Вложения
Последнее редактирование модератором:
Смотрите видео ниже, чтобы узнать, как установить наш сайт в качестве веб-приложения на домашнем экране.
Примечание: Эта возможность может быть недоступна в некоторых браузерах.
begin
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
SetServiceStart('wta38080', 4);
SetServiceStart('fussvc', 4);
SetServiceStart('wta5743', 4);
SetServiceStart('wta24354', 4);
SetServiceStart('wta20220', 4);
QuarantineFile('C:\Users\Номе\AppData\Roaming\HwmonitorApp\HwmonitorApp.exe','');
QuarantineFile('wta38080.sys','');
QuarantineFile('C:\ProgramData\wta20220.exe','');
QuarantineFile('c:\programdata\wta8786.exe','');
QuarantineFile('C:\ProgramData\wta8786.exe','');
DeleteFile('C:\ProgramData\wta8786.exe','32');
DeleteFile('c:\programdata\wta8786.exe','32');
DeleteFile('C:\ProgramData\wta20220.exe','32');
DeleteFile('wta38080.sys','32');
DeleteFile('C:\Users\Номе\AppData\Roaming\HwmonitorApp\HwmonitorApp.exe','32');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','HwmonitorApp');
RegKeyParamDel('HKEY_USERS','S-1-5-21-1426912448-3791724741-766013378-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08092017114414174\Software\Microsoft\Windows\CurrentVersion\Run','HwmonitorApp');
DeleteService('wta38080');
DeleteService('fussvc');
DeleteService('wta5743');
DeleteService('wta24354');
DeleteService('wta20220');
BC_Activate;
ExecuteSysClean;
ExecuteWizard('SCU', 2, 3, true);
BC_ImportALL;
RebootWindows(true);
end.
begin
CreateQurantineArchive(GetAVZDirectory+'quarantine.zip');
end.
??C:\Users\Номе\AppData\Roaming\Filosof\Filosof.vbs - ваше?
begin
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
QuarantineFile('C:\Program Files\YtuAskU2\WGR8ZBc.dll','');
QuarantineFile('C:\Program Files\YueAckU\xsxXcpJ.dll','');
QuarantineFile('C:\Program Files\YeuAskIE\kETWl4IUB.dll','');
ExecuteFile('schtasks.exe', '/delete /TN "5A8163FE-2D41-4CE5-AD54-7FE95B266373" /F', 0, 15000, true);
ExecuteFile('schtasks.exe', '/delete /TN "A0EECDFC-B485-47CA-8AE4-6DB2B0B2691F" /F', 0, 15000, true);
ExecuteFile('schtasks.exe', '/delete /TN "A0EECDFC-B485-47CA-8AE4-6DB2B0B2691F2" /F', 0, 15000, true);
DeleteFile('C:\Program Files\YeuAskIE\kETWl4IUB.dll','32');
DeleteFile('C:\Program Files\YueAckU\xsxXcpJ.dll','32');
DeleteFile('C:\Program Files\YtuAskU2\WGR8ZBc.dll','32');
DelBHO('{C0D38E5A-7CF8-4105-8FE8-31B81443A114}');
BC_Activate;
ExecuteSysClean;
BC_ImportALL;
RebootWindows(true);
end.
begin
CreateQurantineArchive(GetAVZDirectory+'quarantine.zip');
end.