Elektroda.pl
Elektroda.pl
X
CControls
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

[Rozwiązano] Wirus: gmaegames.pro/redirect-from-banner.htmll

giersik1991 03 Lis 2018 10:11 147 3
  • CControls
  • Pomocny post
    #2 03 Lis 2018 10:17
    krzychupar
    Poziom 41  

    Otwórz notatnik systemowy i wklej:

    CloseProcesses:
    Task: {48429C24-DCC3-423D-9D20-EA4810E2EC34} - System32\Tasks\GiersiK => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v GiersiK /t REG_SZ /d "explorer.exe hxxp://dipladoks.org" <==== UWAGA
    HKU\S-1-5-21-3316737927-3681558679-1958808392-1002\...\Run: [GiersiK] => explorer.exe hxxp://dipladoks.org <==== UWAGA
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA
    FF HKLM-x32\...\Firefox\Extensions: [daplinkchecker@speedbit.com] - C:\Program Files (x86)\DAP\daplinkchecker => nie znaleziono
    FF HKU\S-1-5-21-3316737927-3681558679-1958808392-1002\...\Firefox\Extensions: [{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}] - C:\Program Files (x86)\DAP\DAPFireFox => nie znaleziono
    FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\local-settings.js [2016-04-04] <==== UWAGA (Linkuje do pliku *.cfg)
    FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\mozilla.cfg [2017-02-27] <==== UWAGA
    CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxps://isearch.avg.com/?cid={1FD23C95-4712-4991-91C5-10B270E12752}&mid=cdc48d2475d54287af1df5addb3cb76b-9a4ee156b78dce93f80b32ae98f5f286b6dd98a8&lang=pl&ds=ac011&pr=sa&d=2012-09-12 12:54:45&v=12.2.5.34&sap=hp","hxxp://isearch.avg.com/?cid={E626F1B0-D744-489E-9690-B998E39908FE}&mid=796deb01982c4025a91080966aca698b-9a4ee156b78dce93f80b32ae98f5f286b6dd98a8&lang=pl&ds=ik011&pr=&d=2012-11-14 22:43:17&v=14.2.0.1&pid=avg&sg=&sap=hp","hxxp://www.delta-search.com/?affID=119816&babsrc=HP_ss&mntrId=F454001FE25F5996","hxxp://isearch.avg.com/?cid={E626F1B0-D744-489E-9690-B998E39908FE}&mid=796deb01982c4025a91080966aca698b-9a4ee156b78dce93f80b32ae98f5f286b6dd98a8&lang=pl&ds=ik011&pr=&d=2012-11-14 22:43:17&v=15.3.0.11&pid=avg&sg=0&sap=hp","hxxp://badoo.com/startpage/","hxxp://www.search.ask.com/?tpid=SHD-V7&o=APN10115&pf=V7&trgb=CR&p2=%5EAYE%5Eaaa027%5EYY%5EPL&gct=hp&apn_ptnrs=%5EAYE&apn_dtid=%5Eaaa027%5EYY%5EPL&apn_dbr=cr_31.0.1650.63&apn_uid=F51E687C-B2F6-49A2-B0A2-6F5A4F382857&itbv=12.10.2.4200&doi=2014-02-12&psv=","hxxp://www.google.pl/","hxxp://www.mystart.com/?pr=manycam&id=manycam_ot&v=4_0&ent=hp_5047&src=5047","hxxp://www.search.ask.com/?tpid=ORJ-SPE&o=APN11412&pf=V7&trgb=CR&p2=%5EBBK%5EOSJ000%5EYY%5EPL&gct=hp&apn_ptnrs=BBK&apn_dtid=%5EOSJ000%5EYY%5EPL&apn_dbr=cr_36.0.1985.125&apn_uid=89DAD6F6-E0C9-4719-83C0-70F1CB089786&itbv=12.15.1.20&doi=2014-07-28&psv=&pt=tb","hxxp://www.mystartsearch.com/?type=hp&ts=1433264123&z=d17d949c013ac42cdfc37d3g4zfcbcaoeq0z1gdgbg&from=wpc&uid=WDCXWD10EADS-22M2B0_WD-WCAV5836336763367","hxxp://www.sweet-page.com/?type=hp&ts=1441443245&z=945d0dc0f723516ebab30cdgcz2z5g0zaz8c7ofz4q&from=cor&uid=TOSHIBAXMQ01ABD075_34ICP50OTXX34ICP50OT","hxxp://www.delta-homes.com/?type=hp&ts=1444992686&z=a7a3d930c4347c036934090gbz6z7zetbt4ocq5bfq&from=wpm07163&uid=TOSHIBAXMQ01ABD075_34ICP50OTXX34ICP50OT","hxxps://www.x-kom.pl/l/dziekujemy-za-zakupy"
    S0 edevmon; system32\DRIVERS\edevmon.sys [X]
    EmptyTemp:

    Plik zapisz pod nazwą fixlist.txt i umieść w folderze, gdzie masz FRST.exe.
    Uruchom FRST i kliknij w Fix/Napraw.

    0
  • CControls
  • #3 03 Lis 2018 10:27
    giersik1991
    Poziom 2  

    Pomoglo, dziekuje slicznie :)

    0
  • #4 03 Lis 2018 10:28
    giersik1991
    Poziom 2  

    Pomoglo, dziekuje slicznie :)

    Dodano po 1 [minuty]:

    zgodnie z instrukcja od: krzychupar

    0