Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Wirus gmaegames.pro/redirect-from-banner.html

raor 07 Gru 2018 19:13 45 3
  • Pomocny post
    #2 07 Gru 2018 19:28
    Kolobos
    Spec od komputerów

    Odinstaluj:
    McAfee WebAdvisor
    Smart File Advisor 1.1.8

    Wykonaj Fixlist.txt dla FRST:
    Task: {EDB85CEF-D71F-4C2F-A25A-C637CD829CBB} - System32\Tasks\Opera scheduled Autoupdate 1472203952 => C:\Program Files (x86)\Opera developer\launcher.exe [2018-12-03] (Opera Software)
    Task: {FDE96BC1-E987-4BED-82FB-FA1313822B40} - System32\Tasks\Rafal => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v Rafal /t REG_SZ /d "explorer.exe hxxp://dipladoks.org" <==== UWAGA
    (McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
    (McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\uihost.exe
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
    HKU\S-1-5-21-2076153869-3089103365-2073649281-1001\...\Run: [Rafal] => explorer.exe hxxp://dipladoks.org <==== UWAGA
    HKU\S-1-5-21-2076153869-3089103365-2073649281-1001\...\MountPoints2: {6dfb82fe-1da8-11e7-94f0-001c2569da3b} - J:\HiSuiteDownLoader.exe
    BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2018-09-09] (McAfee, Inc.)
    BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2018-09-09] (McAfee, Inc.)
    FF Homepage: Mozilla\Firefox\Profiles\8elhrlp1.default -> hxxp://hp.myway.com/videoconvert/ttab02/index...&ln=en&n&ptb&st&p2&si
    FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
    FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2018-11-30]
    FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
    CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [ofoeigeaodhbjogdigckajfhjbonaofg] - hxxps://clients2.google.com/service/update2/crx
    S3 GPU-Z; \??\C:\Users\Rafal\AppData\Local\Temp\GPU-Z.sys [X] <==== UWAGA

    0
  • #3 07 Gru 2018 20:39
    raor
    Poziom 2  

    Wielkie dzięki za pomoc !!!

    0
  • #4 07 Gru 2018 21:14
    RADU23
    Moderator - Komputery Serwis

    Usuń folder C:\FRST i to wszystko.
    Wirus gmaegames.pro/redirect-from-banner.html

    0