Код:
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
QuarantineFile('C:\recycler.exe','');
QuarantineFile('D:\autorun.inf','');
QuarantineFile('D:\SafeDrv.exe','');
QuarantineFile('C:\autorun.inf','');
QuarantineFile('C:\SafeDrv.exe','');
QuarantineFile('C:\DOCUME~1\9AB1~1\LOCALS~1\Temp\111292812.dll','');
QuarantineFile('C:\Program Files\Internet Explorer\Mfc42.tdm','');
QuarantineFile('C:\WINDOWS\system32\WinHelp32.exe','');
QuarantineFile('C:\System Volume Information\_restore{46BF32D0-EB3E-42B9-A1C9-D5401EE19805}\RP5\A0010414.exe','');
QuarantineFile('C:\Program Files\fh.exe','');
QuarantineFile('C:\Program Files\360\winhelp32.exe','');
QuarantineFile('C:\Documents and Settings\Ангел\Local Settings\Temp\cd1364500.exe','');
QuarantineFile('C:\Documents and Settings\Ангел\Local Settings\Temp\81338015.dll','');
QuarantineFile('C:\Documents and Settings\Ангел\Local Settings\Temp\71333453.dll','');
QuarantineFile('C:\Documents and Settings\Ангел\Local Settings\Temp\71293843.dll','');
QuarantineFile('C:\Documents and Settings\Ангел\Local Settings\Temp\261304015.dll','');
QuarantineFile('C:\Documents and Settings\Ангел\Local Settings\Temp\171345609.dll','');
QuarantineFile('C:\Documents and Settings\Ангел\Local Settings\Temp\171303921.dll','');
QuarantineFile('C:\Documents and Settings\Ангел\Local Settings\Temp\121334781.dll','');
QuarantineFile('C:\Documents and Settings\Ангел\Local Settings\Temp\121294515.dll','');
QuarantineFile('C:\Documents and Settings\Ангел\Local Settings\Temp\11341093.dll','');
QuarantineFile('C:\Documents and Settings\Ангел\Local Settings\Temp\11300250.dll','');
QuarantineFile('C:\1213375.exe','');
DelBHO('{28757672-E0AD-42C3-9716-454CC3B1A181}');
QuarantineFile('c:\windows\kai\smss.exe','');
QuarantineFile('C:\WINDOWS\system32\drivers\wuaclt.exe','');
QuarantineFile('C:\WINDOWS\system32\E2B461\EDE62B.EXE','');
QuarantineFile('C:\WINDOWS\system32\41.exe','');
QuarantineFile('C:\WINDOWS\ali.exe','');
QuarantineFile('C:\WINDOWS\Temp\tmp.exe','');
QuarantineFile('C:\Program Files\SiSi9012\services.exe','');
QuarantineFile('C:\Program Files\Messenger\msseces.exe','');
QuarantineFile('C:\Documents and Settings\Ангел\Главное меню\Программы\Автозагрузка\Coopen???.lnk','');
QuarantineFile('C:\Documents and Settings\Ангел\Главное меню\Программы\Автозагрузка\їбОТТфАЦєР.exe','');
QuarantineFile('C:\Documents and Settings\Ангел\Application Data\Microsoft\Internet Explorer\Quick Launch\ПРОИГРЫВАТЕЛЬ WINDOWS MEDIA.yfbgy','');
QuarantineFile('C:\Documents and Settings\Ангел\Application Data\Microsoft\Internet Explorer\Quick Launch\ЗАПУСТИТЬ ОБОЗРЕВАТЕЛЬ INTERNET EXPLORER.yfbgy','');
QuarantineFile('C:\Documents and Settings\Ангел\Application Data\Microsoft\Internet Explorer\Quick Launch\ЗАПУСКАТР.yfbgy','');
QuarantineFile('C:\Documents and Settings\Ангел\Application Data\Microsoft\Internet Explorer\Quick Launch\ЖФ¶Ї INTERNET EXPLORER ДЇААЖЧ.yfbgy','');
QuarantineFile('C:\Documents and Settings\Ангел\Application Data\Microsoft\Internet Explorer\Quick Launch\µTORRENT.yfbgy','');
QuarantineFile('C:\Documents and Settings\Ангел\Application Data\Microsoft\Internet Explorer\Quick Launch\WINAMP.yfbgy','');
QuarantineFile('C:\Documents and Settings\Ангел\Application Data\Microsoft\Internet Explorer\Quick Launch\QIP INFIUM.yfbgy','');
QuarantineFile('C:\Documents and Settings\Ангел\Application Data\Microsoft\Internet Explorer\Quick Launch\QIP 2005.yfbgy','');
