begin
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
SearchRootkit(true, true);
SetAVZGuardStatus(True);
StopService('4F949354D6142611');
StopService('4F9493613EFE6872');
StopService('4F9493739141AA72');
StopService('4F94937C243D7991');
StopService('4F94937D84F8AEF2');
QuarantineFile('C:\Users\Artur\AppData\Local\Temp\1DDE09A1C.sys', '');
QuarantineFile('C:\Users\Artur\AppData\Local\Temp\365BF0C5.sys', '');
QuarantineFile('C:\Users\Artur\AppData\Local\Temp\3F501BCC.sys', '');
QuarantineFile('C:\Users\Artur\AppData\Local\Temp\2DB59B42.sys', '');
QuarantineFile('C:\Users\Artur\AppData\Local\Temp\19CB8C44.sys', '');
QuarantineFile('C:\Users\Artur\AppData\Local\Temp\96D78092-CB1845C4-50E87BD2-31C082DC\b8edd07.sys', '');
DeleteFile('C:\Users\Artur\AppData\Local\Temp\1DDE09A1C.sys', '32');
DeleteFile('C:\Users\Artur\AppData\Local\Temp\365BF0C5.sys', '32');
DeleteFile('C:\Users\Artur\AppData\Local\Temp\3F501BCC.sys', '32');
DeleteFile('C:\Users\Artur\AppData\Local\Temp\2DB59B42.sys', '32');
DeleteFile('C:\Users\Artur\AppData\Local\Temp\19CB8C44.sys', '32');
DeleteFile('C:\Users\Artur\AppData\Local\Temp\96D78092-CB1845C4-50E87BD2-31C082DC\b8edd07.sys', '32');
DeleteService('4F949354D6142611');
DeleteService('4F9493613EFE6872');
DeleteService('4F9493739141AA72');
DeleteService('4F94937C243D7991');
DeleteService('4F94937D84F8AEF2');
BC_ImportALL;
ExecuteSysClean;
BC_Activate;
ExecuteWizard('SCU', 2, 3, true);
RebootWindows(true);
end.
begin
CreateQurantineArchive(GetAVZDirectory+'quarantine.zip');
end.
Прокси через anticenz.org настраивали самостоятельно?
Start::
CreateRestorePoint:
ManualProxies: 0hxxps://config.anticenz.org/proxy.pac
EmptyTemp:
Reboot:
End::
;uVS v4.0.10 [http://dsrt.dyndns.org]
;Target OS: NTv6.1
v400c
BREG
;---------command-b---------
bl 0A67889E1DB050943BEFF61EF5AC042A 83502752
zoo D:\TORRRRENT\УСТАНОВОЧНИКИ\CHROME-47.0.2526.80\CHROME-47.0.2526.80.EXE
delall D:\TORRRRENT\УСТАНОВОЧНИКИ\CHROME-47.0.2526.80\CHROME-47.0.2526.80.EXE
delref HTTPS://CONFIG.ANTICENZ.ORG/PROXY.PAC
delref %SystemDrive%\PROGRAM FILES\SPYWARE PROCESS DETECTOR\SPD324.EXE
apply
deltmp
czoo
restart
Что сейчас с этим?всю оперативку всё равно что то жрёт.
We use cookies and similar technologies for the following purposes:
Do you accept cookies and these technologies?
We use cookies and similar technologies for the following purposes:
Do you accept cookies and these technologies?