Andrej37891
Новый пользователь
- Сообщения
- 33
- Реакции
- 4
Здравствуйте, целый день борюсь с неизвестным мне вирусом, можете помочь? Логи прикрепил.
Смотрите видео ниже, чтобы узнать, как установить наш сайт в качестве веб-приложения на домашнем экране.
Примечание: Эта возможность может быть недоступна в некоторых браузерах.
begin
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
QuarantineFile('C:\Program Files\driverspacksolution\intel.exe', '');
QuarantineFile('C:\ProgramData\WindowsTask\taskhost.exe', '');
QuarantineFile('C:\Users\www\AppData\Local\Temp\Winprocces.exe', '');
QuarantineFile('D:\Antivirus\mbemsg.exe', '');
DeleteFile('C:\Program Files\driverspacksolution\intel.exe', '32');
DeleteFile('C:\ProgramData\WindowsTask\taskhost.exe', '64');
DeleteFile('C:\Users\www\AppData\Local\Temp\Winprocces.exe', '64');
RegKeyDel('HKEY_LOCAL_MACHINE', 'SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Chrome', 'x64');
RegKeyDel('HKEY_LOCAL_MACHINE', 'SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\java update.exe', 'x64');
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1001', 1);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1004', 3);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1201', 3);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1804', 1);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '2201', 3);
BC_ImportALL;
ExecuteSysClean;
ExecuteWizard('SCU', 2, 3, true);
BC_Activate;
RebootWindows(true);
end.
begin
DeleteFile(GetAVZDirectory+'quarantine.7z');
ExecuteFile(GetAVZDirectory+'7za.exe', 'a -mx9 -pmalware quarantine .\Quarantine\*', 1, 300000, false);
end.
O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
Start::
CreateRestorePoint:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1247293891-4229509804-166607151-1000\...\MountPoints2: {418ed6b4-c3ab-11e8-bbef-40167eb09c20} - F:\autorun.exe
HKU\S-1-5-21-1247293891-4229509804-166607151-1000\...\MountPoints2: {7e0c8c36-d5e3-11e8-98c3-40167eb09c20} - G:\setup.exe
HKU\S-1-5-21-1247293891-4229509804-166607151-1000\...\MountPoints2: {7e0c8c3a-d5e3-11e8-98c3-40167eb09c20} - H:\setup.exe
HKU\S-1-5-18\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-18\...\Policies\Explorer\DisallowRun: [1] eav_trial_rus.exe
HKU\S-1-5-18\...\Policies\Explorer\DisallowRun: [2] avast_free_antivirus_setup_online.exe
HKU\S-1-5-18\...\Policies\Explorer\DisallowRun: [3] eis_trial_rus.exe
HKU\S-1-5-18\...\Policies\Explorer\DisallowRun: [4] essf_trial_rus.exe
HKU\S-1-5-18\...\Policies\Explorer\DisallowRun: [5] hitmanpro_x64.exe
HKU\S-1-5-18\...\Policies\Explorer\DisallowRun: [6] ESETOnlineScanner_UKR.exe
HKU\S-1-5-18\...\Policies\Explorer\DisallowRun: [7] ESETOnlineScanner_RUS.exe
HKU\S-1-5-18\...\Policies\Explorer\DisallowRun: [8] HitmanPro.exe
HKU\S-1-5-18\...\Policies\Explorer\DisallowRun: [9] 360TS_Setup_Mini.exe
HKU\S-1-5-18\...\Policies\Explorer\DisallowRun: [10] Cezurity_Scanner_Pro_Free.exe
HKU\S-1-5-18\...\Policies\Explorer\DisallowRun: [11] Cube.exe
GroupPolicy: Restriction ? <==== ATTENTION
S3 FairplayKD; \??\C:\ProgramData\NextRP\Common\temp\FairplayKD.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 ___SH C:\Users\Все пользователи\script.exe
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 ___SH C:\Users\Все пользователи\olly.exe
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 ___SH C:\Users\Все пользователи\lsass2.exe
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 ___SH C:\Users\Все пользователи\lsass.exe
