begin
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
QuarantineFileF('c:\program files\ubar', '*.exe, *.dll, *.sys, *.bat, *.vbs, *.js*, *.tmp*', true, '', 0 ,0);
QuarantineFile('C:\Program Files\UBar\UbarDriver.sys', '');
DeleteFile('C:\Program Files\UBar\UbarDriver.sys', '32');
DeleteFileMask('c:\program files\ubar', '*', true);
DeleteDirectory('c:\program files\ubar');
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1201', 3);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1001', 1);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1004', 3);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '2201', 3);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1804', 1);
DeleteService('UbarCalloutDriver');
ExecuteSysClean;
ExecuteRepair(3);
ExecuteRepair(4);
ExecuteWizard('SCU', 2, 3, true);
CreateQurantineArchive(GetAVZDirectory + 'quarantine.zip');
RebootWindows(true);
end.
begin
CreateQurantineArchive(GetAVZDirectory+'quarantine.zip');
end.
start
CreateRestorePoint:
GroupPolicy: Restriction <======= ATTENTION
GroupPolicy\User: Restriction <======= ATTENTION
AutoConfigURL: [S-1-5-21-2977579384-1132690053-4212917349-1000] => hxxp://noblocking.net/wpad.dat?6ab90815a5a19eb27063c694628561c922620094
ManualProxies: 0hxxp://noblocking.net/wpad.dat?6ab90815a5a19eb27063c694628561c922620094
CHR HKU\S-1-5-21-2977579384-1132690053-4212917349-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hegneaniplmfjcmohoclabblbahcbjoe] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hegneaniplmfjcmohoclabblbahcbjoe] - hxxp://clients2.google.com/service/update2/crx
EmptyTemp:
Reboot:
end
We use cookies and similar technologies for the following purposes:
Do you accept cookies and these technologies?
We use cookies and similar technologies for the following purposes:
Do you accept cookies and these technologies?