Elektroda.pl
Elektroda.pl
X
CControls
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

[Rozwiązano] Wyskakująca strona gmaegames.pro po uruchomieniu komputera.

damiantj2 07 Gru 2018 01:31 72 2
  • CControls
  • Pomocny post
    #2 07 Gru 2018 03:55
    dt1
    Moderator - Komputery Serwis

    Witaj, Fixlist dla Ciebie:

    Code:
    HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [37296 2012-01-03] (Adobe Systems Incorporated)
    
    HKLM-x32\...\Run: [Adobe ARM] => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== UWAGA
    HKU\S-1-5-21-3535680786-575102239-628473653-1001\...\Run: [] => [X]
    HKU\S-1-5-21-3535680786-575102239-628473653-1001\...\Run: [PC] => explorer.exe hxxp://ozirizsoos.info <==== UWAGA
    HKU\S-1-5-21-3535680786-575102239-628473653-1001\...\MountPoints2: G - "G:\setup.exe"
    AppInit_DLLs: C:\ProgramData\Polygen\Domtom.dll => C:\ProgramData\Polygen\Domtom.dll [342528 2018-12-03] ()
    Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\avhbbswc.lnk [2018-12-03]
    ShortcutTarget: avhbbswc.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
    GroupPolicy: Ograniczenia - Windows Defender <==== UWAGA
    SearchScopes: HKLM-x32 -> ielnksrch URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKA1VtC1mRJr0-ErUXs70UwlfkZ58157ZVxAplC4smqGuQplVCgg-DHlkGGpkr81Hi0XBBRAtI3Owhs8AEB9hXt2OSbdjD8VJJ_SdlYGkvLVeaZ4gWGnoCIyv5kUwR-BaH5nFZlYPsQEt_WyLdX7S8yV5wJ_y-gCVwNSAIFFNB197jCcVoT20PQw&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-3535680786-575102239-628473653-1001 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = hxxp://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10420__180929&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-3535680786-575102239-628473653-1001 -> {ielnksrch} URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKA1VtC1mRJr0-ErUXs70UwlfkZ58157ZVxAplC4smqGuQplVCgg-DHlkGGpkr81Hi0XBBRAtI3Owhs8AEB9hXt2OSbdjD8VJJ_SdlYGkvLVeaZ4gWGnoCIyv5kUwR-BaH5nFZlYPsQEt_WyLdX7S8yV5wJ_y-gCVwNSAIFFNB197jCcVoT20PQw&q={searchTerms}
    FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\aw5nhdq7.default\searchplugins\google-avg.xml [2018-12-03]
    FF Extension: (Brak nazwy) - C:\Program Files\Mozilla Firefox\browser\features\{733ED5DC-6D54-4A04-900B-CA85BF4B9A1B}.xpi [2018-12-03] [Brak podpisu cyfrowego]
    CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx
    2018-12-03 01:33 - 2018-12-03 01:33 - 007813632 _____ () C:\Users\PC\AppData\Local\agent.dat
    2018-12-03 01:33 - 2018-12-03 01:33 - 000070896 _____ () C:\Users\PC\AppData\Local\Config.xml




    2018-12-03 01:33 - 2018-12-03 01:33 - 001995264 _____ (TODO: <Company name>) C:\Users\PC\AppData\Local\Hotsoft.exe
    2018-12-03 01:33 - 2018-12-03 01:33 - 002025189 _____ () C:\Users\PC\AppData\Local\Hotsoft.tst
    2018-12-03 01:33 - 2018-12-03 01:33 - 000016368 _____ () C:\Users\PC\AppData\Local\InstallationConfiguration.xml
    2018-12-03 01:33 - 2018-12-03 01:33 - 000140800 _____ () C:\Users\PC\AppData\Local\installer.dat
    2018-12-03 01:33 - 2018-12-03 01:33 - 000018432 _____ () C:\Users\PC\AppData\Local\Main.dat
    2018-12-03 01:33 - 2018-12-03 01:33 - 000005568 _____ () C:\Users\PC\AppData\Local\md.xml
    2018-12-03 01:33 - 2018-12-03 01:33 - 000126464 _____ () C:\Users\PC\AppData\Local\noah.dat
    2017-12-15 00:05 - 2017-12-15 00:05 - 000007597 _____ () C:\Users\PC\AppData\Local\Resmon.ResmonCfg
    2018-12-03 01:33 - 2018-12-03 01:34 - 000722944 _____ () C:\Users\PC\AppData\Local\sham.db
    2018-12-03 01:34 - 2018-12-03 01:34 - 000032038 _____ () C:\Users\PC\AppData\Local\uninstall_temp.ico
    2018-12-03 01:34 - 2018-12-03 01:34 - 001895383 _____ () C:\Users\PC\AppData\Local\Zamlex.bin
    2018-12-03 01:33 - 2018-12-03 01:33 - 001995264 _____ (TODO: <Company name>) C:\Users\PC\AppData\Local\Zoomity.exe
    2018-12-03 01:33 - 2018-12-03 01:33 - 000278508 _____ () C:\Users\PC\AppData\Local\Zoomity.tst
    ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> Brak pliku
    ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> Brak pliku
    ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> Brak pliku
    ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Brak pliku
    ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Brak pliku
    ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> Brak pliku
    ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> Brak pliku
    ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> Brak pliku
    ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> Brak pliku
    ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> Brak pliku
    ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Brak pliku
    ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> Brak pliku
    ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> Brak pliku
    Task: {D0EE600E-AF35-4BFB-9FCF-4601453A72E9} - System32\Tasks\SlimCleaner Plus (Scheduled Scan - PC) => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
    Task: {ED9BDDD0-8006-4939-AEC2-57C6B33024FA} - System32\Tasks\PC => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v PC /t REG_SZ /d "explorer.exe hxxp://ozirizsoos.info" <==== UWAGA
    Task: C:\WINDOWS\Tasks\SlimCleaner Plus (Scheduled Scan - PC).job => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
    AlternateDataStreams: C:\ProgramData\TEMP:890CC2F3 [124]
    AlternateDataStreams: C:\Users\Public\AppData:CSM [484]
    IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
    IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
    IE trusted site: HKU\S-1-5-21-3535680786-575102239-628473653-1001\...\localhost -> localhost
    IE trusted site: HKU\S-1-5-21-3535680786-575102239-628473653-1001\...\webcompanion.com -> hxxp://webcompanion.com
    HKU\S-1-5-21-3535680786-575102239-628473653-1001\...\StartupApproved\StartupFolder: => "avhbbswc.lnk"
    EmptyTemp:

    0
  • CControls
  • #3 07 Gru 2018 10:49
    damiantj2
    Poziom 6  

    Dzięki, problem minął

    0