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 ___SH C:\Users\Все пользователи\kz.exe
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 ___SH C:\ProgramData\script.exe
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 ___SH C:\ProgramData\olly.exe
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 ___SH C:\ProgramData\lsass2.exe
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 ___SH C:\ProgramData\lsass.exe
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 ___SH C:\ProgramData\kz.exe
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 ___SH C:\Windows\boy.exe
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 ___SH C:\Windows\svchost.exe
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 ___SH () C:\ProgramData\kz.exe
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 ___SH () C:\ProgramData\lsass.exe
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 ___SH () C:\ProgramData\lsass2.exe
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 ___SH () C:\ProgramData\olly.exe
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 ___SH () C:\ProgramData\script.exe
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 ___SH () C:\Users\Все пользователи\kz.exe
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 ___SH () C:\Users\Все пользователи\lsass.exe
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 ___SH () C:\Users\Все пользователи\lsass2.exe
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 ___SH () C:\Users\Все пользователи\olly.exe
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 ___SH () C:\Users\Все пользователи\script.exe
AlternateDataStreams: C:\ProgramData:NT [40]
AlternateDataStreams: C:\ProgramData:NT2 [654]
AlternateDataStreams: C:\Users\All Users:NT [40]
AlternateDataStreams: C:\Users\All Users:NT2 [654]
AlternateDataStreams: C:\Users\Все пользователи:NT [40]
AlternateDataStreams: C:\Users\Все пользователи:NT2 [654]
AlternateDataStreams: C:\ProgramData\Application Data:NT [40]
AlternateDataStreams: C:\ProgramData\Application Data:NT2 [654]
AlternateDataStreams: C:\ProgramData\TEMP:472FBBAF [137]
AlternateDataStreams: C:\Users\Public\AppData:CSM [470]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [229]
AlternateDataStreams: C:\Users\www\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\www\Application Data:NT [40]
AlternateDataStreams: C:\Users\www\Application Data:NT2 [654]
AlternateDataStreams: C:\Users\www\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\www\AppData\Roaming:NT [40]
AlternateDataStreams: C:\Users\www\AppData\Roaming:NT2 [654]
AlternateDataStreams: C:\Users\Все пользователи\Application Data:NT [40]
AlternateDataStreams: C:\Users\Все пользователи\Application Data:NT2 [654]
AlternateDataStreams: C:\Users\Все пользователи\TEMP:472FBBAF [137]
S2 McAfee WebAdvisor; "C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe" [X]
EmptyTemp:
Reboot:
End::
какой пытаетесь установить?Да, антивирусы не устанавливаются.
Eset nod 32 и kasperskyкакой пытаетесь установить?
;uVS v4.1.6 [http://dsrt.dyndns.org:8888]
;Target OS: NTv6.1
v400c
OFFSGNSAVE
BREG
;---------command-block---------
; %SystemDrive%\PROGRAM FILES\INTELDRIVERPACK\INTEL.EXE
bl 9F0264CD81D6C892FBE7D8B060391166 9798810
zoo %SystemDrive%\PROGRAM FILES\INTELDRIVERPACK\INTEL.EXE
delall %SystemDrive%\PROGRAM FILES\INTELDRIVERPACK\INTEL.EXE
; %SystemDrive%\PROGRAMDATA\RUNDLL\TIBE-1.DLL
bl 0647DCD31C77D1EE6F8FAC285104771A 233472
