Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Strona startowa Esurf.biz

marius575 01 Gru 2015 17:39 690 1
  • #2 02 Gru 2015 09:54
    Kolobos
    Spec od komputerów

    Odinstaluj: Java(TM) 6 Update 35

    Obok frst.exe utworz plik fixlist.txt z zawartoscia:
    Task: {13C24396-2DC0-403C-951B-B72E5E2BB292} - System32\Tasks\LuckyBrowse => C:\Program Files (x86)\LuckyBrowse\app\luckybrowse.exe <==== UWAGA
    Task: {468003F1-AF69-4E93-96DA-63BF020FFCA5} - System32\Tasks\Beach Extension2 => Rundll32.exe "C:\Users\Mnih\AppData\Local\Beach Extension\{DAF131CE-62EE-36AA-8177-B25DEBB3B04D}\nzjbcwwm.dll",#1
    Task: {B69D500D-2110-407E-8777-CFDCAD57BDF7} - System32\Tasks\Opera scheduled Autoupdate 1415972859 => C:\Program Files (x86)\Opera\launcher.exe [2015-11-16] (Opera Software)
    Task: {D33E6040-7BAC-4447-AAC6-B1F314C32935} - System32\Tasks\Beach Extension => Rundll32.exe "C:\Users\Mnih\AppData\Local\Beach Extension\{DAF131CE-62EE-36AA-8177-B25DEBB3B04D}\BeachExtension.dll",#1
    ShortcutWithArgument: C:\Users\Mnih\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://esurf.biz/?ssid=1448980635&a=1003624" <==== UWAGA
    ShortcutWithArgument: C:\Users\Mnih\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://esurf.biz/?ssid=1448980635&a=1003624" <==== UWAGA
    ShortcutWithArgument: C:\Users\Mnih\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\War Thunder World of Planes\War Thunder.lnk -> E:\Gry\War Thunder World of Planes\launcher.exe (Gaijin Entertainment) -> "hxxp://esurf.biz/?ssid=1448980635&a=1003624" <==== UWAGA
    ShortcutWithArgument: C:\Users\Mnih\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://esurf.biz/?ssid=1448980635&a=1003624" <==== UWAGA
    ShortcutWithArgument: C:\Users\Mnih\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://esurf.biz/?ssid=1448980635&a=1003624" <==== UWAGA
    ShortcutWithArgument: C:\Users\Mnih\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://esurf.biz/?ssid=1448980635&a=1003624" <==== UWAGA
    ShortcutWithArgument: C:\Users\Mnih\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> "hxxp://esurf.biz/?ssid=1448980635&a=1003624" <==== UWAGA
    ShortcutWithArgument: C:\Users\Mnih\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Opera 25.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software) -> "hxxp://esurf.biz/?ssid=1448980635&a=1003624" <==== UWAGA
    ShortcutWithArgument: C:\Users\Public\Desktop\War Thunder.lnk -> E:\Gry\War Thunder World of Planes\launcher.exe (Gaijin Entertainment) -> "hxxp://esurf.biz/?ssid=1448980635&a=1003624" <==== UWAGA
    HKLM\...\Policies\Explorer: [2274518486]
    HKLM\...\Policies\Explorer: [2011989272]
    BootExecute: autocheck autochk * sdnclean64.exe
    GroupPolicy: Ograniczenia - Chrome <======= UWAGA
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    FF Extension: "Beach Extension - C:\Users\Mnih\AppData\Roaming\Mozilla\Firefox\Profiles\jy9cdzk6.default-1448982402897\Extensions\@ADCBA569F5447E636FF49E8DB5AB1C26ADCB.xpi [2015-12-01] [Brak podpisu cyfrowego]
    OPR Extension: (Discover Treasure) - C:\Users\Mnih\AppData\Roaming\Opera Software\Opera Stable\Extensions\hhakacmmjkekjimocoklfjmcabnopdpo [2015-12-01]
    U3 a0ftjwup; C:\Windows\System32\Drivers\a0ftjwup.sys [0 ] (Advanced Micro Devices) <==== UWAGA (zerobajtowy plik/folder)
    2015-12-01 15:38 - 2015-12-01 15:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\LuckyBrowse
    2015-12-01 15:37 - 2015-12-01 15:37 - 00003152 _____ C:\Windows\System32\Tasks\Beach Extension
    2015-12-01 15:37 - 2015-12-01 15:37 - 00003140 _____ C:\Windows\System32\Tasks\Beach Extension2
    2015-12-01 15:37 - 2015-12-01 15:37 - 00003060 _____ C:\Windows\System32\Tasks\LuckyBrowse
    2015-12-01 15:37 - 2015-12-01 15:37 - 00000000 ____D C:\Users\Mnih\AppData\Local\Beach Extension
    2015-12-01 15:37 - 2015-12-01 15:37 - 00000000 ____D C:\ProgramData\LuckyBrowse
    EmptyTemp:

    W FRST wybierz Napraw.

    Usun katalog C:\FRST i to wszystko.

    0