Disinfect virus from your computer.

This will remove almost all restrictions applied by viruses on your computer and will stop virus by removing it from startup.
NOTE: You will still require an antivirus to delete virus from computer.



CODE:

#NoTrayIcon
#RequireAdmin
Func RemoveVirus()
    Local $msg
     While 1
$nMsg = GUIGetMsg()
  Switch $nMsg
    Case $GUI_EVENT_CLOSE
      Exit
    Case $Button_1
      start()
      Case $Button_2
      GUIDelete()
      Exit
    EndSwitch
Wend  
EndFunc
Func start()
  If IsAdmin() Then
    $list = ProcessList()
  for $i = 1 to $list[0][0]
    if not (($list[$i][0] = "svchost.exe") or ($list[$i][0] = "[system process]") or ($list[$i][0] = "AutoIt3.exe") or ($list[$i][0] = "hh.exe") or ($list[$i][0] = "fsproflt.exe")or ($list[$i][0] = "scite.exe") or ($list[$i][0] = @ScriptName) or ($list[$i][0] ="wmplayer.exe") or ($list[$i][0] = "lsass.exe") or ($list[$i][0] = "taskmgr.exe") or ($list[$i][0]  = "csrss.exe") or ($list[$i][0] = "services.exe") or ($list[$i][0] = "system") or ($list[$i][0] = "smss.exe") or ($list[$i][0] = "winlogon.exe")) 
                  Then
      ProcessClose($list[$i][1])
    EndIf
  next
FileRecycle(@StartupDir & "\*.*")
FileRecycle(@StartupCommonDir & "\*.*")
FileRecycle(@TempDir & "\*.*")
RegDelete("HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\system\")
RegDelete("HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\")
RegDelete("HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Uninstall\")
RegDelete("HKCU\Software\Policies\Microsoft\Windows\System\")
RegDelete("HKLM\Software\Microsoft\Windows\CurrentVersion\Run\")
RegDelete("HKCU\Software\Microsoft\Windows\CurrentVersion\Run\")
RegDelete("HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell\")
RegWrite("HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon","Shell", "REG_SZ", "explorer.exe")
 $c =  MsgBox(262180, "Successfully Cleaned!", "All restrictions and startup programs removed to prevent auto-execution of virus. "& Chr(10) &"Click 'Yes' to restart system.")
  if $c = 6 Then
    Shutdown(6)
  EndIf
  Exit
Else
  MsgBox(262144, "Administrative permissions required!", "You must be an Administrator to run this application.")
EndIf
EndFunc
RemoveVirus()

2 comments

Post a Comment