zoo %SystemDrive%\PROGRAMDATA\RUNDLL\TIBE-1.DLL
delall %SystemDrive%\PROGRAMDATA\RUNDLL\TIBE-1.DLL
delref HTTP://BABYUSER.NET/
delref %SystemDrive%\USERS\WWW\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\FAJAFKHGBCEKJFFFGNPBBJHDHIMGFFEC\7.1.6.0_0\MALLBERY: SMART CASH BACK SHOPPING ASSISTANT
deltsk F:\RESCUE2USB.EXE
deltsk %SystemDrive%\USERS\WWW\DESKTOP\RESCUE2USB.EXE
deltsk D:\ANTIVIRUS\MBEMSG.EXE
apply
deltmp
;---------command-block---------
delref %SystemDrive%\USERS\WWW\APPDATA\ROAMING\DISCORD\0.0.305\MODULES\DISCORD_DESKTOP_CORE\CORE.ASAR\APP\MAINSCREENPRELOAD.JS
delref %SystemRoot%\AUTOKMS\AUTOKMS.EXE
delref {23E5D772-327A-42F5-BDEE-C65C6796BB2A}\[CLSID]
delref {177AFECE-9599-46CF-90D7-68EC9EEB27B4}\[CLSID]
delref {CEF51277-5358-477B-858C-4E14F0C80BF7}\[CLSID]
delref {59116E30-02BD-4B84-BA1E-5D77E809B1A2}\[CLSID]
delref D:\PROGRAM FILES\WINDOWS DEFENDER\MPCMDRUN.EXE
delref F:\RESCUE2USB.EXE
delref %SystemDrive%\USERS\WWW\DESKTOP\RESCUE2USB.EXE
delref D:\ANTIVIRUS\MBEMSG.EXE
delref %SystemRoot%\SYSWOW64\TBSSVC.DLL
delref %SystemRoot%\SYSWOW64\PEERDISTSVC.DLL
delref %SystemRoot%\SYSWOW64\DRIVERS\NDIS.SYS
delref %SystemRoot%\SYSWOW64\RDPCORETS.DLL
delref %SystemRoot%\SYSWOW64\UMPO.DLL
delref %SystemRoot%\SYSWOW64\IPHLPSVC.DLL
delref %SystemRoot%\SYSWOW64\CSCSVC.DLL
delref %SystemRoot%\SYSWOW64\PNRPSVC.DLL
delref %SystemRoot%\SYSWOW64\DRIVERS\PACER.SYS
delref %SystemRoot%\SYSWOW64\LSM.EXE
delref {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}\[CLSID]
delref {166B1BCA-3F9C-11CF-8075-444553540000}\[CLSID]
delref {233C1507-6A77-46A4-9443-F871F945D258}\[CLSID]
delref {4063BE15-3B08-470D-A0D5-B37161CFFD69}\[CLSID]
delref {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA}\[CLSID]
delref %SystemRoot%\SYSWOW64\WIN32K.SYS
delref {1FBA04EE-3024-11D2-8F1F-0000F87ABD16}\[CLSID]
delref %SystemRoot%\SYSWOW64\BLANK.HTM
delref {E6FB5E20-DE35-11CF-9C87-00AA005127ED}\[CLSID]
delref %Sys32%\MSSPELLCHECKINGFACILITY.DLL
delref %Sys32%\BLANK.HTM
delref HELPSVC\[SERVICE]
delref MCODS\[SERVICE]
delref SACSVR\[SERVICE]
delref SWPRV\[SERVICE]
delref VMMS\[SERVICE]
delref MCMPFSVC\[SERVICE]
delref MESSENGER\[SERVICE]
delref RDSESSMGR\[SERVICE]
delref %SystemDrive%\PROGRAM FILES (X86)\AMD\OVERDRIVE\AMD64\AODDRIVER2.SYS
delref %SystemDrive%\PROGRAM FILES (X86)\AMD\OVERDRIVE\AODASSIST.EXE
delref %Sys32%\DRIVERS\CMDE10K.SYS
delref %Sys32%\DRIVERS\ESGSCANNER.SYS
delref %SystemDrive%\PROGRAM FILES\ECHOBIT\EVOLVE\EVOSVC.EXE
delref %SystemDrive%\PROGRAM FILES (X86)\GIGABYTE\RGBFUSION\GLCKIO2.SYS
delref D:\ANTIVIRUS\MBAMINSTALLERSERVICE.EXE
delref %SystemDrive%\PROGRAM FILES (X86)\WINPCAP\RPCAPD.INI
delref %Sys32%\DRIVERS\VDQYODA0.SYS
delref %Sys32%\DRIVERS\X3311503.SYS
delref %Sys32%\PSXSS.EXE
delref %SystemDrive%\USERS\WWW\APPDATA\LOCAL\YANDEX\YANDEXBROWSER\APPLICATION\19.9.3.314\NOTIFICATION_HELPER.EXE
delref %SystemDrive%\PROGRAM FILES (X86)\NEWBLUE\VIDEO ESSENTIALS FOR WINDOWS\VEGAS64\VIDEOESSENTIALSVEGASHOST.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.33.23\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.35.342\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.34.7\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.35.302\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES\NVIDIA CORPORATION\DISPLAY\NVLICENSINGS.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.33.17\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.34.11\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.33.7\PSMACHINE_64.DLL
