Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Cookie Control - brak możliwości usunięcia

norbi233 11 Lip 2017 22:14 378 4
  • Pomocny post
    #2 12 Lip 2017 00:31
    krzychupar
    Poziom 40  

    Odinstaluj:
    GamesDesktop 008.005010077 (HKLM-x32\...\gmsd_pl_005010077_is1) (Version: - GAMESDESKTOP) <==== UWAGA

    Otwórz notatnik systemowy i wklej:
    ContextMenuHandlers01: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP3\Modules\aimp_menu64.dll -> Brak pliku
    ContextMenuHandlers02: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => -> Brak pliku
    ContextMenuHandlers04: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP3\Modules\aimp_menu64.dll -> Brak pliku
    Task: {27F0B2A0-BC7D-48FC-A897-1EF2F18AEA7D} - System32\Tasks\{1286D0D4-6419-4A5B-B2C8-AF005F6D7B4C} => pcalua.exe -a C:\Users\Admin\Downloads\HLC23.exe -d C:\Users\Admin\Downloads
    Task: {430C1D09-5CDD-4EF5-A0C0-94295D552B4C} - System32\Tasks\{38F6A245-24CA-4412-B4A6-3754E7F6006A} => pcalua.exe -a H:\Setup.exe -d H:\
    Task: {A341BB95-DDCB-4AED-A777-EE8AD572230A} - System32\Tasks\{26757456-C1B4-4680-B370-F65E74C56AC8} => pcalua.exe -a "D:\Program Files (x86)\FIFA 15 Ultimate Team Edition\FIFA 15 Ultimate Team Edition\ModdingWayInstaller.exe" -d "D:\Program Files (x86)\FIFA 15 Ultimate Team Edition\FIFA 15 Ultimate Team Edition"
    Task: {BB31C3DE-9968-413C-82B7-BC1D87D389A1} - System32\Tasks\{35B28893-298A-442C-91B0-04ECDE82E3EB} => pcalua.exe -a "C:\Program Files (x86)\PLAY ONLINE\uninst.exe"
    Hosts:
    HKLM-x32\...\Run: [mbot_pl_014010076] => [X]
    HKU\S-1-5-21-2997765148-1327859896-3002011509-1000\...\MountPoints2: E - E:\SETUP.EXE
    HKU\S-1-5-21-2997765148-1327859896-3002011509-1000\...\MountPoints2: F - F:\AutoRun.exe
    HKU\S-1-5-21-2997765148-1327859896-3002011509-1000\...\MountPoints2: G - G:\AutoRun.exe
    HKU\S-1-5-21-2997765148-1327859896-3002011509-1000\...\MountPoints2: J - J:\Setup.exe
    HKU\S-1-5-21-2997765148-1327859896-3002011509-1000\...\MountPoints2: K - K:\setup.exe
    HKU\S-1-5-21-2997765148-1327859896-3002011509-1000\...\MountPoints2: {1f299901-63aa-11e6-927f-806e6f6e6963} - G:\AutoRun.exe
    HKU\S-1-5-21-2997765148-1327859896-3002011509-1000\...\MountPoints2: {2a3edc60-a31a-11e4-ac04-001e101fe5e1} - F:\setup.exe
    HKU\S-1-5-21-2997765148-1327859896-3002011509-1000\...\MountPoints2: {3349d11e-0528-11e6-a1b0-0c5b8f279a64} - G:\AutoRun.exe
    HKU\S-1-5-21-2997765148-1327859896-3002011509-1000\...\MountPoints2: {51b1abde-8d34-11e6-945a-005056c00008} - G:\AutoRun.exe
    HKU\S-1-5-21-2997765148-1327859896-3002011509-1000\...\MountPoints2: {5706fc7d-8d04-11e3-9159-806e6f6e6963} - K:\Autorun.exe
    HKU\S-1-5-21-2997765148-1327859896-3002011509-1000\...\MountPoints2: {58a27762-8d02-11e3-9ee1-806e6f6e6963} - E:\ASRSetup.exe
    HKU\S-1-5-21-2997765148-1327859896-3002011509-1000\...\MountPoints2: {67d56bb2-f5ce-11e4-a66e-0c5b8f279a64} - H:\setup.exe
    HKU\S-1-5-21-2997765148-1327859896-3002011509-1000\...\MountPoints2: {6844dcd5-24c0-11e5-88f4-0c5b8f279a64} - G:\AutoRun.exe
    HKU\S-1-5-21-2997765148-1327859896-3002011509-1000\...\MountPoints2: {70e5a2b7-86fb-11e5-bc86-0c5b8f279a64} - G:\AutoRun.exe




    HKU\S-1-5-21-2997765148-1327859896-3002011509-1000\...\MountPoints2: {7412e293-7ced-11e6-896c-005056c00008} - G:\AutoRun.exe
    HKU\S-1-5-21-2997765148-1327859896-3002011509-1000\...\MountPoints2: {7ce0fcc7-f214-11e3-9e1b-001e101f21c1} - F:\AutoRun.exe
    HKU\S-1-5-21-2997765148-1327859896-3002011509-1000\...\MountPoints2: {7ce0fd4c-f214-11e3-9e1b-001e101f21c1} - F:\AutoRun.exe
    HKU\S-1-5-21-2997765148-1327859896-3002011509-1000\...\MountPoints2: {82de9773-655b-11e6-a623-005056c00008} - L:\setup.exe
    HKU\S-1-5-21-2997765148-1327859896-3002011509-1000\...\MountPoints2: {8703fc10-d72c-11e5-b88a-d050993e10f1} - G:\AutoRun.exe
    HKU\S-1-5-21-2997765148-1327859896-3002011509-1000\...\MountPoints2: {89566d61-d21b-11e3-a3fe-001e101faa49} - F:\AutoRun.exe
    HKU\S-1-5-21-2997765148-1327859896-3002011509-1000\...\MountPoints2: {89566dbc-d21b-11e3-a3fe-001e101faa49} - F:\AutoRun.exe
    HKU\S-1-5-21-2997765148-1327859896-3002011509-1000\...\MountPoints2: {8e9c1f3d-d6dd-11e4-8284-d050993e10f1} - G:\AutoRun.exe
    HKU\S-1-5-21-2997765148-1327859896-3002011509-1000\...\MountPoints2: {90698a4c-d0c1-11e3-b106-bc5ff4d708f2} - F:\AutoRun.exe
    HKU\S-1-5-21-2997765148-1327859896-3002011509-1000\...\MountPoints2: {90698a5c-d0c1-11e3-b106-bc5ff4d708f2} - F:\AutoRun.exe
    HKU\S-1-5-21-2997765148-1327859896-3002011509-1000\...\MountPoints2: {ade4a10f-d631-11e5-b97d-0c5b8f279a64} - G:\AutoRun.exe
    HKU\S-1-5-21-2997765148-1327859896-3002011509-1000\...\MountPoints2: {b136009c-6dda-11e6-947c-0c5b8f279a64} - L:\setup.exe
    HKU\S-1-5-21-2997765148-1327859896-3002011509-1000\...\MountPoints2: {ba7f0818-ee59-11e3-9c41-001e101fb4df} - F:\AutoRun.exe
    HKU\S-1-5-21-2997765148-1327859896-3002011509-1000\...\MountPoints2: {ba7f0868-ee59-11e3-9c41-001e101fb4df} - F:\AutoRun.exe
    HKU\S-1-5-21-2997765148-1327859896-3002011509-1000\...\MountPoints2: {ba7f08d1-ee59-11e3-9c41-001e101fb4df} - F:\AutoRun.exe
    HKU\S-1-5-21-2997765148-1327859896-3002011509-1000\...\MountPoints2: {ba7f0926-ee59-11e3-9c41-001e101fb4df} - F:\AutoRun.exe
    HKU\S-1-5-21-2997765148-1327859896-3002011509-1000\...\MountPoints2: {ba7f128d-ee59-11e3-9c41-001e101fb4df} - F:\AutoRun.exe
    HKU\S-1-5-21-2997765148-1327859896-3002011509-1000\...\MountPoints2: {c34877d2-ab3e-11e6-bea4-005056c00008} - J:\Setup.exe
    HKU\S-1-5-21-2997765148-1327859896-3002011509-1000\...\MountPoints2: {c4a5add4-ab2d-11e6-8ac6-0c5b8f279a64} - G:\AutoRun.exe
    HKU\S-1-5-21-2997765148-1327859896-3002011509-1000\...\MountPoints2: {d1021f87-19b3-11e6-8428-005056c00008} - G:\AutoRun.exe
    HKU\S-1-5-21-2997765148-1327859896-3002011509-1000\...\MountPoints2: {e4e2f7cd-f09a-11e6-b4b9-0c5b8f279a64} - J:\setup.exe
    HKU\S-1-5-21-2997765148-1327859896-3002011509-1000\...\MountPoints2: {e6a18e49-edd7-11e5-baae-d050993e10f1} - G:\AutoRun.exe
    HKU\S-1-5-21-2997765148-1327859896-3002011509-1000\...\MountPoints2: {eb71f4c9-4ddc-11e6-8920-005056c00008} - G:\AutoRun.exe
    HKU\S-1-5-21-2997765148-1327859896-3002011509-1000\...\MountPoints2: {eeab4532-de55-11e6-922c-0c5b8f279a64} - G:\AutoRun.exe
    HKU\S-1-5-21-2997765148-1327859896-3002011509-1000\...\MountPoints2: {f354af41-bf96-11e6-8db7-005056c00008} - G:\AutoRun.exe
    HKU\S-1-5-21-2997765148-1327859896-3002011509-1000\...\MountPoints2: {fe34a139-2910-11e7-b322-0c5b8f279a64} - J:\setup.exe
    HKU\S-1-5-21-2997765148-1327859896-3002011509-1000\...\MountPoints2: {feb076e1-d528-11e3-866c-806e6f6e6963} - F:\AutoRun.exe
    HKU\S-1-5-21-2997765148-1327859896-3002011509-1000\...\MountPoints2: {fef74135-a667-11e5-9522-0c5b8f279a64} - G:\AutoRun.exe
    GroupPolicy: Ograniczenia - Chrome <==== UWAGA
    CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
    U4 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
    EmptyTemp:

