begin
QuarantineFileF('C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\blacount', '*.exe, *.dll, *.sys, *.bat, *.vbs, *.js*, *.tmp*', true, '', 0, 0);
QuarantineFileF('C:\Users\user\AppData\Local\Hostinstaller\', '*.exe, *.dll, *.sys, *.bat, *.vbs, *.js*, *.tmp*', true, '', 0, 0);
QuarantineFileF('C:\ProgramData\Microsoft\Windows\Start Menu\Programs\application extension', '*.exe, *.dll, *.sys, *.bat, *.vbs, *.js*, *.tmp*', true, '', 0, 0);
QuarantineFile('C:\Users\user\AppData\Local\Hostinstaller\3968273761_monster.exe', '');
DeleteFile('C:\Users\user\AppData\Local\Hostinstaller\3968273761_monster.exe', '32');
DeleteService('softaal');
DeleteService('QMUdisk');
DeleteService('wucotusy');
DeleteService('woforemu');
DeleteService('sudyxyjizbt');
DeleteService('SSFK');
DeleteFileMask('C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\blacount', '*', true);
DeleteFileMask('C:\Users\user\AppData\Local\Hostinstaller', '*', true);
DeleteFileMask('C:\ProgramData\Microsoft\Windows\Start Menu\Programs\application extension', '*', true);
DeleteDirectory('C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\blacount');
DeleteDirectory('C:\Users\user\AppData\Local\Hostinstaller');
DeleteDirectory('C:\ProgramData\Microsoft\Windows\Start Menu\Programs\application extension');
DelBHO('{8E8F97CD-60B5-456F-A201-73065652D099}');
DelBHO('{50F4150A-48B2-417A-BE4C-C83F580FB904}');
ExecuteFile('schtasks.exe', '/delete /TN "Soft installer" /F', 0, 15000, true);
DelCLSID('{754DF2CE-51E8-4895-B53C-6381418B84AE}');
RegKeyParamDel('HKEY_CURRENT_USER', 'Software\Microsoft\Windows\CurrentVersion\Run', 'Daemon');
ExecuteSysClean;
ExecuteRepair(3);
ExecuteWizard('SCU', 2, 2, true);
RebootWindows(true);
end.
begin
CreateQurantineArchive(GetAVZDirectory+'quarantine.zip');
end.
CreateRestorePoint:
SearchScopes: HKU\S-1-5-21-4100258598-3960581031-668998253-1002 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/distib/ep/?q={SearchTerms}&product_id=%7B266BF532-1020-4227-8C04-4F5A94A26374%7D&gp=820483
SearchScopes: HKU\S-1-5-21-4100258598-3960581031-668998253-1002 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/distib/ep/?q={SearchTerms}&product_id=%7B266BF532-1020-4227-8C04-4F5A94A26374%7D&gp=820483
CHR HKLM-x32\...\Chrome\Extension: [iflppbjnpneiigcbdfjpnkebidmkjmoi] - hxxps://clients2.google.com/service/update2/crx
S2 zutuzuni; no ImagePath
EmptyTemp:
Reboot:
-------------------------------- [ Java ] ---------------------------------
Java 7 Update 45 v.7.0.450 Внимание! Скачать обновления Внимание! Данная версия содержит уязвимость нулевого дня! Рекомендуется деинсталлировать Java версий 6 и 7, скачать и установить Java 8
^Если Ваша система не поддерживает Java 8, удалите старую версию и скачайте по ссылке выше jre-7u80-windows-i586.exe^
--------------------------- [ AdobeProduction ] ---------------------------
Adobe Reader X MUI v.10.0.0 Внимание! Скачать обновления
^Проверьте обновления через меню Справка - Проверить обновления!^
We use cookies and similar technologies for the following purposes:
Do you accept cookies and these technologies?
We use cookies and similar technologies for the following purposes:
Do you accept cookies and these technologies?