delref %SystemDrive%\PROGRAM FILES\COMMON FILES\MCAFEE\PLATFORM\MCPLATFORMPS.DLL
delref %Sys32%\MACROMED\FLASH\FLASHUTIL64_23_0_0_162_ACTIVEX.EXE
delref %Sys32%\SHAREMEDIACPL.CPL
delref %SystemRoot%\USB VIBRATION\7906\FCVAP64.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GIGABYTE\RGBFUSION\AAC3572DRAMHAL_KINGMAX.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.33.23\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.35.342\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GIGABYTE\RGBFUSION\AAC3572DRAMHAL_GEIL.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.34.7\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.35.302\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GIGABYTE\RGBFUSION\AAC3572DRAMHAL_ADATA.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.33.17\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\JAVA\JRE1.8.0_211\BIN\WSDETECT.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GIGABYTE\RGBFUSION\AAC3572DRAMHAL_X86.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.34.11\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.33.7\PSMACHINE.DLL
delref %SystemDrive%\PROGRAM FILES (X86)\ADOBE\ACROBAT READER DC\ACRORD32INFO.EXE
delref %SystemDrive%\PROGRAM FILES (X86)\GOOGLE\UPDATE\1.3.33.23\GOOGLEUPDATEBROKER.EXE
delref %SystemDrive%\PROGRAM FILES (X86)\GIGABYTE\RGBFUSION\AAC3572DRAMHAL_TEAM.DLL
delref %SystemRoot%\USB VIBRATION\7906\FCVAP32.DLL
delref %SystemDrive%\USERS\WWW\APPDATA\LOCAL\PROGRAMS\OPERA\LAUNCHER.EXE
delref %SystemDrive%\USERS\WWW\APPDATA\LOCAL\RP BOX ONLINE\RP BOX ONLINE.EXE
delref %SystemDrive%\USERS\WWW\APPDATA\LOCAL\PROGRAMS\AHMYTH\AHMYTH.EXE
delref %SystemDrive%\USERS\WWW\APPDATA\LOCAL\PROGRAMS\NEXTRP-LAUNCHER\NEXTRP LAUNCHER.EXE
delref %SystemDrive%\USERS\WWW\APPDATA\LOCAL\OSU!\OSU!.EXE
delref D:\ALIENHALLWAY.EXE
delref D:\GTA SAN ANDREAS MULTIPLAYER V0.3.7\MODMANAGER UNINSTALLERS\UNINSTALL-[CARS-INFERNUS]-107019-LAMBORGHINI-TERZO-MILLENNIO-2017-CONCEPT.EXE
delref D:\GTA SAN ANDREAS MULTIPLAYER V0.3.7\MODMANAGER UNINSTALLERS\UNINSTALL-[CARS-INFERNUS]-108536-LAMBORGHINI-AVENTADOR-TZR-R-TECH-V1.EXE
delref D:\GTA CRIMINAL RUSSIA\MODMANAGER UNINSTALLERS\UNINSTALL-[CLEO]-15707-VID-OT-PERVOGO-LICA-FIRST-PERSON-MOD.EXE
delref D:\GTA SAN ANDREAS MULTIPLAYER V0.3.7\MODMANAGER UNINSTALLERS\UNINSTALL-[WEAPONS-RIFLE]-54612-SV-98-WITH-A-BIPOD-AND-NO-REAR-SIGHT.EXE
delref D:\MSI AFTERBURNER\MSIAFTERBURNER.EXE
delref D:\MSI AFTERBURNER\UNINSTALL.EXE
delref %SystemDrive%\PROGRAM FILES (X86)\MULTI PASSWORD RECOVERY\MPR.EXE
delref %SystemDrive%\PROGRAM FILES (X86)\MULTI PASSWORD RECOVERY\UNINSTALL.EXE
delref D:\RADMIR LAUNCHER\RADMIR_LAUNCHER.EXE
delref D:\RADMIR LAUNCHER\UNINSTALL.EXE
delref D:\TELEGRAM DESKTOP\TELEGRAM.EXE
delref D:\TELEGRAM DESKTOP\UNINS000.EXE
delref D:\WARTHUNDER\LAUNCHER.EXE
delref D:\WARTHUNDER\UNINS000.EXE
delref D:\БАШЕНКИ\MAGIC TOWERS.EXE
delref D:\DOWNLOADS\RISE TO RUINS\RTR32.EXE
delref D:\DOWNLOADS\TURMOIL V2.0.10\TURMOIL_PC_FULL.EXE
delref %SystemDrive%\PROGRAM FILES (X86)\EPIC GAMES\LAUNCHER\PORTAL\BINARIES\WIN32\EPICGAMESLAUNCHER.EXE
delref %SystemDrive%\PROGRAM FILES\ECHOBIT\EVOLVE\EVOLVECLIENT.EXE
delref D:\EUROTRUCKSIMULATOR2\BIN\WIN_X64\EUROTRUCKS2.EXE
delref D:\EUROTRUCKSIMULATOR2\BIN\WIN_X86\EUROTRUCKS2.EXE
delref D:\EUROTRUCKSIMULATOR2\UNINS000.EXE
delref %SystemDrive%\PROGRAM FILES (X86)\AMD\OVERDRIVE\AMD OVERDRIVE.EXE
delref %SystemDrive%\PROGRAM FILES (X86)\GIGABYTE\RGBFUSION\RGBFUSION.EXE
