Код:
begin
SearchRootkit(true, true);
TerminateProcessByName('c:\programdata\microsoft\drm\smss.exe');
TerminateProcessByName('c:\documents and settings\all users\microsoft\drm\wa\services.exe');
TerminateProcessByName('c:\program files\common files\microsoft shared\system\gecko\securesurf.browser.client.exe');
StopService('WindowsDefender');
QuarantineFile('C:\Program Files\Common Files\Microsoft Shared\System\webisida.browser.exe', '');
QuarantineFile('C:\Program Files\Common Files\Microsoft Shared\System\settings.exe', '');
QuarantineFile('C:\Program Files\SearchesToYesbnd\bugreport.exe', '');
QuarantineFile('c:\programdata\microsoft\drm\smss.exe', '');
QuarantineFile('c:\documents and settings\all users\microsoft\drm\wa\services.exe', '');
QuarantineFile('c:\program files\common files\microsoft shared\system\gecko\securesurf.browser.client.exe', '');
QuarantineFileF('c:\documents and settings\all users\microsoft\drm\wa', '*.exe, *.dll, *.sys, *.bat, *.vbs, *.js', true, '', 0, 0);
QuarantineFileF('c:\program files\common files\microsoft shared\system', '*.exe, *.dll, *.sys, *.bat, *.vbs, *.js', true, '', 0, 0);
DeleteFile('c:\program files\common files\microsoft shared\system\gecko\securesurf.browser.client.exe', '32');
DeleteFile('c:\documents and settings\all users\microsoft\drm\wa\services.exe', '32');
DeleteFile('c:\programdata\microsoft\drm\smss.exe', '32');
DeleteFile('C:\Windows\system32\Tasks\WinTaske', '32');
DeleteFile('C:\Program Files\SearchesToYesbnd\bugreport.exe', '32');
DeleteFile('C:\Program Files\Common Files\Microsoft Shared\System\settings.exe', '32');
DeleteFile('C:\Windows\system32\Tasks\', '32');
DeleteFile('C:\Program Files\Common Files\Microsoft Shared\System\webisida.browser.exe', '32');
DeleteService('ggbugreport');
DeleteService('WindowsDefender');
DeleteFileMask('c:\documents and settings\all users\microsoft\drm\wa', '*', true);
DeleteFileMask('c:\program files\common files\microsoft shared\system', '*', true);
DeleteFileMask('C:\Program Files\SearchesToYesbnd', '*', true);
DeleteDirectory('c:\documents and settings\all users\microsoft\drm\wa');
DeleteDirectory('c:\program files\common files\microsoft shared\system');
DeleteDirectory('C:\Program Files\SearchesToYesbnd');
ExecuteFile('schtasks.exe', '/delete /TN "Adobe Reader" /F', 0, 15000, true);
ExecuteFile('schtasks.exe', '/delete /TN "GoogleUpdateTaskMashine" /F', 0, 15000, true);
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
end.
Перезагрузите сервер.