskCutv2@gmail.com => nie znaleziono
    FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-11-16]
    S3 BTMCOM; System32\Drivers\btmcom.sys [X]
    2016-03-13 10:50 - 2016-03-13 10:50 - 00000000 ____D C:\Users\user\AppData\Roaming\atpdraw
    2016-03-05 11:08 - 2016-03-05 11:08 - 00001092 __RSH C:\ProgramData\ntuser.pol
    2016-02-14 20:07 - 2014-10-22 14:46 - 00000000 ____D C:\Users\user\AppData\Roaming\FileZilla
    EmptyTemp:

    Plik zapisz pod nazwą fixlist.txt i umieść w folderze C:\Users\user\Desktop\FRST.exe
    Uruchom FRST i kliknij w Fix/Napraw.

    0
  • CControls
  • #3 16 Mar 2016 19:27
    cinek13
    Poziom 16  

    Działą. Dzięki za pomoc.

    0