Код:
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
TerminateProcessByName('c:\program files\iqiyi video\common\hcdnclient.exe');
QuarantineFile('C:\Program Files\xtab\browerwatchch.dll', '');
QuarantineFile('C:\Program Files\advplugin\backgroundsingleton.exe', '');
QuarantineFile('C:\Documents and Settings\Admin\Application Data\ZJQL.exe', '');
QuarantineFile('C:\Documents and Settings\Admin\Application Data\JMNEIOO.exe', '');
QuarantineFile('C:\Program Files\advPlugin\Toolbar32.dll', '');
QuarantineFile('C:\Program Files\IQIYI Video\Common\Accelerator\IEHelper.dll', '');
QuarantineFile('C:\Program Files\ver8BlockAndSurf\190.dll', '');
QuarantineFile('C:\Program Files\Tencent\QQPCMgr\10.6.15950.224\plugins\FileSmash\QMSoftExt.dll', '');
QuarantineFile('C:\Program Files\Tencent\QQPCMgr\10.6.15950.224\QQPCTRAY.EXE', '');
QuarantineFile('C:\Program Files\Application Assistance\AppHelper.exe', '');
QuarantineFile('C:\Program Files\Tencent\QQPCMgr\10.6.15950.224\TSSysKit.sys', '');
QuarantineFile('C:\Program Files\Tencent\QQPCMgr\10.6.15950.224\TSKsp.sys', '');
QuarantineFile('C:\WINDOWS\system32\Drivers\TsFltMgr.sys', '');
QuarantineFile('C:\WINDOWS\system32\DRIVERS\TSDefenseBt.sys', '');
QuarantineFile('C:\Program Files\Tencent\QQPCMgr\10.6.15950.224\tscpm.sys', '');
QuarantineFile('C:\Program Files\Tencent\QQPCMgr\10.6.15950.224\TS888.sys', '');
QuarantineFile('C:\WINDOWS\system32\Drivers\TFsFlt.sys', '');
QuarantineFile('C:\WINDOWS\System32\Drivers\TAOKernelXP.sys', '');
QuarantineFile('C:\WINDOWS\system32\Drivers\TAOAccelerator.sys', '');
QuarantineFile('C:\Program Files\Tencent\QQPCMgr\10.6.15950.224\QQSysMon.sys', '');
QuarantineFile('C:\Program Files\Tencent\QQPCMgr\10.6.15950.224\QMUdisk.sys', '');
QuarantineFile('C:\Program Files\Tencent\QQPCMgr\10.6.15950.224\QMIEProtect.sys', '');
QuarantineFile('C:\WINDOWS\system32\BDL.dll', '');
QuarantineFile('C:\Program Files\XTab\SupTab.dll', '');
QuarantineFile('C:\Program Files\XTab\IeWatchDog.dll', '');
QuarantineFile('C:\Program Files\XTab\BrowerWatchFF.dll', '');
QuarantineFile('c:\documents and settings\admin\local settings\application data\gmsd_re_151\upgmsd_re_151.exe', '');
QuarantineFile('c:\program files\tencent\qqpcmgr\10.6.15950.224\taoframe.exe', '');
QuarantineFile('c:\program files\tencent\qqpcmgr\10.6.15950.224\qqpcrtp.exe', '');
QuarantineFile('c:\program files\xtab\protectservice.exe', '');
QuarantineFile('c:\documents and settings\admin\local settings\application data\ca6fdb60-1426020292-11de-b8ee-e0cb4eb63709\insxd6.tmp', '');
QuarantineFile('c:\program files\xtab\hpnotify.exe', '');
QuarantineFile('c:\program files\iqiyi video\common\hcdnclient.exe', '');
QuarantineFile('c:\program files\gmsd_re_151\gmsd_re_151.exe', '');
QuarantineFile('c:\program files\advplugin\basement\extensionupdaterservice.exe', '');
QuarantineFile('c:\program files\xtab\cmdshell.exe', '');
DeleteFile('c:\program files\xtab\hpnotify.exe', '32');
DeleteFile('c:\documents and settings\admin\local settings\application data\ca6fdb60-1426020292-11de-b8ee-e0cb4eb63709\insxd6.tmp', '32');
DeleteFile('c:\program files\xtab\protectservice.exe', '32');
DeleteFile('c:\program files\tencent\qqpcmgr\10.6.15950.224\qqpcrtp.exe', '32');
DeleteFile('c:\program files\tencent\qqpcmgr\10.6.15950.224\taoframe.exe', '32');
DeleteFile('C:\Documents and Settings\All Users\Application Data\Tencent\TSVulFw\TSVulFW.DAT', '32');
DeleteFile('C:\Program Files\IQIYI Video\Common\Accelerator\browseradapter.dll', '32');
DeleteFile('C:\Program Files\IQIYI Video\Common\AppNet.dll', '32');
