Код:
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
QuarantineFile('C:\Program Files (x86)\CDisplayEx\CDisplayEx.exe','');
QuarantineFile('C:\Users\Медиа\AppData\Local\rightchose\regCheck.vbs','');
QuarantineFile('C:\Users\Медиа\AppData\Local\DateOption\regCheck.vbs','');
QuarantineFile('C:\Program Files\SRS Labs\SRS Control Panel\SRS_Premium_Sound_PS3D.zip','');
QuarantineFile('C:\ProgramData\Microsoft Help\Rgstrtn.lck','');
QuarantineFile('C:\Users\Медиа\AppData\Local\ValidateLife\regCheck.vbs','');
QuarantineFile('C:\Users\Медиа\AppData\Local\LastNews\regCheck.vbs','');
QuarantineFile('C:\Users\Медиа\AppData\Local\FilterOptions\regCheck.vbs','');
QuarantineFile('C:\Users\Медиа\AppData\Local\FileSystemOptions\regCheck.vbs','');
QuarantineFile('C:\Users\Медиа\AppData\Local\ImmediateHelp\regCheck.vbs','');
QuarantineFile('C:\Users\Медиа\AppData\Local\TestMenu\regCheck.vbs','');
QuarantineFile('C:\Users\Медиа\AppData\Local\Request Private Mgr.exe','');
DeleteFile('C:\Users\Медиа\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\regCheck.lnk');
DeleteFile('C:\Users\Медиа\AppData\Local\Request Private Mgr.exe');
DeleteFile('C:\windows\system32\Tasks\Request Private Mgr','64');
DeleteFile('C:\Users\Медиа\AppData\Local\TestMenu\regCheck.vbs','32');
DeleteFile('C:\Users\Медиа\AppData\Local\ImmediateHelp\regCheck.vbs','32');
DeleteFile('C:\Users\Медиа\AppData\Local\FileSystemOptions\regCheck.vbs','32');
DeleteFile('C:\Users\Медиа\AppData\Local\FilterOptions\regCheck.vbs','32');
DeleteFile('C:\Users\Медиа\AppData\Local\LastNews\regCheck.vbs','32');
DeleteFile('C:\Users\Медиа\AppData\Local\ValidateLife\regCheck.vbs','32');
DeleteFile('C:\ProgramData\Microsoft Help\Rgstrtn.lck','32');
DeleteFile('C:\Users\Медиа\AppData\Local\DateOption\regCheck.vbs','32');
DeleteFile('C:\Users\Медиа\AppData\Local\rightchose\regCheck.vbs','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run','TestMenu');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run','ImmediateHelp');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','FileSystemOptions');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','FilterOptions');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run','LastNews');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run','ValidateLife');
RegKeyParamDel('HKEY_USERS','.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce','{90120000-001A-0419-0000-0000000FF1CE}');
RegKeyParamDel('HKEY_USERS','.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce','{90120000-006E-0419-0000-0000000FF1CE}');
RegKeyParamDel('HKEY_USERS','S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce','{90120000-0012-0000-0000-0000000FF1CE}');
RegKeyParamDel('HKEY_USERS','S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce','{90120000-001A-0419-0000-0000000FF1CE}');
RegKeyParamDel('HKEY_USERS','S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce','{90120000-006E-0419-0000-0000000FF1CE}');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','DateOption');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(true);
end.
После перезагрузки выполните скрипт: