Код:
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
TerminateProcessByName('c:\windows\system32\msvmiode.exe');
TerminateProcessByName('c:\windows\cfdrive32.exe');
TerminateProcessByName('c:\docume~1\sony\locals~1\temp\217172.exe');
QuarantineFile('C:\WINDOWS\system32\25.exe','');
QuarantineFile('C:\WINDOWS\system32\00.exe','');
QuarantineFile('C:\WINDOWS\system32\67.exe','');
QuarantineFile('C:\WINDOWS\system32\70.exe','');
QuarantineFile('C:\WINDOWS\system32\64.exe','');
QuarantineFile('C:\WINDOWS\system32\36.exe','');
QuarantineFile('C:\WINDOWS\system32\21.exe','');
QuarantineFile('C:\WINDOWS\system32\53.exe','');
QuarantineFile('C:\WINDOWS\system32\umdmgr.exe','');
QuarantineFile('D:\autorun.inf','');
QuarantineFile('C:\WINDOWS\yjtwh.exe','');
QuarantineFile('C:\WINDOWS\system32\msvmiode.exe','');
QuarantineFile('C:\WINDOWS\system32\86.exe','');
QuarantineFile('C:\WINDOWS\moaanno.exe','');
QuarantineFile('C:\WINDOWS\cfdrive32.exe','');
QuarantineFile('C:\Documents and Settings\sony\Application Data\ltzqai.exe','');
QuarantineFile('C:\Documents and Settings\sony\Application Data\cyglcfv.exe','');
QuarantineFile('C:\Documents and Settings\NetworkService\Application Data\uvtcb.exe','');
QuarantineFile('c:\windows\system32\msvmiode.exe','');
QuarantineFile('c:\windows\cfdrive32.exe','');
QuarantineFile('c:\docume~1\sony\locals~1\temp\217172.exe','');
DeleteFile('c:\docume~1\sony\locals~1\temp\217172.exe');
DeleteFile('c:\windows\cfdrive32.exe');
DeleteFile('c:\windows\system32\msvmiode.exe');
DeleteFile('C:\Documents and Settings\sony\Application Data\cyglcfv.exe');
DeleteFile('C:\Documents and Settings\sony\Application Data\ltzqai.exe');
DeleteFile('C:\WINDOWS\cfdrive32.exe');
DeleteFile('C:\WINDOWS\moaanno.exe');
DeleteFile('C:\WINDOWS\system32\86.exe');
DeleteFile('C:\WINDOWS\system32\msvmiode.exe');
DeleteFile('C:\WINDOWS\yjtwh.exe');
DeleteFile('D:\autorun.inf');
DeleteFile('C:\WINDOWS\system32\umdmgr.exe');
DeleteFile('C:\WINDOWS\system32\53.exe');
DeleteFile('C:\WINDOWS\system32\21.exe');
DeleteFile('C:\WINDOWS\system32\36.exe');
DeleteFile('C:\WINDOWS\system32\64.exe');
DeleteFile('C:\Documents and Settings\NetworkService\Application Data\uvtcb.exe');
DeleteFile('C:\WINDOWS\system32\70.exe');
DeleteFile('C:\WINDOWS\system32\67.exe');
DeleteFile('C:\WINDOWS\system32\00.exe');
DeleteFile('C:\WINDOWS\system32\25.exe');
RegKeyParamDel('HKEY_USERS','.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run','VGAResolution');
RegKeyParamDel('HKEY_USERS','S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run','VGAResolution');
RegKeyParamDel('HKEY_USERS','.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run','msnmsg');
RegKeyParamDel('HKEY_USERS','S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run','msnmsg');
RegKeyParamDel('HKEY_USERS','.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run','msnmsgs');
RegKeyParamDel('HKEY_USERS','S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run','msnmsgs');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run','Microsoft Driver Setup');
RegKeyParamDel('HKEY_USERS','.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run','Driversys');
RegKeyParamDel('HKEY_USERS','S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run','Driversys');
RegKeyParamDel('HKEY_USERS','.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run','VGA');
RegKeyParamDel('HKEY_USERS','S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run','VGA');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','MSODESNV7');
RegKeyParamDel('HKEY_USERS','.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run','Driversys32');
RegKeyParamDel('HKEY_USERS','S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run','Driversys32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows NT\CurrentVersion\Winlogon','Taskman');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(true);
end.
После выполнения скрипта компьютер перезагрузится! Пришлите карантин по ссылке согласно правил