[Rozwiązano] Jak usunąć wirus gmaegames.pro, diplodoks - logi do analizy

Witam, dopadł mnie ten popularny problem, proszę o pomoc w usunięciu, wklejam logi.

Otwórz notatnik systemowy i wklej:

CloseProcesses:
CustomCLSID: HKU\S-1-5-21-1798540869-1244123089-3928434861-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\G\AppData\Local\Microsoft\OneDrive\17.3.6917.0607\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1798540869-1244123089-3928434861-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\G\AppData\Local\Microsoft\OneDrive\17.3.6917.0607\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1798540869-1244123089-3928434861-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\G\AppData\Local\Microsoft\OneDrive\17.3.6917.0607\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
Task: {0AF7110F-BE74-4ACB-BEC1-27AAD09478FD} - \G -> No File <==== ATTENTION
Task: {34321F90-F9E1-4599-A9F9-CC2F671737AF} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {A364C08C-AF3E-4F88-AFD1-489C543DF896} - System32\Tasks\NvidiaGraphicDriver => C:\Users\G\AppData\Roaming\VideoCardUpdater.exe <==== ATTENTION
HKU\S-1-5-21-1798540869-1244123089-3928434861-1001\...\Run: [G] => explorer.exe hxxp://dipladoks.org <==== ATTENTION
HKU\S-1-5-21-1798540869-1244123089-3928434861-1001\...\MountPoints2: {ad38e3d6-ed6c-11e8-a233-5cf370903725} - "W:\setup.exe"
IFEO\CE i386.exe: [Debugger] Enable
IFEO\ce-x64.exe: [Debugger] Enable
IFEO\Cheat Engine.exe: [Debugger] Enable
IFEO\cheatengine-i386.exe: [Debugger] Enable
IFEO\cheatengine-x86_64.exe: [Debugger] Enable
IFEO\SppExtComObj.exe: [Debugger] SppExtComObjPatcher.exe
GroupPolicy: Restriction ? <==== ATTENTION
CHR Session Restore: Default -> is enabled.
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść w folderze, gdzie masz FRST.exe.
Uruchom FRST i kliknij w Fix/Napraw.

Dziękuję za natychmiastową pomoc, pozdrawiam

Usuń C:\FRST i zamknij temat.

Rozwiązano dzięki pomocy krzychupar