begin
SetAVZGuardStatus(true);
QuarantineFile('C:\Windows\SYSWOW64\109.tmp','');
QuarantineFile('C:\Program Files (x86)\Bestgame\prxtbBes0.dll','');
QuarantineFile('C:\Windows\system32\drivers\RTKVHD64.sys','');
QuarantineFile('C:\Windows\system32\pgdshma.dll',' ');
DeleteFile('C:\Windows\system32\pgdshma.dll');
DeleteFile('C:\Windows\SYSWOW64\109.tmp');
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '2201', 1);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '2201', 3);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1004', 3);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1001', 1);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1201', 3);
BC_ImportALL;
BC_Activate;
ExecuteSysClean;
RebootWindows(true);
end.
begin
CreateQurantineArchive(GetAVZDirectory+'quarantine.zip');
end.
C:\Program Files\bl2pjzkr.exe
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {8dec4b69-27c4-405d-a37d-8d45c83f66ab} - (no file)
We use cookies and similar technologies for the following purposes:
Do you accept cookies and these technologies?
We use cookies and similar technologies for the following purposes:
Do you accept cookies and these technologies?