Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

so-v.com - jak usunąć to zagrożenie?

TeaFlame 20 Mar 2016 13:11 369 1
  • #2 20 Mar 2016 13:22
    krzychupar
    Poziom 40  

    Odinstaluj:
    SpyHunter

    Otwórz notatnik systemowy i wklej:
    Task: {90636DC2-95BD-4D9B-90E7-F467340D8119} - System32\Tasks\{7BCC78AA-0FC5-4699-98EE-D19D91182E29} => pcalua.exe -a C:\Users\Wiesiek\AppData\Roaming\do-search\UninstallManager.exe -c -ptid=cor
    Hosts:
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKU\S-1-5-21-2540687710-709756554-1522232558-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
    SearchScopes: HKLM -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL =
    SearchScopes: HKLM-x32 -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
    SearchScopes: HKLM-x32 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
    SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2540687710-709756554-1522232558-1001 -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2540687710-709756554-1522232558-1001 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2540687710-709756554-1522232558-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
    S3 SpyHunter 4 Service; C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4Service.exe [327064 2010-05-18] (Enigma Software Group USA, LLC.)
    2016-03-15 18:57 - 2016-03-15 18:57 - 00000000 ____D C:\Users\Wiesiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
    2016-03-15 18:57 - 2016-03-15 18:57 - 00000000 ____D C:\sh4ldr
    2016-03-15 18:57 - 2016-03-15 18:57 - 00000000 ____D C:\Program Files (x86)\Enigma Software Group
    2016-03-15 18:56 - 2016-03-15 18:57 - 00000000 ____D C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
    2016-03-15 17:30 - 2016-03-15 17:30 - 00000000 _____ C:\autoexec.bat
    2016-03-15 17:28 - 2016-03-15 17:28 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
    EmptyTemp:

    Plik zapisz pod nazwą fixlist.txt i umieść w folderze gdzie znajduje się FRST.exe
    Uruchom FRST i kliknij w Fix/Napraw.

    0