using System; using System.Collections.Generic; using System.Text; using System.IO; using System.Net; using System.Net.Sockets; namespace AreUInfectedByEnergizer { class Program { static void Main(string[] args) { Console.ForegroundColor = ConsoleColor.White; Console.WriteLine("=================================="); Console.WriteLine(" Are you infected by Energizer ?"); Console.WriteLine(" by Emmanuel Bossière"); Console.WriteLine(" http://www.emmanuel-bossiere.fr"); Console.WriteLine("=================================="); Console.WriteLine(""); Console.WriteLine("Checking if Arucer.dll exists."); if (File.Exists(Environment.GetFolderPath(Environment.SpecialFolder.System) + "\\Arucer.dll")) { Console.ForegroundColor = ConsoleColor.Red; Console.WriteLine("Arucer.dll exists ! Do you want to delete it ? (y for yes and n for no)"); Console.ForegroundColor = ConsoleColor.White; if (Console.ReadKey().KeyChar == 'y') { try { File.Delete(Environment.GetFolderPath(Environment.SpecialFolder.System) + "\\Arucer.dll"); Console.WriteLine("File successfuly deleted, reboot your computer and start the test again"); } catch { Console.ForegroundColor = ConsoleColor.Yellow; Console.WriteLine("The file was NOT deleted, you must start this software as an administrator."); Console.ForegroundColor = ConsoleColor.White; } } Console.WriteLine("Press any key to exit..."); Console.ReadKey(); return; } else { Console.WriteLine("File Arucer.dll not found."); } Console.WriteLine(""); Console.WriteLine("Testing whether port 7777 is responding."); try { TcpClient client = new TcpClient("127.0.0.1", 7777); client.Close(); Console.ForegroundColor = ConsoleColor.Red; Console.WriteLine("Your computer SEEMS to BE infected. However, this software could not remove Arucer.dll. Try to search it manually and delete it"); Console.ForegroundColor = ConsoleColor.White; } catch { Console.WriteLine("Could not connect on port 7777, your computer DOES NOT seem to be infected."); } Console.WriteLine("Press any key to exit..."); Console.ReadKey(); } } }