Код:
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
QuarantineFile('C:\WINDOWS\Tasks\conime.exe','');
QuarantineFile('C:\Program Files\AVP.exe','');
QuarantineFile('C:\Windows\system32\ssqcs\lsass.exe','');
QuarantineFile('C:\Program Files\Windows NT\Accessories\ygk.exe','');
QuarantineFile('C:\Program Files\Windows NT\Accessories\lakpuca.exe','');
QuarantineFile('C:\Windows\system32\d0c3.dll','');
QuarantineFile('c:\windows\system32\sys.exe','');
QuarantineFile('C:\Windows\system32\senol\kesyggeais.dll','');
QuarantineFile('C:\Windows\system32\scvhost.exe','');
QuarantineFile('C:\Windows\system32\hhh.dll','');
QuarantineFile('C:\Windows\system32\RjmitlC.dll','');
QuarantineFile('C:\Windows\System32\srcile.dll','');
QuarantineFile('C:\Windows\system32\drivers\yhgut.sys','');
QuarantineFile('C:\Windows\system32\WinLests.exe','');
QuarantineFile('C:\Windows\system32\mkye.exe','');
QuarantineFile('C:\Windows\system32\s.exe','');
QuarantineFile('C:\Windows\NCTEPAD.EXE','');
QuarantineFile('C:\Program Files\Common Files\Microsoft Shared\MSInfo\nedldner.exe','');
QuarantineFile('C:\Windows\system32\ttas.exe','');
QuarantineFile('C:\Windows\system32\mwqpa.exe','');
QuarantineFile('C:\Windows\system32\00u8.exe','');
QuarantineFile('C:\Windows\vsxxx.exe','');
QuarantineFile('C:\Windows\system32\cathacyod.exe','');
QuarantineFile('C:\Windows\system32\360svc.exc','');
QuarantineFile('C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9MRESO6O\aaMG[1].exe','');
QuarantineFile('C:\Windows\TEMP\Oraber.sys','');
QuarantineFile('C:\Windows\vsvxx.exe','');
QuarantineFile('C:\Windows\system\mvscrtz.dll','');
QuarantineFile('c:\windows\system\link.exe','');
QuarantineFile('c:\windows\system\image.exe','');
QuarantineFile('c:\windows\system\clipbrd.exe','');
QuarantineFile('C:\WINDOWS\system32\wini35.exe','');
QuarantineFile('C:\WINDOWS\system32\wini34.exe','');
QuarantineFile('C:\WINDOWS\system32\wini33.exe','');
QuarantineFile('C:\Windows\system32\WinHelp32.exe','');
QuarantineFile('c:\windows\system32\winhelp.exe','');
QuarantineFile('C:\Windows\System32\senol\wepixfeais.dll','');
QuarantineFile('C:\Windows\System32\senol\usjnxkeais.dll','');
QuarantineFile('c:\windows\system32\senol\duozgneais.dll','');
QuarantineFile('C:\Windows\System32\scvhost.exe','');
QuarantineFile('C:\Windows\system32\QvodPlayer.dll','');
QuarantineFile('C:\Windows\system32\qitU.dll','');
QuarantineFile('C:\Windows\system32\pfwq.exe','');
QuarantineFile('C:\Windows\system32\panp.exe','');
QuarantineFile('C:\Windows\system32\ogcg.exe','');
QuarantineFile('C:\Windows\system32\gmiy.exe','');
QuarantineFile('C:\Windows\system32\EPAVDTSX8X\Q.exe','');
QuarantineFile('C:\Windows\system32\EPAVDTSX8X\D001.exe','');
QuarantineFile('C:\Windows\system32\dxas.exe','');
QuarantineFile('C:\Windows\system32\cygi.exe','');
QuarantineFile('c:\windows\system32\bits.dll','');
QuarantineFile('C:\Windows\system32\apphelp32.dll','');
QuarantineFile('C:\Windows\PPLAYE~1.DLL','');
QuarantineFile('C:\WINDOWS\Help\wini33.exe','');
QuarantineFile('C:\WINDOWS\Help\wini32.exe','');
QuarantineFile('C:\Windows\extext521667t.exe','');
QuarantineFile('C:\PROGRA~1\COMMON~1\smss.exe','');
DeleteFile('C:\PROGRA~1\COMMON~1\smss.exe');
