Код:
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
TerminateProcessByName('c:\users\Жанна\appdata\roaming\tencent\androidserver\1.0.0.507\androidserver.exe');
TerminateProcessByName('c:\program files\tencent\qqpcmgr\11.1.16923.222\qmdl.exe');
TerminateProcessByName('c:\program files\tencent\qqpcmgr\11.1.16923.222\qqpcleakscan.exe');
TerminateProcessByName('c:\program files\tencent\qqpcmgr\11.1.16923.222\plugins\qmnetmon\qqpcnetflow.exe');
TerminateProcessByName('c:\program files\tencent\qqpcmgr\11.1.16923.222\qqpcrealtimespeedup.exe');
StopService('QMIEProtect');
StopService('QMUdisk');
StopService('TAOKernelDriver');
StopService('TFsFlt');
StopService('TsFltMgr');
QuarantineFile('C:\Windows\system32\drivers\wwfd_vt_1_10_0_24.sys', '');
QuarantineFile('C:\Windows\system32\GroupPolicy\Machine\R', '');
QuarantineFile('C:\Windows\system32\GroupPolicy\Machine\Registry.pol', '');
QuarantineFile('C:\Users\DA55~1\AppData\Local\Temp\yupdate.exe-{E7C7C79B-32B6-4B44-AEAF-DC29BB98C963}', '');
QuarantineFile('C:\Program Files\AnyProtectEx\AnyProtect.exe', '');
QuarantineFile('C:\Users\DA55~1\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE', '');
QuarantineFile('C:\Users\DA55~1\AppData\Roaming\Funmoods\UPDATE~1\UPDATE~1.EXE', '');
QuarantineFile('C:\Program Files\globalUpdate\Update\globalupdate.exe', '');
QuarantineFile('C:\Program Files\UCBrowser\Application\update_task.exe', '');
QuarantineFile('C:\Program Files\DealPly\DealPlyUpdate.exe', '');
DeleteFile('C:\Windows\Tasks\APSnotifierPP1.job', '32');
DeleteFile('C:\Windows\Tasks\APSnotifierPP2.job', '32');
DeleteFile('C:\Windows\Tasks\APSnotifierPP3.job', '32');
DeleteFile('C:\Windows\Tasks\Digital Sites.job', '32');
DeleteFile('C:\Windows\Tasks\Funmoods.job', '32');
DeleteFile('C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job', '32');
DeleteFile('C:\Windows\Tasks\UCBrowserUpdater.job', '32');
DeleteFile('c:\users\Жанна\appdata\roaming\tencent\androidserver\1.0.0.507\androidserver.exe', '32');
DeleteFile('c:\program files\tencent\qqpcmgr\11.1.16923.222\qmdl.exe', '32');
DeleteFile('c:\program files\tencent\qqpcmgr\11.1.16923.222\qqpcleakscan.exe', '32');
DeleteFile('c:\program files\tencent\qqpcmgr\11.1.16923.222\plugins\qmnetmon\qqpcnetflow.exe', '32');
DeleteFile('c:\program files\tencent\qqpcmgr\11.1.16923.222\qqpcrealtimespeedup.exe', '32');
DeleteFile('C:\ProgramData\Tencent\TSVulFw\TSVulFW.DAT', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\11.1.16923.222\exnscan.dll', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\11.1.16923.222\QMIEsafeDll.dll', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\11.1.16923.222\QMBrowserSafe.dll', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\11.1.16923.222\TSVulPage.dll', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\11.1.16923.222\RefuseInject.dll', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\11.1.16923.222\TSVulEngine.dll', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\11.1.16923.222\ProcessManager.dll', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\11.1.16923.222\TSSysKitProxy.dll', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\11.1.16923.222\QMSpeedupPlugin\SpeedupRocket\SpeedupRocket.dll', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\11.1.16923.222\GFFtsysCustom.dll', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\11.1.16923.222\QMAssocScan.dll', '32');
DeleteFile('c:\program files\tencent\qqpcmgr\11.1.16923.222\qmsysrepprov.dll', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\11.1.16923.222\QMRtpCheck.dll', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\11.1.16923.222\QMInfoEng.DLL', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\11.1.16923.222\QMMain.dll', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\11.1.16923.222\qmtrayplugin\QMSwitchesMgrPlugin\QMSwitchesMgrPlugin.dll', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\11.1.16923.222\qmtrayplugin\QMQQLoginPlugin\QMQQLoginPlugin.dll', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\11.1.16923.222\qmtrayplugin\QMTrojanPlugin\QMTrojanPlugin.dll', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\11.1.16923.222\qmtrayplugin\QMWebFWCtrl\QMWebFWCtrl.dll', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\11.1.16923.222\qmtrayplugin\QMTPIEStartPage\QMTPIEStartPage.dll', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\11.1.16923.222\QmTtInterface.dll', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\11.1.16923.222\QMIEProtectIo.dll', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\11.1.16923.222\NetflowMgr.dll', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\11.1.16923.222\qmtrayplugin\QMUDiskMgr\QMUDiskMgr.dll', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\11.1.16923.222\qmtrayplugin\QMSpecTips\QMSpecTips.dll', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\11.1.16923.222\AndroidServer\1.0.0.507\Sdkclient.dll', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\11.1.16923.222\AndroidServer\1.0.0.507\NetworkMgr.dll', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\11.1.16923.222\AndroidServer\1.0.0.507\DownloadMgr.dll', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\11.1.16923.222\AndroidServer\1.0.0.507\QQPMIpc.dll', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\11.1.16923.222\AndroidServer\1.0.0.507\AndroidDevice.dll', '32');
