Код:
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
QuarantineFile('C:\WINDOWS\cwdrive32.exe','');
QuarantineFile('C:\WINDOWS\system32\86.exe','');
QuarantineFile('C:\WINDOWS\system32\84.exe','');
QuarantineFile('C:\WINDOWS\system32\70.exe','');
QuarantineFile('C:\WINDOWS\system32\67.exe','');
QuarantineFile('C:\WINDOWS\system32\64.exe','');
QuarantineFile('C:\WINDOWS\system32\57.exe','');
QuarantineFile('C:\WINDOWS\system32\55.exe','');
QuarantineFile('C:\WINDOWS\system32\47.exe','');
QuarantineFile('C:\WINDOWS\system32\44.exe','');
QuarantineFile('C:\WINDOWS\system32\40.exe','');
QuarantineFile('C:\WINDOWS\system32\37.exe','');
QuarantineFile('C:\WINDOWS\system32\35.exe','');
QuarantineFile('C:\WINDOWS\system32\34.exe','');
QuarantineFile('C:\WINDOWS\system32\31.exe','');
QuarantineFile('C:\WINDOWS\system32\27.exe','');
QuarantineFile('C:\WINDOWS\system32\25.exe','');
QuarantineFile('C:\WINDOWS\system32\15.exe','');
QuarantineFile('C:\WINDOWS\system32\14.exe','');
QuarantineFile('C:\WINDOWS\system32\07.exe','');
QuarantineFile('C:\WINDOWS\system32\04.exe','');
QuarantineFile('C:\DOCUME~1\Lyba\LOCALS~1\Temp\Frl.exe','');
DelBHO('{88888888-8888-8888-8888-888888888888}');
QuarantineFile('C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1455\psysnew.exe','');
QuarantineFile('C:\WINDOWS\system\servicers.exe','');
DeleteService('seccenHelp');
TerminateProcessByName('c:\windows\services.exe');
QuarantineFile('c:\windows\services.exe','');
TerminateProcessByName('c:\windows\temp\scvhost.exe');
QuarantineFile('c:\windows\temp\scvhost.exe','');
TerminateProcessByName('c:\windows\cwdrive32.exe');
QuarantineFile('c:\windows\cwdrive32.exe','');
DeleteFile('c:\windows\cwdrive32.exe');
DeleteFile('c:\windows\temp\scvhost.exe');
DeleteFile('c:\windows\services.exe');
DeleteFile('C:\WINDOWS\system\servicers.exe');
DeleteFile('C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1455\psysnew.exe');
DeleteFile('C:\RECYCLER\S-1-5-21-6999416949-3207415340-990515176-7001\winmap.exe,C:\RECYCLER\S-1-5-21-8946129195-1496518944-924501934-0353\syscr.exe,C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1455\psysnew.exe,C:\Documents and Settings\Lyba\Application Data\oekx.exe,C:\Documents and Settings\Lyba\Application Data\ltzqai.exe,C:\RECYCLER\S-1-5-21-5934858485-8385301645-349526526-9397\winmap.exe,explorer.exe,C:\RECYCLER\S-1-5-21-2813708996-5068467282-237217188-4934\syscr.exe');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','Microsoft Driver Setup');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run','Microsoft Driver Setup');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','winlogon');
DeleteFile('C:\DOCUME~1\Lyba\LOCALS~1\Temp\Frl.exe');
DeleteFile('C:\WINDOWS\system32\04.exe');
DeleteFile('C:\WINDOWS\system32\07.exe');
DeleteFile('C:\WINDOWS\system32\14.exe');
DeleteFile('C:\WINDOWS\system32\15.exe');
DeleteFile('C:\WINDOWS\system32\25.exe');
DeleteFile('C:\WINDOWS\system32\27.exe');
DeleteFile('C:\WINDOWS\system32\31.exe');
DeleteFile('C:\WINDOWS\system32\34.exe');
DeleteFile('C:\WINDOWS\system32\35.exe');
DeleteFile('C:\WINDOWS\system32\37.exe');
DeleteFile('C:\WINDOWS\system32\40.exe');
DeleteFile('C:\WINDOWS\system32\44.exe');
DeleteFile('C:\WINDOWS\system32\47.exe');
DeleteFile('C:\WINDOWS\system32\55.exe');
DeleteFile('C:\WINDOWS\system32\57.exe');
DeleteFile('C:\WINDOWS\system32\64.exe');
DeleteFile('C:\WINDOWS\system32\67.exe');
DeleteFile('C:\WINDOWS\system32\70.exe');
DeleteFile('C:\WINDOWS\system32\84.exe');
DeleteFile('C:\WINDOWS\system32\86.exe');
DeleteFile('C:\WINDOWS\cwdrive32.exe');
DeleteFile('%windir%\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows NT\CurrentVersion\Winlogon','Taskman');
RebootWindows(true);
end.
Компьютер перезагрузится.