Код:
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
ClearQuarantineEx(true);
TerminateProcessByName('c:\users\user\appdata\local\microsoft\windows\system.exe');
TerminateProcessByName('c:\windows\audio32hd.exe');
QuarantineFile('C:\Program Files\PCDApp\start.vbs','');
QuarantineFile('C:\Program Files\PCDApp\StartHelp.exe','');
QuarantineFile('C:\Program Files\Adobe Flash Players 11.0\IE\x86\AdobeFlash32.dll','');
QuarantineFile('C:\Users\User\AppData\Roaming\UIUEPY.exe','');
QuarantineFile('C:\Users\User\AppData\Roaming\YK.exe','');
QuarantineFile('C:\Users\User\AppData\Roaming\newSI_21\s_inst.exe','');
QuarantineFile('C:\Users\User\AppData\Roaming\newSI_20107\s_inst.exe','');
QuarantineFile('C:\Users\User\AppData\Local\Yandex\YandexBrowser\Application\browser.url','');
QuarantineFile('C:\Program Files\Internet Explorer\iexplore.exe.bat','');
QuarantineFile('C:\Program Files\Google\Chrome\Application\chrome.exe.bat','');
QuarantineFile('c:\users\user\appdata\local\microsoft\windows\system.exe','');
QuarantineFile('c:\windows\audio32hd.exe','');
QuarantineFile('C:\Program Files\Google\Chrome\Application\chrome.exe.bat', '');
QuarantineFile('C:\Program Files\Internet Explorer\iexplore.exe.bat', '');
QuarantineFile('C:\Program Files\PCDApp\start.vbs', '');
QuarantineFile('C:\Users\User\AppData\Roaming\newSI_10\s_inst.exe', '');
QuarantineFile('C:\Users\User\AppData\Roaming\newSI_2\s_inst.exe', '');
QuarantineFile('C:\Program Files\Dll-Files.com', '');
QuarantineFile('C:\Users\User\AppData\Roaming\newSI_20107\s_inst.exe', '');
QuarantineFile('C:\Users\User\AppData\Roaming\newSI_21\s_inst.exe', '');
QuarantineFile('C:\Users\User\AppData\Roaming\UIUEPY.exe', '');
QuarantineFile('C:\Users\User\AppData\Roaming\YK.exe', '');
DeleteFile('c:\users\user\appdata\local\microsoft\windows\system.exe','32');
DeleteFile('C:\Windows\Tasks\newSI_20107.job','32');
DeleteFile('C:\Windows\Tasks\newSI_21.job','32');
DeleteFile('C:\Windows\Tasks\UIUEPY.job','32');
DeleteFile('C:\Program Files\Adobe Flash Players 11.0\IE\x86\AdobeFlash32.dll','32');
DeleteFile('C:\Program Files\PCDApp\StartHelp.exe','32');
DeleteFile('C:\Windows\system32\Tasks\DLL-Files.Com Fixer_MONTHLY','32');
DeleteFile('C:\Windows\system32\Tasks\DLL-Files.Com Fixer_Updates','32');
DeleteFile('C:\Windows\system32\Tasks\newSI_20107','32');
DeleteFile('C:\Windows\system32\Tasks\newSI_21','32');
DeleteFile('C:\Program Files\Google\Chrome\Application\chrome.exe.bat','32');
DeleteFile('C:\Program Files\Internet Explorer\iexplore.exe.bat','32');
DeleteFile('C:\Program Files\PCDApp\start.vbs','32');
DeleteFile('C:\Users\User\AppData\Roaming\newSI_10\s_inst.exe','32');
DeleteFile('C:\Users\User\AppData\Roaming\newSI_2\s_inst.exe','32');
DeleteFile('C:\Program Files\Dll-Files.com','32');
DeleteFile('C:\Users\User\AppData\Roaming\newSI_20107\s_inst.exe','32');
DeleteFile('C:\Users\User\AppData\Roaming\newSI_21\s_inst.exe','32');
DeleteFile('C:\Users\User\AppData\Roaming\UIUEPY.exe','32');
DeleteFile('C:\Users\User\AppData\Roaming\YK.exe','32');
DeleteFileMask('C:\Users\User\AppData\Roaming\newSI_10\', '*', true);
DeleteFileMask('C:\Users\User\AppData\Roaming\newSI_2\', '*', true);
DeleteFileMask('C:\Users\User\AppData\Roaming\newSI_20107\', '*', true);
DeleteFileMask('C:\Users\User\AppData\Roaming\newSI_21\', '*', true);
DeleteDirectory('C:\Users\User\AppData\Roaming\newSI_10\');
DeleteDirectory('C:\Users\User\AppData\Roaming\newSI_2\');
DeleteDirectory('C:\Users\User\AppData\Roaming\newSI_20107\');
DeleteDirectory('C:\Users\User\AppData\Roaming\newSI_21\');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ZaxarLoader','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Schedule','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DApp','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\newSI_10','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\newSI_2','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\09ee58a030e459dd','command');
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1201', 3);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1001', 1);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1004', 3);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '2201', 3);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1804', 1);
BC_ImportALL;
ExecuteSysClean;
ExecuteRepair(2);
ExecuteRepair(3);
ExecuteRepair(4);
ExecuteRepair(10);
ExecuteRepair(13);
ExecuteWizard('SCU', 2, 3, true);
BC_Activate;
RebootWindows(true);
end.