delref %SystemDrive%\PROGRAM FILES (X86)\GIGABYTE\RGBFUSION\UNINSTALL.EXE
delref %SystemDrive%\PROGRAM FILES (X86)\BIAS\BIAS AUTHORIZATION MANAGER\BIAS AUTHORIZATION MANAGER.EXE
delref D:\EURO TRUCK SIMULATOR 2\BIN\WIN_X64\EUROTRUCKS2.EXE
delref D:\EURO TRUCK SIMULATOR 2\BIN\WIN_X86\EUROTRUCKS2.EXE
delref D:\DYING LIGHT\DYINGLIGHTGAME.EXE
delref D:\EURO TRUCK SIMULATOR 2\EUROTRUCKS2.EXE
delref D:\ZOMBIE ARMY TRILOGY\LAUNCHER\ZATLAUNCHER.EXE
delref D:\DYING LIGHT\UNINS000.EXE
delref D:\EURO TRUCK SIMULATOR 2\UNINS000.EXE
delref D:\ZOMBIE ARMY TRILOGY\UNINS000.EXE
delref D:\GTA CRIMINAL RUSSIA\MULTIPLAYER_C\MULTIPLAYER_BROWSER_CR.EXE
delref D:\GTA CRIMINAL RUSSIA\MULTIPLAYER_C\UNINSTALL.EXE
delref D:\GTA CRIMINAL RUSSIA\GTA_SA.EXE
delref D:\GTA CRIMINAL RUSSIA\UNINS000.EXE
delref D:\DCS WORLD\BIN\DCS_UPDATER.EXE
delref D:\DCS WORLD\UNINS000.EXE
delref D:\GTA CRIMINAL RUSSIA\GRAPHCHANGER.EXE
delref D:\GTA SAN ANDREAS (N-TORRENTS.RU)\GTA_SA.EXE
delref D:\GTA SAN ANDREAS (N-TORRENTS.RU)\UNINS000.EXE
delref %SystemDrive%\PROGRAM FILES (X86)\INNOVA\4GAME2.0\4GAME.EXE
delref D:\METRO LAST LIGHT REDUX\METRO.EXE
delref D:\METRO LAST LIGHT REDUX\UNINS000.EXE
delref D:\METRO LAST LIGHT REDUX\METRO_BENCHMARK.EXE
delref D:\MINE-IMATOR\UNINSTALL MINE-IMATOR.EXE
delref D:\MINECRAFTLICENSE\MINECRAFTLAUNCHER.EXE
delref %SystemDrive%\PROGRAM FILES (X86)\MINECRAFT NOTE BLOCK STUDIO\MINECRAFT NOTE BLOCK STUDIO.EXE
delref %SystemDrive%\PROGRAM FILES (X86)\NEWBLUE\VIDEO ESSENTIALS FOR WINDOWS\MANAGEACTIVATION64.EXE
delref %SystemDrive%\PROGRAM FILES (X86)\NEWBLUE\VIDEO ESSENTIALS FOR WINDOWS\UNINSTALVEGAS.EXE
delref D:\METRO 2033\METRO2033.EXE
delref %SystemDrive%\PROGRAMDATA\APPDATA\ROAMING\METRO 2033\UNINSTALL\UNINS000.EXE
delref D:\STARCRAFT II\STARCRAFT II.EXE
delref D:\FRONT MISSION EVOLVED.V 1.0.0.1U2 + 6 DLC\FRONTMISSIONEVOLVED.EXE
delref D:\FRONT MISSION EVOLVED.V 1.0.0.1U2 + 6 DLC\UNINSTALL\UNINS000.EXE
delref D:\SWAT 4\CONTENTEXPANSION\SYSTEM\SWAT4X.EXE
delref D:\SWAT 4\CONTENT\SYSTEM\SWAT4.EXE
delref D:\SWAT 4\UNINS000.EXE
delref D:\.METADATA\THE FOREST\THEFOREST.EXE
delref D:\.METADATA\THE FOREST\THEFOREST32.EXE
delref D:\GAMES\THE FOREST\THEFOREST32.EXE
delref D:\GAMES\THE FOREST\UNINSTALL\UNINS000.EXE
delref D:\.METADATA\THE FOREST\UNINS000.EXE
delref %SystemDrive%\PROGRAM FILES\WIPERSOFT\WIPERSOFT-INST.EXE
delref %SystemDrive%\PROGRAM FILES\WIPERSOFT\WIPERSOFT.EXE
delref D:\GTA SAN ANDREAS MULTIPLAYER V0.3.7\WWW.GAMEMODDING.NET\UNINSTALL 16160-POVOROTNIKI-2.1-GTASA.EXE
delref D:\GTA SAN ANDREAS MULTIPLAYER V0.3.7\WWW.GAMEMODDING.NET\UNINSTALL 23089-VID-OT-PERVOGO-LICA-GTASA.EXE
delref D:\GTA SAN ANDREAS MULTIPLAYER V0.3.7\WWW.GAMEMODDING.NET\UNINSTALL(HYDRA)168035-GRUMMAN-F-14B-BOMBCAT-GTASA.EXE
delref D:\GTA SAN ANDREAS MULTIPLAYER V0.3.7\WWW.GAMEMODDING.NET\UNINSTALL(SWAT (ID285))170037-KINOSHNYY-SPECNAZ-V1-GTASA.EXE
apply
exec32 D:\SpyHunter\Удалить SpyHunter.exe
regt 18
regt 24
restart
Start::
CreateRestorePoint:
2019-11-16 17:00 - 2019-12-15 02:26 - 000000000 __SHD C:\ProgramData\McAfee
2019-11-16 17:00 - 2019-12-14 16:19 - 000000000 __SHD C:\ProgramData\Doctor Web
2019-11-16 17:00 - 2019-11-20 18:09 - 000000000 __SHD C:\Program Files\RDP Wrapper
2019-11-16 17:00 - 2019-11-20 17:05 - 000000000 __SHD C:\KVRT_Data
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 __SHD C:\Windows\NetworkDistribution
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 __SHD C:\Windows\McMwt