    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom FRST i kliknij w Fix/Napraw.

    0
  • Pomocny post
    #3 12 Lip 2017 00:41
    Kolobos
    Spec od komputerów

    @krzychupar przeczytales temat postu? Zrobiles wszystko byle tylko nie dodac infekcji do kasacji...

    @norbi233 do Fixlist.txt dodaj jeszcze:
    CHR Extension: (Сookies Control) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfkpefbllpconnkfpdgagkifmflckkdp [2017-07-11]
    R1 {09d4f2ed-8206-4fe1-949d-352c485b70c7}Gw64; C:\Windows\System32\drivers\{09d4f2ed-8206-4fe1-949d-352c485b70c7}Gw64.sys [48768 2016-02-26] (StdLib)
    2017-07-11 20:56 - 2015-02-02 14:20 - 00000000 ____D C:\AdwCleaner
    C:\Windows\System32\drivers\{09d4f2ed-8206-4fe1-949d-352c485b70c7}Gw64.sys
    Task: {3941D76D-A3E5-40DE-9A4B-A60A799D3EA2} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-07-01] ()
    Task: {52967C71-5CF6-42BD-9AE1-3924A402D0A6} - System32\Tasks\Chromium => C:\Users\Admin\AppData\Local\Chromium\APPLIC~1\450240~1.0\INSTAL~1\UNINST~1.EXE
    Task: {90DA11DC-C0C0-4C9C-B0C5-80201342B403} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-07-01] ()
    Task: C:\Windows\Tasks\Chromium.job => C:\Users\Admin\AppData\Local\Chromium\APPLIC~1\450240~1.0\INSTAL~1\UNINST~1.EXE

    0
  • #5 12 Lip 2017 09:19
    Kolobos
    Spec od komputerów

    Usun katalog C:\FRST i to wszystko.
    Cookie Control - brak możliwości usunięcia

    0