QuarantineFile('C:\Documents and Settings\Ангел\Application Data\Microsoft\Internet Explorer\Quick Launch\OPERA.yfbgy','');
QuarantineFile('C:\Documents and Settings\Ангел\Application Data\Microsoft\Internet Explorer\Quick Launch\MOZILLA FIREFOX.yfbgy','');
QuarantineFile('C:\Documents and Settings\Ангел\Application Data\Microsoft\Internet Explorer\Quick Launch\INTERNET EXPLORER.yfbgy','');
QuarantineFile('C:\Documents and Settings\All Users\Главное меню\Программы\Автозагрузка\system.vbe','');
QuarantineFile('C:\Documents and Settings\All Users\Главное меню\Программы\Автозагрузка\iesearch.vbe','');
QuarantineFile('C:\Documents and Settings\All Users\Главное меню\Программы\Автозагрузка\iecollection.vbe','');
QuarantineFile('C:\Documents and Settings\All Users\Главное меню\Программы\Автозагрузка\ie.vbe','');
QuarantineFile('C:\Documents and Settings\All Users\Главное меню\Программы\Автозагрузка\dlldll.vbe','');
QuarantineFile('C:\WINDOWS\system32\svchoste.exe','');
DeleteService('Power');
DeleteService('OSS');
DeleteService('Ms-tl_Srv');
SetServiceStart('kernel', 4);
DeleteService('kernel');
QuarantineFile('C:\WINDOWS\system32\PisI.dll','');
QuarantineFile('C:\WINDOWS\UoDo\game.dll','');
QuarantineFile('C:\WINDOWS\system32\mty6459.dll','');
QuarantineFile('C:\WINDOWS\system32\ifqku.dll','');
QuarantineFile('C:\WINDOWS\System32\geodc.dll','');
QuarantineFile('C:\WINDOWS\system32\geod2.dll','');
QuarantineFile('C:\WINDOWS\System32\fgdyu.dll','');
QuarantineFile('C:\WINDOWS\system32\2bco.dll','');
QuarantineFile('C:\WINDOWS\system32\251e.dll','');
QuarantineFile('C:\WINDOWS\bho\xunlei3,222293.dll','');
QuarantineFile('C:\DOCUME~1\9AB1~1\LOCALS~1\Temp\41311609.dll','');
TerminateProcessByName('c:\windows\mfc.exe');
QuarantineFile('c:\windows\mfc.exe','');
TerminateProcessByName('c:\windows\system32\kernel.exe');
QuarantineFile('c:\windows\system32\kernel.exe','');
QuarantineFile('c:\windows\system32\ctfmon.exe','');
TerminateProcessByName('c:\windows\system32\bddd.exe');
QuarantineFile('c:\windows\system32\bddd.exe','');
TerminateProcessByName('c:\program files\a17.exe');
TerminateProcessByName('c:\program files\a01.exe');
QuarantineFile('c:\program files\a17.exe','');
QuarantineFile('c:\program files\a01.exe','');
DeleteFile('c:\program files\a01.exe');
DeleteFile('c:\program files\a17.exe');
DeleteFile('c:\windows\system32\bddd.exe');
DeleteFile('c:\windows\system32\kernel.exe');
DeleteFile('c:\windows\mfc.exe');
DeleteFile('C:\DOCUME~1\9AB1~1\LOCALS~1\Temp\41311609.dll');
DeleteFile('C:\WINDOWS\bho\xunlei3,222293.dll');
DeleteFile('C:\WINDOWS\System32\fgdyu.dll');
DeleteFile('C:\WINDOWS\system32\ifqku.dll');
DeleteFile('C:\WINDOWS\system32\svchoste.exe');
DeleteFile('C:\Documents and Settings\All Users\Главное меню\Программы\Автозагрузка\dlldll.vbe');
DeleteFile('C:\Documents and Settings\All Users\Главное меню\Программы\Автозагрузка\ie.vbe');
DeleteFile('C:\Documents and Settings\All Users\Главное меню\Программы\Автозагрузка\iecollection.vbe');
DeleteFile('C:\Documents and Settings\All Users\Главное меню\Программы\Автозагрузка\iesearch.vbe');
DeleteFile('C:\Documents and Settings\All Users\Главное меню\Программы\Автозагрузка\system.vbe');
DeleteFile('C:\Documents and Settings\Ангел\Application Data\Microsoft\Internet Explorer\Quick Launch\INTERNET EXPLORER.yfbgy');
DeleteFile('C:\Documents and Settings\Ангел\Application Data\Microsoft\Internet Explorer\Quick Launch\MOZILLA FIREFOX.yfbgy');