DeleteFile('C:\Program Files\IQIYI Video\Common\fp2xh.dll', '32');
DeleteFile('C:\Program Files\IQIYI Video\Common\HCDNClientNet.dll', '32');
DeleteFile('C:\Program Files\IQIYI Video\Common\libcdn-dll.dll', '32');
DeleteFile('C:\Program Files\IQIYI Video\Common\PopupWndProxy.dll', '32');
DeleteFile('C:\Program Files\IQIYI Video\Common\QuiLib.dll', '32');
DeleteFile('C:\Program Files\IQIYI Video\Common\UI.dll', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\10.6.15950.224\Common.dll', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\10.6.15950.224\communic.dll', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\10.6.15950.224\dr.dll', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\10.6.15950.224\exnscan.dll', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\10.6.15950.224\kav\kavscan.dll', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\10.6.15950.224\kav\ksapi.dll', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\10.6.15950.224\libexpatw.dll', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\10.6.15950.224\oDayProtect.dll', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\10.6.15950.224\plugins\FileSmash\QMSoftExt.dll', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\10.6.15950.224\plugins\QMCloudInter\QMCloudInter.dll', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\10.6.15950.224\plugins\QMCpm.dll', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\10.6.15950.224\plugins\QMHips.dll', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\10.6.15950.224\plugins\QMHipsEngine.dll', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\10.6.15950.224\plugins\qmiemalrtpplugin\qmiemalrtpplugin.dll', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\10.6.15950.224\plugins\QMRepairPlugin.dll', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\10.6.15950.224\plugins\RtpCommon.dll', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\10.6.15950.224\plugins\SpecialPlugin\QMHipsSpecial.dll', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\10.6.15950.224\plugins\sysspeeduprtpplugin\SysSpeedupRtpPlugin.dll', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\10.6.15950.224\ptrate.dll', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\10.6.15950.224\QMAssocScan.dll', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\10.6.15950.224\QMBrowserSafe.dll', '32');
DeleteFile('C:\Program Files\XTab\BrowerWatchFF.dll', '32');
DeleteFile('C:\Program Files\XTab\IeWatchDog.dll', '32');
DeleteFile('C:\WINDOWS\system32\BDL.dll', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\10.6.15950.224\QMIEProtect.sys', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\10.6.15950.224\QMUdisk.sys', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\10.6.15950.224\QQSysMon.sys', '32');
DeleteFile('C:\WINDOWS\system32\Drivers\TAOAccelerator.sys', '32');
DeleteFile('C:\WINDOWS\System32\Drivers\TAOKernelXP.sys', '32');
DeleteFile('C:\WINDOWS\system32\Drivers\TFsFlt.sys', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\10.6.15950.224\TS888.sys', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\10.6.15950.224\tscpm.sys', '32');
DeleteFile('C:\WINDOWS\system32\DRIVERS\TSDefenseBt.sys', '32');
DeleteFile('C:\WINDOWS\system32\Drivers\TsFltMgr.sys', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\10.6.15950.224\TSKsp.sys', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\10.6.15950.224\TSSysKit.sys', '32');
DeleteFile('C:\Documents and Settings\Admin\Application Data\Browsers\exe.erolpxei.bat', '32');
DeleteFile('C:\Documents and Settings\Admin\Application Data\Browsers\exe.resworb.bat', '32');
