Код:
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
QuarantineFile('C:\WINDOWS\System32\WLCtrl32.dll','');
QuarantineFile('C:\WINDOWS\glok+5384-5450.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Gms06.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Gms74.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Hns06.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Hnu17.sys','');
DeleteService('Hnu17');
DeleteService('Hns06');
DeleteService('Gms74');
DeleteService('Gms06');
DeleteService('glok+5384-5450');
QuarantineFile('C:\WINDOWS\System32\Drivers\Jpv05.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Jpu63.sys','');
QuarantineFile('C:\WINDOWS\System32\drivers\Iou06.sys','');
DeleteService('Jpv85');
DeleteService('Jpv05');
DeleteService('Jpu63');
DeleteService('Iou06');
QuarantineFile('C:\WINDOWS\System32\Drivers\Lrx52.sys','');
DeleteService('Lry06');
DeleteService('Lrx85');
DeleteService('Lrx52');
QuarantineFile('C:\WINDOWS\System32\Drivers\Oub62.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Oub52.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Nta30.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Nta28.sys','');
QuarantineFile('C:\WINDOWS\System32\drivers\Msy74.sys','');
DeleteService('Msy74');
DeleteService('Nta28');
DeleteService('Nta30');
DeleteService('Oub52');
DeleteService('Oub62');
QuarantineFile('C:\WINDOWS\System32\Drivers\Tbg74.sys','');
QuarantineFile('C:\WINDOWS\System32\drivers\Tag85.sys','');
DeleteService('Tbg74');
DeleteService('Tag85');
QuarantineFile('C:\WINDOWS\System32\Drivers\Ubg17.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Ubh06.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Uch85.sys','');
DeleteService('Uch85');
DeleteService('Ubh06');
DeleteService('Ubg17');
QuarantineFile('C:\WINDOWS\System32\Drivers\Vci51.sys','');
DeleteService('Vci51');
QuarantineFile('C:\WINDOWS\System32\Drivers\Wdj63.sys','');
DeleteService('Wdj63');
QuarantineFile('C:\DOCUME~1\Admin\LOCALS~1\Temp\\2\svchost.exe/r','');
QuarantineFile('C:\WINDOWS\neos.exe','');
QuarantineFile('C:\WINDOWS\system32\alt.exe.exe','');
QuarantineFile('C:\WINDOWS\system32\braviax.exe','');
QuarantineFile('C:\WINDOWS\system32\maxpaynow1.exe','');
QuarantineFile('C:\WINDOWS\system32\msdefender.exe','');
QuarantineFile('C:\WINDOWS\system32\oswo.exe','');
QuarantineFile('C:\WINDOWS\system32\winds32.exe','');
DelBHO('{99C6D1BB-7555-474C-91DA-D8FB62A9CC75}');
QuarantineFile('C:\WINDOWS\system32\2ir3Pfkx.dll','');
QuarantineFile('C:\WINDOWS\system32\OJAM1Ka0.exe','');
QuarantineFile('C:\WINDOWS\system32\P38Hp674.exe','');
QuarantineFile('C:\WINDOWS\system32\42c3av5N.exe','');
QuarantineFile('C:\Documents and Settings\Admin\Local Settings\Temp\13D12PLW.exe','');
QuarantineFile('C:\Documents and Settings\Admin\Local Settings\Temp\1e3u82a3.exe','');
QuarantineFile('C:\Documents and Settings\Admin\Local Settings\Temp\2W61g3wY.exe','');
QuarantineFile('C:\Documents and Settings\Admin\Local Settings\Temp\3E73SSLd.exe','');
QuarantineFile('C:\Documents and Settings\Admin\Local Settings\Temp\5I84Dr2I.exe','');
QuarantineFile('C:\Documents and Settings\Admin\Local Settings\Temp\5x00F7RD.exe','');
QuarantineFile('C:\Documents and Settings\Admin\Local Settings\Temp\65qbvd6u.exe','');
QuarantineFile('C:\Documents and Settings\Admin\Local Settings\Temp\7bly2PK7.exe','');
QuarantineFile('C:\Documents and Settings\Admin\Local Settings\Temp\dJYC0hu5.exe','');
QuarantineFile('C:\Documents and Settings\Admin\Local Settings\Temp\eAiqvYpa.exe','');
QuarantineFile('C:\Documents and Settings\Admin\Local Settings\Temp\fbCQOOR8.exe','');
QuarantineFile('C:\Documents and Settings\Admin\Local Settings\Temp\FPR6IWTM.exe','');
QuarantineFile('C:\Documents and Settings\Admin\Local Settings\Temp\g5XMe3J2.exe','');
QuarantineFile('C:\Documents and Settings\Admin\Local Settings\Temp\O6bKa5DI.exe','');
QuarantineFile('C:\Documents and Settings\Admin\Local Settings\Temp\sk1OF8Ch.exe','');
QuarantineFile('C:\Documents and Settings\Admin\Local Settings\Temp\spo4Ykep.exe','');
QuarantineFile('C:\Documents and Settings\Admin\Local Settings\Temp\v1ImudPq.exe','');
QuarantineFile('C:\Documents and Settings\Admin\Local Settings\Temp\wPT73MJ5.exe','');
QuarantineFile('C:\Documents and Settings\Admin\Local Settings\Temp\Ypd4M4lt.exe','');
QuarantineFile('C:\WINDOWS\system32\dflgh8jkd2q5.exe','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Ahm62.sys','');
QuarantineFile('C:\WINDOWS\System32\Drivers\Agm30.sys','');
DeleteService('Ahm62');
DeleteService('Agm30');
QuarantineFile('C:\WINDOWS\system32\dflgh8jkd2q6.exe','');
