Смотрите видео ниже, чтобы узнать, как установить наш сайт в качестве веб-приложения на домашнем экране.
Примечание: Эта возможность может быть недоступна в некоторых браузерах.
promotions-planners
begin
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
ClearQuarantineEx(true);
QuarantineFile('C:\ProgramData\properly-prisoner\bin.exe', '');
QuarantineFile('C:\Users\michael\AppData\Roaming\EventViewer\eventvwr.exe', '');
DeleteSchedulerTask('Event Viewer Snap-in Launcher (29762912)');
DeleteSchedulerTask('Microsoft\Windows\SMB\UninstallSMB1ClientTask');
DeleteSchedulerTask('Microsoft\Windows\SMB\UninstallSMB1ServerTask');
DeleteSchedulerTask('promotions-planners');
DeleteFile('C:\ProgramData\properly-prisoner\bin.exe', '64');
DeleteFile('C:\Users\michael\AppData\Roaming\EventViewer\eventvwr.exe', '64');
CreateQurantineArchive(GetAVZDirectory + 'quarantine.zip');
ExecuteSysClean;
ExecuteRepair(9);
ExecuteWizard('SCU', 2, 3, true);
RebootWindows(true);
end.
перетащите на утилиту ClearLNK....\AutoLogger\CheckBrowserLnk
Start::
CloseProcesses:
SystemRestore: On
CreateRestorePoint:
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Ограничение <==== ВНИМАНИЕ
HKU\S-1-5-21-1343629532-1138417477-3478389984-1001\...\MountPoints2: {27080484-1955-11ed-b835-dcb4d0b69fff} - "G:\autorun.exe"
GroupPolicy: Ограничение ? <==== ВНИМАНИЕ
Policies: C:\ProgramData\NTUSER.pol: Ограничение <==== ВНИМАНИЕ
C:\Users\michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb
C:\Users\michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldgpjdiadomhinpimgchmeembbgojnjk
CHR HKU\S-1-5-21-1343629532-1138417477-3478389984-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ldgpjdiadomhinpimgchmeembbgojnjk]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
2022-09-01 11:50 - 2022-09-01 11:50 - 000000000 ____D C:\ProgramData\brbPPxbHbbpdTjX
2022-08-27 20:17 - 2022-09-01 14:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\promotion-preference
2022-08-27 20:17 - 2022-09-01 14:23 - 000000000 ____D C:\ProgramData\properly-prisoner
2022-08-09 10:56 - 2022-08-09 10:56 - 000000012 _____ C:\ProgramData\uoicfcgj.dby
2022-08-09 10:56 - 2022-08-09 10:56 - 000000012 _____ C:\ProgramData\kxcphvci.vig
2022-08-09 10:52 - 2022-08-27 09:09 - 000000008 _____ C:\ProgramData\yxpamcvg.xpy
2022-08-09 10:52 - 2022-08-27 09:09 - 000000008 _____ C:\ProgramData\tllrxjsy.jjx
2022-08-09 10:52 - 2022-08-09 10:56 - 000000008 _____ C:\ProgramData\xqkmuviv.ixk
2022-08-09 10:52 - 2022-08-09 10:56 - 000000008 _____ C:\ProgramData\wwtmbibf.kiw
2022-08-09 10:52 - 2022-08-09 10:56 - 000000008 _____ C:\ProgramData\wjkavdvu.hlm
2022-08-09 10:52 - 2022-08-09 10:56 - 000000008 _____ C:\ProgramData\vyrlftro.jng
2022-08-09 10:52 - 2022-08-09 10:56 - 000000008 _____ C:\ProgramData\tcrmaoiy.npt
2022-08-09 10:52 - 2022-08-09 10:56 - 000000008 _____ C:\ProgramData\qqoihngm.aip
2022-08-09 10:52 - 2022-08-09 10:56 - 000000008 _____ C:\ProgramData\olybraar.skk
2022-08-09 10:52 - 2022-08-09 10:56 - 000000008 _____ C:\ProgramData\mswvdagn.qei
2022-08-09 10:52 - 2022-08-09 10:56 - 000000008 _____ C:\ProgramData\mfxagepd.yjv
2022-08-09 10:52 - 2022-08-09 10:56 - 000000008 _____ C:\ProgramData\lqfpsorw.dto
2022-08-09 10:52 - 2022-08-09 10:56 - 000000008 _____ C:\ProgramData\llrfcspe.atp
2022-08-09 10:52 - 2022-08-09 10:56 - 000000008 _____ C:\ProgramData\kjuwgtxm.ihy
2022-08-09 10:52 - 2022-08-09 10:56 - 000000008 _____ C:\ProgramData\kbbiaqpo.hqo
2022-08-09 10:52 - 2022-08-09 10:56 - 000000008 _____ C:\ProgramData\jqediwun.epo
2022-08-09 10:52 - 2022-08-09 10:56 - 000000008 _____ C:\ProgramData\jfstydpr.lge
2022-08-09 10:52 - 2022-08-09 10:56 - 000000008 _____ C:\ProgramData\gmhgktun.wjk
2022-08-09 10:52 - 2022-08-09 10:56 - 000000008 _____ C:\ProgramData\ehaxyihj.xus
2022-08-09 10:52 - 2022-08-09 10:56 - 000000008 _____ C:\ProgramData\dtagvxjc.ypu
2022-08-09 10:49 - 2022-08-27 09:09 - 000000012 _____ C:\ProgramData\ycqrtvaf.xko
2022-08-09 10:49 - 2022-08-27 09:09 - 000000012 _____ C:\ProgramData\wexpywvq.nag
2022-08-09 10:49 - 2022-08-27 09:09 - 000000012 _____ C:\ProgramData\ktmaksla.hpf
2022-08-09 10:49 - 2022-08-27 09:09 - 000000012 _____ C:\ProgramData\dlmnmecj.ptv
2022-08-09 10:49 - 2022-08-09 10:49 - 000000012 _____ C:\ProgramData\jkyrndid.ofq
2022-08-09 10:49 - 2022-08-09 10:49 - 000000012 _____ C:\ProgramData\elworyqf.dve
2022-08-09 10:49 - 2022-08-09 10:49 - 000000008 _____ C:\ProgramData\jbfsuhxv.whh
2022-08-09 10:49 - 2022-08-09 10:49 - 000000008 _____ C:\ProgramData\byktvfac.bir
FirewallRules: [{bda1e8ea-7bd0-40cd-a60f-1cbe35e3ce46}] => (Allow) C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe => Нет файла
ExportKey: HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions
EmptyTemp:
Reboot:
End::
O22 - Tasks: michael - C:\Windows\system32\cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v michael /t REG_SZ /d "cmd.exe /c start www.dipladoks.org"