Код:
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
QuarantineFile('C:\Windows\System32\actxprxy.exe','');
QuarantineFile('C:\eSupport\dllwinupl43\msftcore.dll','');
QuarantineFile('C:\eSupport\dllwinupl43\msfttcp.dll','');
QuarantineFile('c:\windows\system32\mobsync.exe','');
DelBHO('{29FB2181-FEBD-4C7B-8451-1E4F113EE0DD}');
QuarantineFile('c:\windows\system32\config\systemprofile\wuaucldt.exe','');
QuarantineFile('C:\Windows\system32\userinit.exe','');
QuarantineFile('C:\Windows\system32\regedit.exe','');
QuarantineFile('C:\Windows\system32\guyik45hbh.exe','');
QuarantineFile('C:\Windows\system32\config\systemprofile\eyvwyphfХ.exe','');
QuarantineFile('C:\Windows\system32\config\systemprofile\eyvwyphfА.exe','');
QuarantineFile('C:\Windows\system32\config\systemprofile\eyvwyphfN.exe','');
QuarantineFile('C:\Windows\system32\config\systemprofile\eyvwyphfD.exe','');
QuarantineFile('C:\Windows\svc3.exe','');
QuarantineFile('C:\Windows\svc2.exe','');
QuarantineFile('C:\Windows\fonts\services.exe','');
QuarantineFile('C:\Windows\System32\eyvwyphfХ.exe','');
QuarantineFile('C:\Windows\System32\eyvwyphfА.exe','');
QuarantineFile('C:\Windows\System32\eyvwyphfN.exe','');
QuarantineFile('C:\Windows\System32\eyvwyphfD.exe','');
QuarantineFile('C:\Users\0D04~1\AppData\Local\Temp\uygkr9b.exe','');
QuarantineFile('c:\windows\system32\mssrv32.exe','');
DeleteService('msupdate');
QuarantineFile('C:\Windows\system32\drivers\zviavstfp7.sys','');
QuarantineFile('c:\windows\system32\alkc666.dll','');
QuarantineFile('C:\Users\Анна\AppData\Roaming\Media Center Programs\msvclcrt45\msfttcp.dll','');
QuarantineFile('C:\Users\Анна\AppData\Roaming\Media Center Programs\msvclcrt45\msfteml.dll','');
QuarantineFile('C:\Users\Анна\AppData\Roaming\Media Center Programs\msvclcrt45\msftcore.dll','');
QuarantineFile('C:\Users\0D04~1\AppData\Roaming\MEDIAC~1\MSVCLC~1\msftldr.dll','');
TerminateProcessByName('c:\windows\system32\wuaucldt.exe');
QuarantineFile('c:\windows\system32\wuaucldt.exe','');
TerminateProcessByName('c:\users\0d04~1\appdata\local\temp\sienozv.exe');
QuarantineFile('c:\users\0d04~1\appdata\local\temp\sienozv.exe','');
TerminateProcessByName('c:\windows\system32\guyik45hbh.exe');
QuarantineFile('c:\windows\system32\guyik45hbh.exe','');
TerminateProcessByName('c:\users\0d04~1\appdata\local\temp\c53z.exe');
QuarantineFile('c:\users\0d04~1\appdata\local\temp\c53z.exe','');
DeleteFile('c:\users\0d04~1\appdata\local\temp\c53z.exe');
DeleteFile('c:\windows\system32\guyik45hbh.exe');
DeleteFile('c:\users\0d04~1\appdata\local\temp\sienozv.exe');
DeleteFile('c:\windows\system32\wuaucldt.exe');
DeleteFile('C:\Users\0D04~1\AppData\Roaming\MEDIAC~1\MSVCLC~1\msftldr.dll');
DeleteFile('C:\Users\Анна\AppData\Roaming\Media Center Programs\msvclcrt45\msftcore.dll');
DeleteFile('C:\Users\Анна\AppData\Roaming\Media Center Programs\msvclcrt45\msfteml.dll');
DeleteFile('C:\Users\Анна\AppData\Roaming\Media Center Programs\msvclcrt45\msfttcp.dll');
DeleteFile('c:\windows\system32\alkc666.dll');
DeleteFile('C:\Windows\system32\drivers\zviavstfp7.sys');
DeleteFile('c:\windows\system32\mssrv32.exe');
DeleteFile('C:\Users\0D04~1\AppData\Local\Temp\uygkr9b.exe');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run','v5uvf');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run','uqsyb');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run','8f0ge3w');
DeleteFile('C:\Windows\System32\eyvwyphfD.exe');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','eyvwyphfD');
DeleteFile('C:\Windows\System32\eyvwyphfN.exe');
DeleteFile('C:\Windows\System32\eyvwyphfА.exe');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','eyvwyphfА');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','eyvwyphfN');
DeleteFile('C:\Windows\System32\eyvwyphfХ.exe');
DeleteFile('C:\Windows\System32\mctadmin.exe');
DeleteFile('C:\Windows\fonts\services.exe');
DeleteFile('C:\Windows\svc2.exe');
RegKeyParamDel('HKEY_USERS','.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run','NetLog2');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run','apps');
DeleteFile('C:\Windows\svc3.exe');
RegKeyParamDel('HKEY_USERS','.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run','NetLog3');
RegKeyParamDel('HKEY_USERS','S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run','NetLog2');
RegKeyParamDel('HKEY_USERS','S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run','NetLog3');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SYSTEM\CurrentControlSet\Services\dxxsnpar\Parameters','ServiceDll');
DeleteFile('C:\Windows\system32\config\systemprofile\eyvwyphfD.exe');
DeleteFile('C:\Windows\system32\config\systemprofile\eyvwyphfN.exe');
DeleteFile('C:\Windows\system32\config\systemprofile\eyvwyphfА.exe');
DeleteFile('C:\Windows\system32\config\systemprofile\eyvwyphfХ.exe');
RegKeyParamDel('HKEY_USERS','S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run','eyvwyphfХ');
RegKeyParamDel('HKEY_USERS','.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run','eyvwyphfХ');
RegKeyParamDel('HKEY_USERS','S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run','eyvwyphfА');
RegKeyParamDel('HKEY_USERS','.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run','eyvwyphfА');
RegKeyParamDel('HKEY_USERS','S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run','eyvwyphfN');
RegKeyParamDel('HKEY_USERS','.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run','eyvwyphfN');
RegKeyParamDel('HKEY_USERS','S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run','eyvwyphfD');
RegKeyParamDel('HKEY_USERS','.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run','eyvwyphfD');
DeleteFile('C:\Windows\system32\guyik45hbh.exe');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','guyik45hbhx');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','guyik45hbh');
DeleteFile('C:\Windows\system32\regedit.exe');
DeleteFile('c:\windows\system32\config\systemprofile\wuaucldt.exe');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','wuaucldt');
RegKeyParamDel('HKEY_USERS','.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run','wuaucldt');
RegKeyParamDel('HKEY_USERS','S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run','wuaucldt');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','wuaucldt');
DeleteFile('c:\windows\system32\mobsync.exe');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(true);
end.
Компьютер перезагрузится.