QuarantineFile('c:\windows\system32\winds32.exe','');
TerminateProcessByName('c:\windows\system32\winds32.exe');
QuarantineFile('c:\windows\neos.exe','');
TerminateProcessByName('c:\windows\neos.exe');
QuarantineFile('c:\documents and settings\admin\iddpanw.exe','');
TerminateProcessByName('c:\documents and settings\admin\iddpanw.exe');
QuarantineFile('c:\windows\system32\dflgh8jkd2q6.exe','');
TerminateProcessByName('c:\windows\system32\dflgh8jkd2q6.exe');
QuarantineFile('c:\windows\system32\alt.exe.exe','');
TerminateProcessByName('c:\windows\system32\alt.exe.exe');
DeleteFile('c:\windows\system32\alt.exe.exe');
DeleteFile('c:\windows\system32\dflgh8jkd2q6.exe');
DeleteFile('c:\documents and settings\admin\iddpanw.exe');
DeleteFile('c:\windows\neos.exe');
DeleteFile('c:\windows\system32\winds32.exe');
DeleteFile('C:\WINDOWS\system32\dflgh8jkd2q6.exe');
DeleteFile('C:\WINDOWS\System32\Drivers\Agm30.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Ahm62.sys');
DeleteFile('C:\WINDOWS\system32\dflgh8jkd2q5.exe');
DeleteFile('C:\Documents and Settings\Admin\Local Settings\Temp\Ypd4M4lt.exe');
DeleteFile('C:\Documents and Settings\Admin\Local Settings\Temp\wPT73MJ5.exe');
DeleteFile('C:\Documents and Settings\Admin\Local Settings\Temp\v1ImudPq.exe');
DeleteFile('C:\Documents and Settings\Admin\Local Settings\Temp\spo4Ykep.exe');
DeleteFile('C:\Documents and Settings\Admin\Local Settings\Temp\sk1OF8Ch.exe');
DeleteFile('C:\Documents and Settings\Admin\Local Settings\Temp\O6bKa5DI.exe');
DeleteFile('C:\Documents and Settings\Admin\Local Settings\Temp\g5XMe3J2.exe');
DeleteFile('C:\Documents and Settings\Admin\Local Settings\Temp\FPR6IWTM.exe');
DeleteFile('C:\Documents and Settings\Admin\Local Settings\Temp\fbCQOOR8.exe');
DeleteFile('C:\Documents and Settings\Admin\Local Settings\Temp\eAiqvYpa.exe');
DeleteFile('C:\Documents and Settings\Admin\Local Settings\Temp\dJYC0hu5.exe');
DeleteFile('C:\Documents and Settings\Admin\Local Settings\Temp\7bly2PK7.exe');
DeleteFile('C:\Documents and Settings\Admin\Local Settings\Temp\65qbvd6u.exe');
DeleteFile('C:\Documents and Settings\Admin\Local Settings\Temp\5x00F7RD.exe');
DeleteFile('C:\Documents and Settings\Admin\Local Settings\Temp\5I84Dr2I.exe');
DeleteFile('C:\Documents and Settings\Admin\Local Settings\Temp\3E73SSLd.exe');
DeleteFile('C:\Documents and Settings\Admin\Local Settings\Temp\2W61g3wY.exe');
DeleteFile('C:\Documents and Settings\Admin\Local Settings\Temp\1e3u82a3.exe');
DeleteFile('C:\Documents and Settings\Admin\Local Settings\Temp\13D12PLW.exe');
DeleteFile('C:\WINDOWS\system32\42c3av5N.exe');
DeleteFile('C:\WINDOWS\system32\P38Hp674.exe');
DeleteFile('C:\WINDOWS\system32\OJAM1Ka0.exe');
DeleteFile('C:\WINDOWS\system32\2ir3Pfkx.dll');
DeleteFile('C:\WINDOWS\system32\winds32.exe');
DeleteFile('C:\WINDOWS\system32\oswo.exe');
DeleteFile('C:\WINDOWS\system32\msdefender.exe');
DeleteFile('C:\WINDOWS\system32\maxpaynow1.exe');
DeleteFile('C:\WINDOWS\system32\braviax.exe');
DeleteFile('C:\WINDOWS\system32\alt.exe.exe');
DeleteFile('C:\WINDOWS\neos.exe');
DeleteFile('C:\DOCUME~1\Admin\LOCALS~1\Temp\\2\svchost.exe/r');
DeleteFile('C:\WINDOWS\System32\Drivers\Wdj63.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Vci51.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Uch85.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Ubh06.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Ubg17.sys');
DeleteFile('C:\WINDOWS\System32\drivers\Tag85.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Tbg74.sys');
DeleteFile('C:\WINDOWS\System32\drivers\Msy74.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Nta28.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Nta30.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Oub52.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Lrx52.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Lrx85.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Lry06.sys');
DeleteFile('C:\WINDOWS\System32\drivers\Iou06.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Jpu63.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Jpv05.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Hnu17.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Hns06.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Gms74.sys');
DeleteFile('C:\WINDOWS\System32\Drivers\Gms06.sys');
DeleteFile('C:\WINDOWS\glok+5384-5450.sys');
DeleteFile('C:\WINDOWS\System32\WLCtrl32.dll');
BC_ImportAll;
ExecuteSysClean;
executerepair(1);
executerepair(14);
BC_Activate;
RebootWindows(true);
end.
После перезагрузки: