Код:
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
TerminateProcessByName('c:\users\i.tihonov.kremen\appdata\local\microsoft\windows\system.exe');
TerminateProcessByName('c:\program files\common files\baidu\baiduprotect1.3\1.3.0.443\baiduprotect.exe');
QuarantineFile('C:\Users\i.tihonov.KREMEN\AppData\Roaming\runWIN\Updates.exe','');
QuarantineFile('C:\Users\i.tihonov.KREMEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runWIN.exe','');
QuarantineFile('C:\Users\i.tihonov.KREMEN\AppData\Roaming\Mail.RU NewGamesT\Encrypt.exe','');
QuarantineFile('C:\Windows\system32\DRIVERS\bd0002.sys','');
QuarantineFile('C:\Windows\system32\drivers\BDSafeBrowser.sys','');
QuarantineFile('C:\Windows\system32\DRIVERS\BDMWrench.sys','');
QuarantineFile('C:\Windows\system32\DRIVERS\BDArKit.sys','');
QuarantineFile('C:\Windows\system32\DRIVERS\bd0004.sys','');
QuarantineFile('C:\Windows\system32\DRIVERS\bd0001.sys','');
QuarantineFile('c:\users\i.tihonov.kremen\appdata\local\microsoft\windows\system.exe','');
QuarantineFile('c:\program files\common files\baidu\baiduprotect1.3\1.3.0.443\baiduprotect.exe','');
DeleteFile('c:\program files\common files\baidu\baiduprotect1.3\1.3.0.443\baiduprotect.exe','32');
DeleteFile('C:\Program Files\Common Files\Baidu\BaiduProtect1.3\1.3.0.443\ad.dll','32');
DeleteFile('C:\Program Files\Common Files\Baidu\BaiduProtect1.3\1.3.0.443\BDKitUtils.dll','32');
DeleteFile('C:\Program Files\Common Files\Baidu\BaiduProtect1.3\1.3.0.443\BDLogicUtils.dll','32');
DeleteFile('C:\Program Files\Common Files\Baidu\BaiduProtect1.3\1.3.0.443\BDMNet.dll','32');
DeleteFile('C:\Program Files\Common Files\Baidu\BaiduProtect1.3\1.3.0.443\BDMReport.dll','32');
DeleteFile('C:\Program Files\Common Files\Baidu\BaiduProtect1.3\1.3.0.443\bdsg0001.dll','32');
DeleteFile('C:\Program Files\Common Files\Baidu\BaiduProtect1.3\1.3.0.443\DriverManager.dll','32');
DeleteFile('C:\Program Files\Common Files\Baidu\BaiduProtect1.3\1.3.0.443\plugins\BaiduRepair.dll','32');
DeleteFile('C:\Program Files\Common Files\Baidu\BaiduProtect1.3\1.3.0.443\plugins\HIPS.dll','32');
DeleteFile('C:\Program Files\Common Files\Baidu\BaiduProtect1.3\1.3.0.443\SafeBrowserDll.dll','32');
DeleteFile('C:\Program Files\Common Files\Baidu\BaiduProtect1.3\1.3.0.443\SafeExplorer.dll','32');
DeleteFile('C:\Program Files\Samsung\Kies\External\DeviceModules\UPNPDevice_Kies.dll','32');
DeleteFile('C:\Windows\system32\DRIVERS\bd0001.sys','32');
DeleteFile('C:\Windows\system32\DRIVERS\bd0004.sys','32');
DeleteFile('C:\Windows\system32\DRIVERS\BDArKit.sys','32');
DeleteFile('C:\Windows\system32\DRIVERS\BDMWrench.sys','32');
DeleteFile('C:\Windows\system32\drivers\BDSafeBrowser.sys','32');
DeleteFile('C:\Windows\system32\DRIVERS\bd0002.sys','32');
DeleteFile('C:\Program Files\Mobogenie\DaemonProcess.exe','32');
DeleteFile('C:\Users\i.tihonov.KREMEN\AppData\Local\Microsoft\Windows\system.exe','32');
DeleteFile('C:\Users\i.tihonov.KREMEN\AppData\Roaming\Mail.RU NewGamesT\Encrypt.exe','32');
DeleteFile('C:\Users\i.tihonov.KREMEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runWIN.exe','32');
DeleteFile('C:\Users\i.tihonov.KREMEN\AppData\Roaming\runWIN\Updates.exe','32');
DeleteFile('C:\Users\i.tihonov.KREMEN\AppData\Roaming\runWIN\update.exe','32');
DeleteFile('C:\Windows\system32\Tasks\SystemScript','32');
DelBHO('{8984B388-A5BB-4DF7-B274-77B879E179DB}');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TicnoStartila','command');
DeleteFileMask('C:\Users\i.tihonov.KREMEN\AppData\Roaming\Mail.RU NewGamesT','*',true);
DeleteFileMask('C:\Users\i.tihonov.KREMEN\AppData\Roaming\runWIN','*',true);
DeleteDirectory('C:\Users\i.tihonov.KREMEN\AppData\Roaming\Mail.RU NewGamesT');
DeleteDirectory('C:\Users\i.tihonov.KREMEN\AppData\Roaming\runWIN');
BC_ImportDeletedList;
ExecuteSysClean;
ExecuteRepair(3);
BC_Activate;
RebootWindows(true);
end.
Компьютер перезагрузится.