Код:
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
TerminateProcessByName('c:\users\ЯНА\appdata\local\fc39cba0-1453155671-11dd-bd2a-002215f2e902\snska172.tmp');
StopService('rowugoqo');
QuarantineFileF('C:\ProgramData\Tmp0x0x', '*.exe, *.dll, *.sys, *.bat, *.vbs, *.js*, *.tmp*', true, '', 0 , 0);
QuarantineFileF('C:\Program Files\RCP', '*.exe, *.dll, *.sys, *.bat, *.vbs, *.js*, *.tmp*', true, '', 0 , 0);
QuarantineFileF('C:\Users\ЯНА\AppData\Local\Hostinstaller', '*.exe, *.dll, *.sys, *.bat, *.vbs, *.js*, *.tmp*', true, '', 0 , 0);
QuarantineFileF('C:\Users\ЯНА\AppData\Roaming\mysites123', '*.exe, *.dll, *.sys, *.bat, *.vbs, *.js*, *.tmp*', true, '', 0 , 0);
QuarantineFile('c:\users\ЯНА\appdata\local\fc39cba0-1453155671-11dd-bd2a-002215f2e902\snska172.tmp', '');
QuarantineFile('C:\Program Files\FC39CBA0-1453141209-11DD-BD2A-002215F2E902\knsaC012.tmpfs', '');
QuarantineFile('C:\Windows\system32\drivers\ccnfd_1_10_0_2.sys', '');
QuarantineFile('C:\ProgramData\Tmp0x0x\P', '');
QuarantineFile('C:\Program Files\RCP\systweakasp.exe', '');
QuarantineFile('C:\Users\ЯНА\AppData\Local\Hostinstaller\887236841_installcube.exe', '');
QuarantineFile('C:\Users\ЯНА\AppData\Local\SystemMonitor2016\887236841.exe', '');
QuarantineFile('C:\Users\ЯНА\AppData\Roaming\mysites123\UninstallManager.exe', '');
DeleteFile('c:\users\ЯНА\appdata\local\fc39cba0-1453155671-11dd-bd2a-002215f2e902\snska172.tmp', '32');
DeleteFile('C:\Program Files\FC39CBA0-1453141209-11DD-BD2A-002215F2E902\knsaC012.tmpfs', '32');
DeleteFile('C:\Windows\system32\drivers\ccnfd_1_10_0_2.sys', '32');
DeleteFile('C:\ProgramData\Tmp0x0x\P', '32');
DeleteFile('C:\Program Files\RCP\systweakasp.exe', '32');
DeleteFile('C:\Users\ЯНА\AppData\Local\Hostinstaller\887236841_installcube.exe', '32');
DeleteFile('C:\Users\ЯНА\AppData\Local\SystemMonitor2016\887236841.exe', '32');
DeleteFile('C:\Users\ЯНА\AppData\Roaming\mysites123\UninstallManager.exe', '32');
DeleteService('rowugoqo');
DeleteService('sotudonyzbt');
DeleteService('ccnfd_1_10_0_2');
DeleteFileMask('C:\ProgramData\Tmp0x0x', '*', true);
DeleteFileMask('C:\Program Files\RCP', '*', true);
DeleteFileMask('C:\Users\ЯНА\AppData\Local\Hostinstaller', '*', true);
DeleteFileMask('C:\Users\ЯНА\AppData\Roaming\mysites123', '*', true);
DeleteDirectory('C:\ProgramData\Tmp0x0x');
DeleteDirectory('C:\Program Files\RCP');
DeleteDirectory('C:\Users\ЯНА\AppData\Local\Hostinstaller');
DeleteDirectory('C:\Users\ЯНА\AppData\Roaming\mysites123');
ExecuteFile('schtasks.exe', '/delete /TN "ASP" /F', 0, 15000, true);
ExecuteFile('schtasks.exe', '/delete /TN "Soft installer" /F', 0, 15000, true);
ExecuteFile('schtasks.exe', '/delete /TN "SystemMonitor2016" /F', 0, 15000, true);
ExecuteFile('schtasks.exe', '/delete /TN "{48AA051C-9DB7-4100-A9BF-338451F6FFA8}" /F', 0, 15000, true);
RegKeyParamDel('HKEY_CURRENT_USER', 'Software\Microsoft\Windows\CurrentVersion\Run', 'GenieFloater');
BC_ImportALL;
ExecuteSysClean;
BC_DeleteSvc('rowugoqo');
BC_Activate;
RebootWindows(true);
end.
Компьютер перезагрузится.