Смотрите видео ниже, чтобы узнать, как установить наш сайт в качестве веб-приложения на домашнем экране.
Примечание: Эта возможность может быть недоступна в некоторых браузерах.
begin
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
TerminateProcessByName('c:\programdata\windowsmangerprotect\protectwindowsmanager.exe');
TerminateProcessByName('c:\program files\xtab\protectservice.exe');
TerminateProcessByName('c:\program files\xtab\cmdshell.exe');
SetServiceStart('WindowsMangerProtect', 4);
SetServiceStart('IHProtect Service', 4);
StopService('WindowsMangerProtect');
StopService('IHProtect Service');
QuarantineFile('C:\Users\Renreg\AppData\Local\Temp\WiFiPasswordService.exe', '');
QuarantineFile('C:\Program Files\XTab\SupTab.dll', '');
QuarantineFile('C:\Program Files\XTab\IeWatchDog.dll', '');
QuarantineFile('C:\Program Files\XTab\BrowerWatchFF.dll', '');
QuarantineFile('C:\Program Files\XTab\BrowerWatchCH.dll', '');
QuarantineFile('c:\programdata\windowsmangerprotect\protectwindowsmanager.exe', '');
QuarantineFile('c:\program files\xtab\protectservice.exe', '');
QuarantineFile('c:\program files\xtab\cmdshell.exe', '');
DeleteFile('C:\Program Files\XTab\IeWatchDog.dll', '32');
DeleteFile('C:\Program Files\XTab\ProtectService.exe', '32');
DeleteFile('C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe', '32');
DeleteFile('C:\Program Files\xtab\browerwatchch.dll', '32');
DeleteFile('C:\Program Files\xtab\browerwatchff.dll', '32');
DeleteFile('C:\Program Files\xtab\cmdshell.exe', '32');
DeleteFile('C:\Program Files\xtab\suptab.dll', '32');
DeleteService('WindowsMangerProtect');
DeleteService('IHProtect Service');
DeleteFileMask('C:\Program Files\xtab\', '*', true);
DeleteDirectory('C:\Program Files\xtab\');
DelBHO('{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}');
BC_ImportAll;
ExecuteWizard('SCU', 2, 3, true);
ExecuteSysClean;
BC_Activate;
RebootWindows(true);
end.
begin
CreateQurantineArchive(GetAVZDirectory+'quarantine.zip');
end.
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&ts=1429943905&from=ima&uid=HitachiXHDS721010CLA332_JP2940HZ1NZYAC1NZYACX
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&ts=1429943905&from=ima&uid=HitachiXHDS721010CLA332_JP2940HZ1NZYAC1NZYACX
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&ts=1429943905&from=ima&uid=HitachiXHDS721010CLA332_JP2940HZ1NZYAC1NZYACX
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type=ds&ts=1429943905&from=ima&uid=HitachiXHDS721010CLA332_JP2940HZ1NZYAC1NZYACX&q={searchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type=ds&ts=1429943905&from=ima&uid=HitachiXHDS721010CLA332_JP2940HZ1NZYAC1NZYACX&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&ts=1429943905&from=ima&uid=HitachiXHDS721010CLA332_JP2940HZ1NZYAC1NZYACX
start
CreateRestorePoint:
AlternateDataStreams: C:\ProgramData\TEMP:036B9593
AlternateDataStreams: C:\ProgramData\TEMP:15B79D44
AlternateDataStreams: C:\ProgramData\TEMP:58A5270D
AlternateDataStreams: C:\ProgramData\TEMP:9F49E34B
AlternateDataStreams: C:\ProgramData\TEMP:A303874F
AlternateDataStreams: C:\ProgramData\TEMP:C31F31E6
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9
AlternateDataStreams: C:\ProgramData\TEMP:D287FACF
AlternateDataStreams: C:\ProgramData\TEMP:D3A96964
AlternateDataStreams: C:\ProgramData\TEMP:FB1B13D8
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => No File
ShellIconOverlayIdentifiers: [BitcasaBadFileOverlay] -> {EC168C82-5053-422A-BB08-3CD9ACA22E85} => No File
ShellIconOverlayIdentifiers: [BitcasaIconOverlay] -> {A6975448-A999-49BB-B3E4-7730CF6A82C0} => No File
ShellIconOverlayIdentifiers: [BitcasaMirrorOverlay] -> {8C403C00-4544-4A53-879B-1949390CDE13} => No File
ShellIconOverlayIdentifiers: [BitcasaProgressOverlay] -> {6FB8D52A-0064-45B2-B687-F596FEAD09C2} => No File
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => No File
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => No File
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => No File
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => No File
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => No File
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ShellExecuteHooks: - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No File [ ]
ShellExecuteHooks: - {4F07DA45-8170-4859-9B5F-037EF2970034} - No File [ ]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Renreg\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3601327674-2190578478-637353986-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - http://clients2.google.com/service/update2/crx
S3 ATP; system32\DRIVERS\cmdatp.sys [X]
S3 cleanhlp; \??\C:\Program Files\Emsisoft Anti-Malware\cleanhlp32.sys [X]
S3 MBfilt; system32\drivers\MBfilt32.sys [X]
S3 SWDUMon; system32\DRIVERS\SWDUMon.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
EmptyTemp:
Reboot:
end