DeleteFile('C:\Documents and Settings\Admin\Local Settings\Application Data\gmsd_re_151\upgmsd_re_151.exe', '32');
DeleteFile('C:\Program Files\Application Assistance\AppHelper.exe', '32');
DeleteFile('C:\Program Files\IQIYI Video\Common\HCDNClient.exe', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\10.6.15950.224\QMContextUninstall.dll', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\10.6.15950.224\QQPCTray.exe', '32');
DeleteFile('C:\Program Files\gmsd_re_151\gmsd_re_151.exe', '32');
DeleteFile('C:\Program Files\ver8BlockAndSurf\190.dll', '32');
DeleteFile('C:\Program Files\IQIYI Video\Common\Accelerator\IEHelper.dll', '32');
DeleteFile('C:\Program Files\advPlugin\Toolbar32.dll', '32');
DeleteFile('C:\WINDOWS\Tasks\cac10068-beb3-4963-adf0-d12ac469b5c5-1-6.job', '32');
DeleteFile('C:\WINDOWS\Tasks\cac10068-beb3-4963-adf0-d12ac469b5c5-1-7.job', '32');
DeleteFile('C:\WINDOWS\Tasks\cac10068-beb3-4963-adf0-d12ac469b5c5-10_user.job', '32');
DeleteFile('C:\WINDOWS\Tasks\cac10068-beb3-4963-adf0-d12ac469b5c5-11.job', '32');
DeleteFile('C:\WINDOWS\Tasks\cac10068-beb3-4963-adf0-d12ac469b5c5-4.job', '32');
DeleteFile('C:\WINDOWS\Tasks\cac10068-beb3-4963-adf0-d12ac469b5c5-5.job', '32');
DeleteFile('C:\WINDOWS\Tasks\JMNEIOO.job', '32');
DeleteFile('C:\WINDOWS\Tasks\ZJQL.job', '32');
DeleteFile('C:\Program Files\xtab\cmdshell.exe', '32');
DeleteFile('C:\Program Files\xtab\suptab.dll', '32');
DeleteFile('C:\Program Files\advplugin\backgroundsingleton.exe', '32');
DeleteFile('C:\Program Files\advplugin\basement\extensionupdaterservice.exe', '32');
DeleteFile('C:\Program Files\xtab\browerwatchch.dll', '32');
DeleteService('WindowsMangerProtect');
DeleteService('tigeryji');
DeleteService('sikenyhu');
DeleteService('hycewyxo');
DeleteService('BlockAndSurf');
DeleteService('BasementDuster');
DeleteFileMask('C:\Program Files\xtab', '*', true);
DeleteFileMask('c:\program files\iqiyi video', '*', true);
DeleteFileMask('C:\Program Files\advplugin', '*', true);
DeleteFileMask('C:\Program Files\ver8BlockAndSurf\', '*', true);
DeleteFileMask('C:\Program Files\Tencent', '*', true);
DeleteFileMask('C:\Program Files\Application Assistance', '*', true);
DeleteFileMask('C:\Program Files\gmsd_re_151', '*', true);
DeleteDirectory('C:\Program Files\xtab');
DeleteDirectory('c:\program files\iqiyi video');
DeleteDirectory('C:\Program Files\advplugin');
DeleteDirectory('C:\Program Files\ver8BlockAndSurf\');
DeleteDirectory('C:\Program Files\Tencent');
DeleteDirectory('C:\Program Files\Application Assistance');
DeleteDirectory('C:\Program Files\gmsd_re_151');
DelBHO('{92780B25-18CC-41C8-B9BE-3C9C571A8263}');
DelBHO('{7CE987D5-11B3-44FC-9C3D-03069360D462}');
DelBHO('{FB4F6285-4C32-49F2-950F-A5998F9CEC6C}');
DelBHO('{488DBF46-B8FF-32F4-7C40-F09EB95D0BA7}');
DelBHO('{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}');
BC_ImportDeletedList;
ExecuteSysClean;
BC_DeleteFile('C:\Program Files\Tencent\QQPCMgr\10.6.15950.224\QMIEProtect.sys');
BC_DeleteFile('C:\Documents and Settings\Admin\Application Data\JMNEIOO.exe');
BC_DeleteFile('C:\Documents and Settings\Admin\Application Data\ZJQL.exe');
BC_DeleteSvc('QMIEProtect');
BC_DeleteSvc('QMUdisk');
BC_DeleteSvc('QQSysMon');
BC_DeleteSvc('TAOAccelerator');
BC_DeleteSvc('TAOKernelDriver');
BC_DeleteSvc('TFsFlt');
BC_DeleteSvc('TS888');
BC_DeleteSvc('TSCPM');
BC_DeleteSvc('TSDefenseBt');
BC_DeleteSvc('TsFltMgr');
BC_DeleteSvc('tsksp');
BC_DeleteSvc('TSSysKit');
ExecuteRepair(14);
BC_Activate;
RebootWindows(true);
end.
Компьютер перезагрузится.