DeleteFile('C:\Windows\extext521667t.exe');
DeleteFile('C:\WINDOWS\Help\wini32.exe');
DeleteFile('C:\WINDOWS\Help\wini33.exe');
DeleteFile('C:\Windows\PPLAYE~1.DLL');
DeleteFile('C:\Windows\system32\apphelp32.dll');
DeleteFile('c:\windows\system32\bits.dll');
DeleteFile('C:\Windows\system32\cygi.exe');
DeleteFile('C:\Windows\system32\dxas.exe');
DeleteFile('C:\Windows\system32\EPAVDTSX8X\D001.exe');
DeleteFile('C:\Windows\system32\EPAVDTSX8X\Q.exe');
DeleteFile('C:\Windows\system32\gmiy.exe');
DeleteFile('C:\Windows\system32\ogcg.exe');
DeleteFile('C:\Windows\system32\panp.exe');
DeleteFile('C:\Windows\system32\pfwq.exe');
DeleteFile('C:\Windows\system32\qitU.dll');
DeleteFile('C:\Windows\system32\QvodPlayer.dll');
DeleteFile('C:\Windows\System32\scvhost.exe');
DeleteFile('c:\windows\system32\senol\duozgneais.dll');
DeleteFile('C:\Windows\System32\senol\usjnxkeais.dll');
DeleteFile('C:\Windows\System32\senol\wepixfeais.dll');
DeleteFile('c:\windows\system32\winhelp.exe');
DeleteFile('C:\Windows\system32\WinHelp32.exe');
DeleteFile('C:\WINDOWS\system32\wini33.exe');
DeleteFile('C:\WINDOWS\system32\wini34.exe');
DeleteFile('C:\WINDOWS\system32\wini35.exe');
DeleteFile('c:\windows\system\clipbrd.exe');
DeleteFile('c:\windows\system\image.exe');
DeleteFile('c:\windows\system\link.exe');
DeleteFile('C:\Windows\system\mvscrtz.dll');
DeleteFile('C:\Windows\vsvxx.exe');
DeleteFile('C:\Windows\TEMP\Oraber.sys');
DeleteFile('C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9MRESO6O\aaMG[1].exe');
DeleteFile('C:\Windows\system32\360svc.exc');
DeleteFile('C:\Windows\system32\cathacyod.exe');
DeleteFile('C:\Windows\vsxxx.exe');
DeleteFile('C:\Windows\system32\00u8.exe');
DeleteFile('C:\Windows\system32\mwqpa.exe');
DeleteFile('C:\Windows\system32\ttas.exe');
DeleteFile('C:\Program Files\Common Files\Microsoft Shared\MSInfo\nedldner.exe');
DeleteFile('C:\Windows\NCTEPAD.EXE');
DeleteFile('C:\Windows\system32\s.exe');
DeleteFile('C:\Windows\system32\mkye.exe');
DeleteFile('C:\Windows\system32\WinLests.exe');
DeleteFile('C:\Windows\system32\drivers\yhgut.sys');
DeleteFile('C:\Windows\System32\srcile.dll');
DeleteFile('C:\Windows\system32\RjmitlC.dll');
DeleteFile('C:\Windows\system32\hhh.dll');
DeleteFile('C:\Windows\system32\scvhost.exe');
DeleteFile('C:\Windows\system32\senol\kesyggeais.dll');
DeleteFile('c:\windows\system32\sys.exe');
DeleteFile('C:\Windows\system32\d0c3.dll');
DeleteFile('C:\Program Files\Windows NT\Accessories\lakpuca.exe');
DeleteFile('C:\Program Files\Windows NT\Accessories\ygk.exe');
DeleteFile('C:\Windows\system32\ssqcs\lsass.exe');
DeleteFile('C:\Program Files\AVP.exe');
DeleteFile('C:\WINDOWS\Tasks\conime.exe');
BC_ImportALL;
ExecuteSysClean;
DelBHO('{B05CB5FE-1E22-43C7-93E2-4CF04C87B3CC}');
DelBHO('{A9508331-D628-4550-BFFC-581113C7EC71}');
DelBHO('{8E9165C2-08FD-6588-A325-E8CB2C28E052}');
DelBHO('{4D7D1A10-B9AA-4a06-AEAE-E5EE912A59FC}');
DelCLSID('{02O0E55C-3387-028V-GN78-AJTY1GSAJ5R0}');
DelCLSID('{2340D3N8-BKQ0-YK7W-H44R-E4P8CL76ALK9}');
DelCLSID('{3b7fbb24-b3f7-084c-084c-c40844bdb547}');
DelCLSID('{68216698-8899-89A4-5687-315442990322}');
DelCLSID('{YMS03AB-B707-11d2-9CBD-0000F87A369E}');
BC_Activate;
ExecuteRepair(9);
RebootWindows(true);
end.
Компьютер перезагрузится.