begin
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
ExecuteFile('schtasks.exe', '/delete /TN "InternetSE" /F', 0, 15000, true);
ExecuteFile('schtasks.exe', '/delete /TN "InternetSD" /F', 0, 15000, true);
DeleteFile('C:\Windows\system32\Tasks\InternetSD','32');
DeleteFile('C:\Windows\system32\Tasks\InternetSE','32');
DelBHO('{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}');
DelBHO('{2670000A-7350-4f3c-8081-5663EE0C6C49}');
ExecuteRepair(21);
ExecuteWizard('SCU', 2, 3, true);
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(true);
end.
begin
CreateQurantineArchive('c:\quarantine.zip');
end.
Подготовил, выкладываю.
start
CMD: wmic /Namespace:\\root\default Path SystemRestore Call Enable "%SystemDrive%"
CreateRestorePoint:
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
CHR HKLM\...\Chrome\Extension: [glcimepnljoholdmjchkloafkggfoijh] - hxxps://clients2.google.com/service/update2/crx
2016-10-19 11:32 - 2016-10-19 11:32 - 00000000 ____D C:\Windows\system32\GroupPolicy
2016-10-10 15:56 - 2016-10-19 16:36 - 00002412 __RSH C:\Users\Все пользователи\ntuser.pol
2016-10-10 15:56 - 2016-10-19 16:36 - 00002412 __RSH C:\ProgramData\ntuser.pol
EmptyTemp:
Reboot:
end
Проблемы ушли в пятницу, еще до выполнения последнего скрипта. Большое спасибо за помощь!Что с проблемами?
Зачем? Проблема уже решена. Спасибо. Тему можно закрывать.Подготовьте лог SecurityCheck by glax24: https://safezone.cc/resources/security-check-by-glax24.25/
We use cookies and similar technologies for the following purposes:
Do you accept cookies and these technologies?
We use cookies and similar technologies for the following purposes:
Do you accept cookies and these technologies?