DeleteFile('C:\Documents and Settings\Ангел\Application Data\Microsoft\Internet Explorer\Quick Launch\OPERA.yfbgy');
DeleteFile('C:\Documents and Settings\Ангел\Application Data\Microsoft\Internet Explorer\Quick Launch\QIP 2005.yfbgy');
DeleteFile('C:\Documents and Settings\Ангел\Application Data\Microsoft\Internet Explorer\Quick Launch\QIP IN-FIUM.yfbgy');
DeleteFile('C:\Documents and Settings\Ангел\Application Data\Microsoft\Internet Explorer\Quick Launch\WINAMP.yfbgy');
DeleteFile('C:\Documents and Settings\Ангел\Application Data\Microsoft\Internet Explorer\Quick Launch\µTORRENT.yfbgy');
DeleteFile('C:\Documents and Settings\Ангел\Application Data\Microsoft\Internet Explorer\Quick Launch\ЖФ¶Ї INTERNET EXPLORER ДЇААЖЧ.yfbgy');
DeleteFile('C:\Documents and Settings\Ангел\Application Data\Microsoft\Internet Explorer\Quick Launch\ЗАПУСКАТР.yfbgy');
DeleteFile('C:\Documents and Settings\Ангел\Application Data\Microsoft\Internet Explorer\Quick Launch\ЗАПУСТИТЬ ОБОЗРЕВАТЕЛЬ INTERNET EXPLORER.yfbgy');
DeleteFile('C:\Documents and Settings\Ангел\Application Data\Microsoft\Internet Explorer\Quick Launch\ПРОИГРЫВАТЕЛЬ WINDOWS MEDIA.yfbgy');
DeleteFile('C:\Documents and Settings\Ангел\Главное меню\Программы\Автозагрузка\Coopen???.lnk');
DeleteFile('C:\Program Files\Messenger\msseces.exe');
DeleteFile('C:\Program Files\SiSi9012\services.exe');
DeleteFile('C:\WINDOWS\Temp\tmp.exe');
DeleteFile('C:\WINDOWS\ali.exe');
DeleteFile('C:\WINDOWS\system32\41.exe');
DeleteFile('C:\WINDOWS\system32\E2B461\EDE62B.EXE');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SYSTEM\CurrentControlSet\Services\Eventlog\Application\OSS','EventMessageFile');
DeleteFile('C:\WINDOWS\system32\drivers\wuaclt.exe');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','wuaclt.exe');
DeleteFile('c:\windows\kai\smss.exe');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','KAV');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','KAVStarts');
DeleteFile('C:\1213375.exe');
DeleteFile('C:\Documents and Settings\Ангел\Local Settings\Temp\11300250.dll');
DeleteFile('C:\Documents and Settings\Ангел\Local Settings\Temp\11341093.dll');
DeleteFile('C:\Documents and Settings\Ангел\Local Settings\Temp\121294515.dll');
DeleteFile('C:\Documents and Settings\Ангел\Local Settings\Temp\121334781.dll');
DeleteFile('C:\Documents and Settings\Ангел\Local Settings\Temp\171303921.dll');
DeleteFile('C:\Documents and Settings\Ангел\Local Settings\Temp\171345609.dll');
DeleteFile('C:\Documents and Settings\Ангел\Local Settings\Temp\261304015.dll');
DeleteFile('C:\Documents and Settings\Ангел\Local Settings\Temp\71293843.dll');
DeleteFile('C:\Documents and Settings\Ангел\Local Settings\Temp\71333453.dll');
DeleteFile('C:\Documents and Settings\Ангел\Local Settings\Temp\81298531.dll');
DeleteFile('C:\Documents and Settings\Ангел\Local Settings\Temp\81338015.dll');
DeleteFile('C:\Documents and Settings\Ангел\Local Settings\Temp\cd1364500.exe');
DeleteFile('C:\Program Files\360\winhelp32.exe');
DeleteFile('C:\Program Files\fh.exe');
DeleteFile('C:\System Volume Information\_restore{46BF32D0-EB3E-42B9-A1C9-D5401EE19805}\RP5\A0010414.exe');
DeleteFile('C:\WINDOWS\system32\WinHelp32.exe');
DeleteFile('C:\DOCUME~1\9AB1~1\LOCALS~1\Temp\111292812.dll');
DeleteFile('C:\SafeDrv.exe');
DeleteFile('C:\autorun.inf');
DeleteFile('D:\SafeDrv.exe');
DeleteFile('D:\autorun.inf');
DeleteFile('C:\recycler.exe');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
ExecuteRepair(9);
RebootWindows(true);
end.
Компьютер перезагрузится.