begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.'+#13#10+'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
ClearQuarantine;
SearchRootkit(true, true);
SetAVZGuardStatus(true);
QuarantineFile('C:\Documents and Settings\Boss\Application Data\timing.txt',' ');
QuarantineFile('C:\WINDOWS\system32\Drivers\uphcleanhlp.sys','');
QuarantineFile('c:\windows\system32\svchost.exe','');
QuarantineFile('C:\Documents and Settings\Boss\Application Data\lsass.exe','');
QuarantineFile('c:\documents and settings\boss\application data\lsass.exe','');
DeleteFile('c:\documents and settings\boss\application data\lsass.exe');
DeleteFile('C:\Documents and Settings\Boss\Application Data\lsass.exe');
ClearHostsFile;
BC_ImportALL;
ExecuteSysClean;
BC_Activate;
RebootWindows(true);
end.
begin
CreateQurantineArchive(GetAVZDirectory+'quarantine.zip');
end.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters\ServiceDll (Hijack.LanmanServer) -> Bad: (%CommonProgramFiles%\msdao23.tlc) Good: (%SystemRoot%\System32\srvsvc.dll) -> No action taken.
c:\documents and settings\Boss\application data\Sun\Java\deployment\cache\6.0\58\3c18bc3a-2e53ae31 (Trojan.Agent) -> No action taken.
We use cookies and similar technologies for the following purposes:
Do you accept cookies and these technologies?
We use cookies and similar technologies for the following purposes:
Do you accept cookies and these technologies?