Код:
begin
ExecuteAVUpdate;
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(true);
end;
ClearQuarantine;
QuarantineFile('C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe','');
SetServiceStart('BDArKit', 4);
SetServiceStart('bd0004', 4);
SetServiceStart('bd0001', 4);
SetServiceStart('UCBrowserSvc', 4);
SetServiceStart('BDSGRTP', 4);
StopService('BDArKit');
StopService('bd0004');
StopService('bd0001');
StopService('UCBrowserSvc');
DeleteFile('C:\Program Files (x86)\UCBrowser\UCService.exe','32');
DeleteFile('C:\Program Files (x86)\Common Files\Baidu\BaiduProtect\1.2.0.46\BaiduProtect.exe','32');
DeleteFile('C:\Windows\system32\DRIVERS\bd0001.sys','32');
DeleteFile('C:\Windows\system32\DRIVERS\bd0004.sys','32');
DeleteFile('C:\Windows\system32\DRIVERS\BDArKit.sys','32');
DeleteFile('C:\Windows\System32\drivers\bd0001_1.sys','32');
DeleteFile('C:\Windows\System32\drivers\iSafeKrnlBoot.sys','32');
DeleteFile('C:\Windows\SysWOW64\drivers\bd0002.sys','32');
DeleteFile('C:\Windows\gswb_1454_7654_9514.exe','32');
DeleteFile('C:\Windows\360sd_7654_9514.exe','32');
DeleteFile('C:\Windows\bdsd_1454_7654_9514.exe','32');
DeleteFile('C:\Windows\qhse_7654_9514.exe','32');
DeleteFile('C:\Windows\qhws_7654_9514.exe','32');
DeleteFile('C:\Windows\System32\bd64_x64.dll','32');
DeleteFile('C:\Windows\System32\bd64_x86.dll','32');
DeleteFile('C:\Windows\ucbrowser_7654_9514.exe','32');
DeleteFile('C:\Windows\bdws_1454_7654_9514.exe','32');
DeleteFile('C:\Users\SAM\AppData\Local\Temp\remove360.bat','32');
DeleteFile('C:\Windows\Tasks\UCBrowserUpdater{f55be20babdf363bc043f47e776f1d97}.job','64');
DeleteFile('C:\Program Files (x86)\UCBrowser\update_task.exe','32');
DeleteFile('C:\Windows\system32\Tasks\UCBrowserUpdater{f55be20babdf363bc043f47e776f1d97}','64');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\360safeuninst','command');
DeleteService('BDArKit');
DeleteService('bd0004');
DeleteService('bd0001');
DeleteService('BDSGRTP');
DeleteService('UCBrowserSvc');
DeleteFileMask('C:\Program Files (x86)\360', '*', true, ' ');
DeleteFileMask('C:\Program Files (x86)\UCBrowser', '*', true, ' ');
DeleteFileMask('C:\Program Files (x86)\Common Files\Baidu', '*', true, ' ');
DeleteFileMask('C:\Users\SAM\AppData\Roaming\360Login', '*', true, ' ');
DeleteFileMask('C:\Users\SAM\AppData\Roaming\360SuperKiller', '*', true, ' ');
DeleteFileMask('C:\ProgramData\360safe', '*', true, ' ');
DeleteFileMask('C:\ProgramData\Baidu', '*', true, ' ');
DeleteDirectory('C:\ProgramData\Baidu');
DeleteDirectory('C:\ProgramData\360safe');
DeleteDirectory('C:\Users\SAM\AppData\Roaming\360Login');
DeleteDirectory('C:\Users\SAM\AppData\Roaming\360SuperKiller');
DeleteDirectory('C:\Program Files (x86)\360');
DeleteDirectory('C:\Program Files (x86)\UCBrowser');
DeleteDirectory('C:\Program Files (x86)\Common Files\Baidu');
BC_ImportDeletedList;
ExecuteSysClean;
ExecuteWizard('SCU', 2, 3, true);
BC_Activate;
ExecuteRepair(10);
RebootWindows(false);
end.
4. Сделайте новые SITLog