Код:
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
ClearQuarantineEx(true);
TerminateProcessByName('c:\docume~1\user\locals~1\temp\nadxmvygxkn.exe');
TerminateProcessByName('c:\docume~1\user\locals~1\temp\zcjwzjk.exe');
QuarantineFile('c:\docume~1\user\locals~1\temp\nadxmvygxkn.exe', '');
QuarantineFile('c:\docume~1\user\locals~1\temp\zcjwzjk.exe', '');
QuarantineFile('C:\DOCUME~1\User\LOCALS~1\Temp\bsnofdsohdxuhlkdqipgb.exe .', '');
QuarantineFile('C:\DOCUME~1\User\LOCALS~1\Temp\fsjgtnyqfxngppkzi.exe .', '');
QuarantineFile('C:\DOCUME~1\User\LOCALS~1\Temp\mcwwmjxskfyugjhzlciy.exe', '');
QuarantineFile('C:\DOCUME~1\User\LOCALS~1\Temp\ykawiblcqhwowvpd.exe', '');
QuarantineFile('C:\DOCUME~1\User\LOCALS~1\Temp\zohgvreypjbwhjgxiyd.exe', '');
QuarantineFile('C:\WINDOWS\system32\bsnofdsohdxuhlkdqipgb.exe', '');
QuarantineFile('C:\WINDOWS\system32\fsjgtnyqfxngppkzi.exe', '');
QuarantineFile('C:\WINDOWS\system32\sdra64.exe', '');
QuarantineFile('C:\WINDOWS\system32\zohgvreypjbwhjgxiyd.exe', '');
QuarantineFile('C:\autorun.inf', '');
QuarantineFile('C:\zcjwzjk.bat', '');
QuarantineFile('E:\autorun.inf', '');
QuarantineFile('E:\zcjwzjk.bat', '');
QuarantineFile('C:\DOCUME~1\User\LOCALS~1\Temp\bsnofdsohdxuhlkdqipgb.exe', '');
DeleteFile('c:\docume~1\user\locals~1\temp\nadxmvygxkn.exe','32');
DeleteFile('c:\docume~1\user\locals~1\temp\zcjwzjk.exe','32');
DeleteFile('C:\DOCUME~1\User\LOCALS~1\Temp\bsnofdsohdxuhlkdqipgb.exe .','32');
DeleteFile('C:\DOCUME~1\User\LOCALS~1\Temp\fsjgtnyqfxngppkzi.exe .','32');
DeleteFile('C:\DOCUME~1\User\LOCALS~1\Temp\mcwwmjxskfyugjhzlciy.exe','32');
DeleteFile('C:\DOCUME~1\User\LOCALS~1\Temp\ykawiblcqhwowvpd.exe','32');
DeleteFile('C:\DOCUME~1\User\LOCALS~1\Temp\zohgvreypjbwhjgxiyd.exe','32');
DeleteFile('C:\WINDOWS\system32\bsnofdsohdxuhlkdqipgb.exe','32');
DeleteFile('C:\WINDOWS\system32\fsjgtnyqfxngppkzi.exe','32');
DeleteFile('C:\WINDOWS\system32\sdra64.exe','32');
DeleteFile('C:\WINDOWS\system32\zohgvreypjbwhjgxiyd.exe','32');
DeleteFile('C:\autorun.inf','32');
DeleteFile('C:\zcjwzjk.bat','32');
DeleteFile('E:\autorun.inf','32');
DeleteFile('E:\zcjwzjk.bat','32');
DeleteFile('C:\DOCUME~1\User\LOCALS~1\Temp\bsnofdsohdxuhlkdqipgb.exe','32');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\RunOnce','bchst');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\RunOnce','fktinzcmt');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run','lkn');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','sswg');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','yeoekxbmuf');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\RunOnce','osaosdfo');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run','mougir');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\RunOnce','bchst');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','sswg');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','zcjwzjk');
BC_ImportALL;
ExecuteSysClean;
ExecuteRepair(8);
ExecuteRepair(10);
ExecuteRepair(17);
ExecuteWizard('SCU', 2, 3, true);
ExecuteWizard('TSW', 2, 3, true);
BC_Activate;
RebootWindows(true);
end.