adware.elex.is Malwarebytes’ generic detection name for a large family of Windows-oriented广告软件中国的起源。
一旦执行,广告软件。Elexdisplays ads by injecting them into visited sites and pops up browser windows.
adware.elex.arrives on a system as a file downloaded from the Internet. Sometimes it disguises itself as a tool that can detect and remove adware. At times, it hides under the guise of an Adobe Flash or Java update. Adware.Elex can also be dropped byTrojan.elex.已知使用它rootkit.
必威平台APPMalwarebytes通过使用实时保护保护用户免受广告软件。
必威平台APPMalwarebytes可以检测和删除Adware.Elex而无需进一步的用户交互。
您可以使用Malwarebyte必威平台APPs反恶意软件Nebula控制台扫描端点。
选择扫描+隔离选项。之后你可以检查检测页面看看发现了哪些威胁。
在检疫页面您可以查看哪些威胁已被隔离,并在必要时恢复它们。
一个Malwareby必威平台APPtes日志示例,用于这个家族的成员Youndoo:
必威平台APP伪www.必威平台APPmalwarebytes.com-日志详细信息-扫描日期:2/20./17扫描时间:2:10点日志文件:mbamYoundoo.三种管理员:是的-软件信息-版本:3.0.6.1469组件版本:1.0.50更新包版本:1.0.1307许可证:溢价-系统信息-操作系统:窗户10CPU:x64文件系统:NTFS用户:{computername.}\{用户名}-扫描的总结-扫描类型:威胁扫描结果:已完成的对象扫描:420585时间:8最小值,58证券交易委员会-扫描选项-内存:启用启动:启用文件系统:使档案:启用rootkit:禁用启发式:启用小狗:启用p:启用-扫描细节-过程:0(没有检测到恶意物品)模块:0(没有检测到恶意物品)注册表键:4广告软件.Elex.通用的,HKLM \ SOFTWARE \ \ CLSID \{类5 ad340e8-F445.-11 e6-B566-64006A5CFC23},删除-在-重新启动,[2155],[356410],1.0.1307广告软件.Elex.通用的,HKLM \ SOFTWARE \ \ CLSID \{类5 ad340e8-F445.-11 e6-B566-64006A5CFC23}\ InprocServer32,删除-在-重新启动,[2155],[356410],1.0.1307小狗.可选.Youndoo,微软HKLM \ SOFTWARE \ WOW6432NODE \ \ WINDOWS \ CURRENTVERSION \ UNINSTALL \ {92年c91b86-B20E-474 b-A1D9-6 b7d5ac229c4},删除-在-重新启动,[767],[182916],1.0.1307小狗.可选.Youndoo,hklm \ software \ wow6432node \ youndoosoftware,删除-在-重新启动,[767],[182849.],1.0.1307注册表值:4广告软件.Elex.通用的,微软HKLM \ SOFTWARE \ \ WINDOWS \ CURRENTVERSION \ EXPLORER \ SHELLEXECUTEHOOKS| {5 ad340e8-F445.-11 e6-B566-64006A5CFC23},删除-在-重新启动,[2155],[356410],1.0.1307广告软件.Elex.SHHKRST,HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer|EnableShellexecutehooks.,删除-在-重新启动,[357],[1],0.0.0广告软件.Elex.SHHKRST,HKLM \ Software \ WOW6432Node \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer|EnableShellexecutehooks.,删除-在-重新启动,[357],[1],0.0.0小狗.可选.Youndoo,微软HKLM \ SOFTWARE \ WOW6432NODE \ \ WINDOWS \ CURRENTVERSION \ UNINSTALL \ {92年c91b86-B20E-474 b-A1D9-6 b7d5ac229c4} |DISPLAYNAME,删除-在-重新启动,[767],[182916],1.0.1307注册表数据:0(没有检测到恶意物品)数据流:0(没有检测到恶意物品)文件夹:3.小狗.可选.FakeFFProfile,C:\ \{用户用户名}\ AppData \漫游\ Mozilla Firefox \ \ naweriweentcofise \ Profiles \ mhc384j1.默认的,删除-在-重新启动,[2786],[363173],1.0.1307小狗.可选.FakeFFProfile,C:\ \{用户用户名}\ AppData \ \ Mozilla Firefox \ \ naweriweentcofise \漫游配置文件,删除-在-重新启动,[2786],[363173],1.0.1307小狗.可选.FakeFFProfile,C:\ Users \ {用户名}\ APPDATA \ \ Mozilla Firefox \ \ naweriweentcofise徘徊,删除-在-重新启动,[2786],[363173],1.0.1307文件:22小狗.可选.FakeFFProfile,C:\ \{用户用户名}\ AppData \漫游\ Mozilla Firefox \ \ naweriweentcofise \ Profiles \ mhc384j1.默认的\首选项.js,删除-在-重新启动,[2786],[363173],1.0.1307小狗.可选.FakeFFProfile,C:\ \{用户用户名}\ AppData \漫游\ Mozilla Firefox \ \ naweriweentcofise \ Profiles \ mhc384j1.默认的\ profiles.INI.,删除-在-重新启动,[2786],[363173],1.0.1307小狗.可选.FakeFFProfile,C:\ \{用户用户名}\ AppData \漫游\ Mozilla Firefox \ \ naweriweentcofise \ Profiles \ mhc384j1.默认的\搜索-元数据.json,删除-在-重新启动,[2786],[363173],1.0.1307小狗.可选.FakeFFProfile,C:\ \{用户用户名}\ AppData \漫游\ Mozilla Firefox \ \ naweriweentcofise \ Profiles \ mhc384j1.默认的\搜索.json.mozlz4,删除-在-重新启动,[2786],[363173],1.0.1307广告软件.Elex.通用的,C:程序文件(X86)\ thuluch \ reuqutain.DLL,删除-在-重新启动,[2155],[356410],1.0.1307小狗.可选.Youndoo,C:\ Users \ {用户名}\ appdata \ roaming \ compiles \ ghleluwardcozeied.默认\首选项.JS,取代,[767],[324487],1.0.1307小狗.可选.Youndoo,C:\ Users \ {用户名}\ appdata \ roaming \ compiles \ ghleluwardcozeied.默认\首选项.JS,取代,[767],[324487],1.0.1307小狗.可选.Youndoo,C:\ Users \ {用户名}\ appdata \ roaming \ compiles \ ghleluwardcozeied.默认\首选项.JS,取代,[767],[324487],1.0.1307小狗.可选.Youndoo,C:\ Users \ {用户名}\ appdata \ roaming \ compiles \ ghleluwardcozeied.默认\首选项.JS,取代,[767],[324487],1.0.1307小狗.可选.Youndoo,C:\ Users \ {用户名}\ appdata \ roaming \ compiles \ ghleluwardcozeied.默认\首选项.JS,取代,[767],[324487],1.0.1307小狗.可选.Youndoo,C:\ Users \ {用户名}\ appdata \ roaming \ compiles \ ghleluwardcozeied.默认\首选项.JS,取代,[767],[324487],1.0.1307小狗.可选.Youndoo,C:\ Users \ {用户名}\ appdata \ roaming \ compiles \ ghleluwardcozeied.默认\首选项.JS,取代,[767],[324487],1.0.1307小狗.可选.Youndoo,C:\ Users \ {用户名}\ appdata \ roaming \ mozilla \ firefox \ profiles \ mhc384j1.默认\首选项.JS,取代,[767],[302817.],1.0.1307小狗.可选.Youndoo,C:\ Users \ {用户名}\ appdata \ roaming \ mozilla \ firefox \ profiles \ mhc384j1.默认\首选项.JS,取代,[767],[302817.],1.0.1307小狗.可选.Youndoo,C:\ Users \ {用户名}\ appdata \ roaming \ mozilla \ firefox \ profiles \ mhc384j1.默认\首选项.JS,取代,[767],[302817.],1.0.1307小狗.可选.Youndoo,C:\ Users \ {用户名}\ appdata \ roaming \ mozilla \ firefox \ profiles \ mhc384j1.默认\首选项.JS,取代,[767],[302817.],1.0.1307小狗.可选.Youndoo,C:\ Users \ {用户名}\ appdata \ roaming \ mozilla \ firefox \ profiles \ mhc384j1.默认\首选项.JS,取代,[767],[302817.],1.0.1307广告软件.Elex,C:\ Users \ {用户名}桌面\ \ WAK_MY.EXE,删除-在-重新启动,[305],[363419.],1.0.1307小狗.可选.Youndoo,C:\ Users \ {用户名}\ appdata \ roaming \ compiles \ ghleluwardcozeied.默认\ SEARCHPLUGINS \ JEBNKUVK.XML.,删除-在-重新启动,[767],[324489],1.0.1307广告软件.Elex.SHHKRST,C:程序文件(X86)\ THULUCH \ CRASHREPORT.DLL,删除-在-重新启动,[357],[372356.],1.0.1307广告软件.Elex.SHHKRST,C:\ windows \ system32 \ tasks \ gfakdutoing,删除-在-重新启动,[357],[1],0.0.0小狗.可选.Youndoo,C:\ Users \ {用户名}\ appdata \ roaming \ mozilla \ firefox \ profiles \ mhc384j1.默认\ SEARCHPLUGINS \ JEBNKUVK.XML.,删除-在-重新启动,[767],[302734],1.0.1307物理扇区:0(没有检测到恶意物品)(结束)
域:
istartpageing.com
omiga-plus.com
yoursites123.com
oursearching.com
yoursearchweb.com.
youndoo.com
vi-view.com
tohotweb.com
webisawsome.info
webssearches.com.
v9.com.
trotux.com.
swellsearch.info.
so-v.com
searchqu.com
searchtotal.info
qvo6.com.
qone8.com
pur-esult.info.
Ortalsepeti.com.
选择你的语言