DeleteFile('C:\Program Files\808CE074-1442689898-E011-90C2-A14CDCAAA6FE\knsfACB4.tmpfs', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\11.1.16923.222\TAOFrame.exe', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\11.1.16923.222\QMIEProtect.sys', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\11.1.16923.222\QMUdisk.sys', '32');
DeleteFile('C:\Windows\system32\Drivers\TAOKernel.sys', '32');
DeleteFile('C:\Windows\system32\Drivers\TFsFlt.sys', '32');
DeleteFile('C:\Windows\system32\drivers\TsFltMgr.sys', '32');
DeleteFile('C:\Windows\system32\tssk.sys', '32');
DeleteFile('C:\Windows\system32\drivers\ttnfd.sys', '32');
DeleteFile('C:\Windows\system32\drivers\wwfd_vt_1_10_0_24.sys', '32');
DeleteFile('C:\Windows\system32\GroupPolicy\Machine\R', '32');
DeleteFile('C:\Windows\system32\GroupPolicy\Machine\Registry.pol', '32');
DeleteFile('C:\Users\DA55~1\AppData\Local\Temp\yupdate.exe-{E7C7C79B-32B6-4B44-AEAF-DC29BB98C963}', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\11.1.16923.222\QMContextUninstall.dll', '32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\11.1.16923.222\QMContextScan.dll', '32');
DeleteFile('C:\Program Files\AnyProtectEx\AnyProtect.exe', '32');
DeleteFile('C:\Users\DA55~1\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE', '32');
DeleteFile('C:\Users\DA55~1\AppData\Roaming\Funmoods\UPDATE~1\UPDATE~1.EXE', '32');
DeleteFile('C:\Program Files\globalUpdate\Update\globalupdate.exe', '32');
DeleteFile('C:\Program Files\UCBrowser\Application\update_task.exe', '32');
DeleteFile('C:\Program Files\DealPly\DealPlyUpdate.exe', '32');
DeleteFile('\??\C:\Program Files\Tencent\QQPCMgr\11.1.16923.222\TSKsp.sys', '32');
DeleteService('byniloxi');
DeleteService('TAOFrame');
DeleteService('QMIEProtect');
DeleteService('QMUdisk');
DeleteService('TAOKernelDriver');
DeleteService('TFsFlt');
DeleteService('TsFltMgr');
DeleteService('TSSK');
DeleteService('ttnfd');
DeleteService('wwfd_vt_1_10_0_24');
DeleteFileMask('c:\users\Жанна\appdata\roaming\tencent', '*', true);
DeleteFileMask('c:\program files\tencent', '*', true);
DeleteFileMask('C:\ProgramData\Tencent', '*', true);
DeleteFileMask('C:\Program Files\AnyProtectEx', '*', true);
DeleteFileMask('C:\Users\DA55~1\AppData\Roaming\DIGITA~1', '*', true);
DeleteFileMask('C:\Users\DA55~1\AppData\Roaming\Funmoods', '*', true);
DeleteFileMask('C:\Program Files\globalUpdate', '*', true);
DeleteFileMask('C:\Program Files\UCBrowser', '*', true);
DeleteFileMask('C:\Program Files\DealPly', '*', true);
DeleteFileMask('\??\C:\Program Files\Tencent', '*', true);
DeleteDirectory('c:\users\Жанна\appdata\roaming\tencent');
DeleteDirectory('c:\program files\tencent');
DeleteDirectory('C:\ProgramData\Tencent');
DeleteDirectory('C:\Program Files\AnyProtectEx');
DeleteDirectory('C:\Users\DA55~1\AppData\Roaming\DIGITA~1');
DeleteDirectory('C:\Users\DA55~1\AppData\Roaming\Funmoods');
DeleteDirectory('C:\Program Files\globalUpdate');
DeleteDirectory('C:\Program Files\UCBrowser');
DeleteDirectory('C:\Program Files\DealPly');
DeleteDirectory('\??\C:\Program Files\Tencent');
DelBHO('{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}');
DelBHO('{0633EE93-D776-472f-A0FF-E1416B8B2E3D}');
DelBHO('{10921475-03CE-4E04-90CE-E2E7EF20C814}');
ExecuteFile('schtasks.exe', '/delete /TN "DealPlyUpdate" /F', 0, 15000, true);
ExecuteFile('schtasks.exe', '/delete /TN "Digital Sites" /F', 0, 15000, true);
ExecuteFile('schtasks.exe', '/delete /TN "Funmoods" /F', 0, 15000, true);
DelCLSID('{CBDECEF7-7A29-4cbf-A009-2673D82C7BF9}');
DelCLSID('{63332668-8CE1-445D-A5EE-25929176714E}');
RegKeyParamDel('HKEY_LOCAL_MACHINE', 'SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\C', 'command');
RegKeyParamDel('HKEY_LOCAL_MACHINE', 'SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ClearTemp', 'command');
RegKeyParamDel('HKEY_LOCAL_MACHINE', 'Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved', '{CBDECEF7-7A29-4cbf-A009-2673D82C7BF9}');
RegKeyParamDel('HKEY_LOCAL_MACHINE', 'Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved', '{63332668-8CE1-445D-A5EE-25929176714E}');
BC_ImportALL;
ExecuteSysClean;
ExecuteRepair(4);
ExecuteRepair(3);
ExecuteWizard('SCU', 2, 2, true);
BC_Activate;
RebootWindows(true);
end.
Компьютер перезагрузится.