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 __SHD C:\ProgramData\Norton
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 __SHD C:\ProgramData\Kaspersky Lab Setup Files
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 __SHD C:\ProgramData\Kaspersky Lab
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 __SHD C:\ProgramData\grizzly
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 __SHD C:\ProgramData\ESET
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 __SHD C:\ProgramData\Driver Foundation Visions VHG
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 __SHD C:\ProgramData\Avg
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 __SHD C:\ProgramData\AVAST Software
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 __SHD C:\ProgramData\360TotalSecurity
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 __SHD C:\ProgramData\360safe
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 __SHD C:\Program Files\SpyHunter
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 __SHD C:\Program Files\Malwarebytes
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 __SHD C:\Program Files\Kaspersky Lab
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 __SHD C:\Program Files\ESET
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 __SHD C:\Program Files\Enigma Software Group
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 __SHD C:\Program Files\COMODO
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 __SHD C:\Program Files\Cezurity
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 __SHD C:\Program Files\ByteFence
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 __SHD C:\Program Files\AVG
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 __SHD C:\Program Files\AVAST Software
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 __SHD C:\Program Files (x86)\Zaxar
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 __SHD C:\Program Files (x86)\SpyHunter
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 __SHD C:\Program Files (x86)\Panda Security
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 __SHD C:\Program Files (x86)\Microsoft JDX
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 __SHD C:\Program Files (x86)\Kaspersky Lab
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 __SHD C:\Program Files (x86)\GRIZZLY Antivirus
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 __SHD C:\Program Files (x86)\Cezurity
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 __SHD C:\Program Files (x86)\AVG
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 __SHD C:\Program Files (x86)\AVAST Software
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 __SHD C:\AdwCleaner
2019-11-16 16:59 - 2019-11-20 18:03 - 000000000 __SHD C:\ProgramData\RealtekHD
2019-11-16 16:59 - 2019-11-20 18:02 - 000000000 __SHD C:\Users\Все пользователи\RunDLL
2019-11-16 16:59 - 2019-11-20 18:02 - 000000000 __SHD C:\ProgramData\Windows
2019-11-16 16:59 - 2019-11-20 18:02 - 000000000 __SHD C:\ProgramData\RunDLL
2019-11-16 16:59 - 2019-11-20 18:01 - 000000000 __SHD C:\ProgramData\WindowsTask
2019-11-16 16:59 - 2019-11-16 17:01 - 000000000 __SHD C:\rdp
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 ____D C:\ProgramData\MB3Install
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 ____D C:\ProgramData\Indus
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 ____D C:\ProgramData\Avira
2019-11-16 17:00 - 2019-11-16 17:00 - 000000000 ____D C:\Program Files\360
Reboot:
End::