Код:
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
DelCLSID('{28ABC5C0-4FCB-11CF-AAX5-81CX1C635612}');
QuarantineFile('C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe','');
QuarantineFile('SocksA.exe','');
QuarantineFile('C:\WINDOWS1\system32\RavMon.exe','');
QuarantineFile('C:\WINDOWS1\ghdrive32.exe','');
QuarantineFile('C:\WINDOWS1\FONTS\FD0F7.com','');
QuarantineFile('C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-9143\jikd.exe','');
QuarantineFile('C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-9043\jwkd.exe','');
QuarantineFile('C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-8763\lsq.exe','');
QuarantineFile('C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-8333\lsvb.exe','');
QuarantineFile('C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-6883\dfe.exe','');
QuarantineFile('C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-2734\ju7bd.exe','');
QuarantineFile('C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1457\system.exe','');
QuarantineFile('C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1455\psyjo3.exe','');
QuarantineFile('C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1451\games.exe','');
QuarantineFile('C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1413\syitm.exe','');
QuarantineFile('C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1343\jwjqa.exe','');
QuarantineFile('C:\Documents and Settings\Пользователь\Главное меню\Программы\Автозагрузка\RavMonE.exe','');
QuarantineFile('C:\Documents and Settings\Пользователь\hddd.exe','');
QuarantineFile('C:\Program Files\nncron\nncron.exe','');
QuarantineFile('c:\windows1\ghdrive32.exe','');
TerminateProcessByName('c:\windows1\ghdrive32.exe');
DeleteFile('c:\windows1\ghdrive32.exe');
DeleteFile('C:\Documents and Settings\Пользователь\hddd.exe');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run-','Advanced HTTPL Enable');
DeleteFile('C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1343\jwjqa.exe');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','Tnaww');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run-','games');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run-','psysjo3');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run-','Teswf');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run-','ju7bd');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run-','Fnfx');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run-','Fvbk');
DeleteFile('C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1413\syitm.exe');
DeleteFile('C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1451\games.exe');
DeleteFile('C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1455\psyjo3.exe');
DeleteFile('C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1457\system.exe');
DeleteFile('C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-2734\ju7bd.exe');
DeleteFile('C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-6883\dfe.exe');
DeleteFile('C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-8333\lsvb.exe');
DeleteFile('C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-8763\lsq.exe');
DeleteFile('C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-9043\jwkd.exe');
DeleteFile('C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-9143\jikd.exe');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run-','jkqq');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run-','jaqq');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run-','Fgfk');
DeleteFile('C:\WINDOWS1\FONTS\FD0F7.com');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run-','TempCom');
DeleteFile('C:\WINDOWS1\ghdrive32.exe');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','Microsoft Driver Setup');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run-','Microsoft Driver Setup');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run','Microsoft Driver Setup');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run-','Microsoft Driver Setup');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run-','ASocksrv');
DeleteFile('C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe');
BC_ImportAll;
ExecuteSysClean;
ExecuteWizard('TSW', 2, 2, true);
ExecuteWizard('SCU', 2, 2, true);
BC_Activate;
RebootWindows(true);
end.
После перезагрузки: