Maximilian1994
Новый пользователь
- Сообщения
- 36
- Реакции
- 1
begin
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
QuarantineFile('C:\Program Files (x86)\fHDlqDVwU\fkERta.dll', '');
QuarantineFile('C:\Program Files (x86)\hUmbquBpttZU2\gfNkwEZRctlaa.dll', '');
QuarantineFile('C:\Program Files (x86)\ooxzIAzTqruiVIszQdR\aViaMxc.dll', '');
QuarantineFile('C:\Program Files (x86)\qUgzYKxVLnesC\lfozLsz.dll', '');
QuarantineFile('C:\ProgramData\BuHcEEPgNwocAWVB\FyRXmcM.wsf', '');
DeleteFile('C:\Program Files (x86)\fHDlqDVwU\fkERta.dll', '64');
DeleteFile('C:\Program Files (x86)\hUmbquBpttZU2\gfNkwEZRctlaa.dll', '64');
DeleteFile('C:\Program Files (x86)\ooxzIAzTqruiVIszQdR\aViaMxc.dll', '64');
DeleteFile('C:\Program Files (x86)\qUgzYKxVLnesC\lfozLsz.dll', '64');
DeleteFile('C:\ProgramData\BuHcEEPgNwocAWVB\FyRXmcM.wsf', '64');
DeleteSchedulerTask('dvwlfwwxutwlxjgmb2');
DeleteSchedulerTask('iymvcriysoqaggpjbmr2');
DeleteSchedulerTask('mmzvdpxkxjjvur');
DeleteSchedulerTask('SOVqgpLsuXhFCxp2');
DeleteSchedulerTask('UXshqEpiPQcXH2');
ExecuteRepair(3);
BC_ImportALL;
ExecuteSysClean;
ExecuteWizard('SCU', 2, 3, true);
BC_Activate;
RebootWindows(true);
end.
begin
DeleteFile(GetAVZDirectory+'quarantine.7z');
ExecuteFile(GetAVZDirectory+'7za.exe', 'a -mx9 -pmalware quarantine .\Quarantine\*', 1, 300000, false);
end.
Wise Care 365 5.19
Start::
CreateRestorePoint:
GroupPolicy: Restriction - Windows Defender <==== ATTENTION
CHR StartupUrls: Default -> "hxxp://mail.ru/cnt/10445?gp=820322","hxxp://mail.ru/cnt/10445?gp=812204"
2018-12-24 11:04 - 2018-12-24 11:04 - 002035931 _____ C:\Users\maximus\AppData\Local\Xxx-Zap.tst
2018-12-24 11:04 - 2018-12-24 11:04 - 000722944 _____ C:\Users\maximus\AppData\Local\sham.db
2018-12-24 11:04 - 2018-12-24 11:04 - 000621416 _____ (VideoDriver) C:\WINDOWS\B338B824A0B0.sys
2018-12-24 11:04 - 2018-12-24 11:04 - 000070896 _____ C:\Users\maximus\AppData\Local\Config.xml
2018-12-24 11:04 - 2018-12-24 11:04 - 000005568 _____ C:\Users\maximus\AppData\Local\md.xml
2018-12-24 11:03 - 2018-12-24 16:15 - 000000000 ____D C:\Users\maximus\AppData\Roaming\YoutubeDownloader_upd
2018-12-24 11:03 - 2018-12-24 11:40 - 000000000 ____D C:\Users\maximus\AppData\Roaming\YoutubeDownloader
Task: {b0d8688b-50e3-4e55-8291-86bd5c74cc86} - no filepath
Task: {b3ea1e87-3855-4ebe-bdd9-e5a1d75c98ba} - no filepath
Task: {B9E12658-47B9-4BB4-AD73-AAE898C75989} - System32\Tasks\YoutubeDownloader => C:\Users\maximus\AppData\Roaming\YoutubeDownloader\python\pythonw.exe <==== ATTENTION
Task: {d6c2712d-9308-4cbb-b9a7-76a13e28f556} - no filepath
EmptyTemp:
Reboot:
End::
;uVS v4.1.2 [http://dsrt.dyndns.org]
;Target OS: NTv10.0
v400c
BREG
;---------command-b---------
delref HTTP://COUNT.B12.FUN/JUMP.PHP
delref HTTPS://WWW.GOOGLE.COM/
apply
deltmp
regt 28
regt 29
restart
We use cookies and similar technologies for the following purposes:
Do you accept cookies and these technologies?
We use cookies and similar technologies for the following purposes:
Do you accept cookies and these technologies?