Код:
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
TerminateProcessByName('c:\users\user\appdata\local\filterstart\filterstart.exe');
QuarantineFileF('c:\users\user\appdata\local\filesystemoptions', '*.exe', true, '', 0 , 0);
QuarantineFileF('c:\users\user\appdata\local\testmenu', '*.exe', true, '', 0 , 0);
QuarantineFileF('c:\users\user\appdata\local\immediatehelp', '*.exe', true, '', 0 , 0);
QuarantineFileF('c:\users\user\appdata\local\lastnews', '*.exe', true, '', 0 , 0);
QuarantineFileF('c:\users\user\appdata\local\validatelife', '*.exe', true, '', 0 , 0);
QuarantineFile('c:\users\user\appdata\local\filterstart\filterstart.exe', '');
QuarantineFile('C:\Windows\system32\drivers\anxbylbi.sys', '');
QuarantineFile('C:\Users\User\AppData\Local\DateOption\regCheck.vbs', '');
QuarantineFile('C:\Users\User\AppData\Local\FilterOptions\regCheck.vbs', '');
QuarantineFile('C:\Users\User\AppData\Local\FileSystemOptions\regCheck.vbs', '');
QuarantineFile('C:\Users\User\AppData\Local\TestMenu\regCheck.vbs', '');
QuarantineFile('C:\Users\User\AppData\Local\ImmediateHelp\regCheck.vbs', '');
QuarantineFile('C:\Users\User\AppData\Local\LastNews\regCheck.vbs', '');
QuarantineFile('C:\Users\User\AppData\Local\ValidateLife\regCheck.vbs', '');
QuarantineFile('C:\Program Files\IObit\Advanced SystemCare\ASC.exe', '');
QuarantineFile('C:\Program Files\IObit\Smart Defrag\SmartDefrag.exe', '');
DeleteFile('c:\users\user\appdata\local\filterstart\filterstart.exe', '32');
DeleteFile('C:\Windows\system32\drivers\anxbylbi.sys', '32');
DeleteFile('C:\Users\User\AppData\Local\DateOption\regCheck.vbs', '32');
DeleteFile('C:\Users\User\AppData\Local\FilterOptions\regCheck.vbs', '32');
DeleteFile('C:\Users\User\AppData\Local\FileSystemOptions\regCheck.vbs', '32');
DeleteFile('C:\Users\User\AppData\Local\TestMenu\regCheck.vbs', '32');
DeleteFile('C:\Users\User\AppData\Local\ImmediateHelp\regCheck.vbs', '32');
DeleteFile('C:\Users\User\AppData\Local\LastNews\regCheck.vbs', '32');
DeleteFile('C:\Users\User\AppData\Local\ValidateLife\regCheck.vbs', '32');
DeleteService('anxbylbi');
DeleteFileMask('c:\users\user\appdata\local\filterstart', '*', true);
DeleteFileMask('c:\users\user\appdata\local\filesystemoptions', '*', true);
DeleteFileMask('c:\users\user\appdata\local\testmenu', '*', true);
DeleteFileMask('c:\users\user\appdata\local\immediatehelp', '*', true);
DeleteFileMask('c:\users\user\appdata\local\lastnews', '*', true);
DeleteFileMask('c:\users\user\appdata\local\validatelife', '*', true);
DeleteFileMask('c:\program files\iobit', '*', true);
DeleteDirectory('c:\users\user\appdata\local\filterstart');
DeleteDirectory('c:\users\user\appdata\local\filesystemoptions');
DeleteDirectory('c:\users\user\appdata\local\testmenu');
DeleteDirectory('c:\users\user\appdata\local\immediatehelp');
DeleteDirectory('c:\users\user\appdata\local\lastnews');
DeleteDirectory('c:\users\user\appdata\local\validatelife');
DeleteDirectory('c:\program files\iobit');
DelBHO('{AFAF0B43-69C5-4440-4435-3A6F181AD962}');
DelBHO('{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F}');
DelBHO('{5B028F0E-684D-9288-8167-2461DA032B85}');
ExecuteFile('schtasks.exe', '/delete /TN "ASC9_SkipUac_User" /F', 0, 15000, true);
ExecuteFile('schtasks.exe', '/delete /TN "Request Current Manager" /F', 0, 15000, true);
ExecuteFile('schtasks.exe', '/delete /TN "SmartDefrag_Startup" /F', 0, 15000, true);
RegKeyParamDel('HKEY_LOCAL_MACHINE', 'Software\Microsoft\Windows\CurrentVersion\Run', 'FilterOptions');
RegKeyParamDel('HKEY_CURRENT_USER', 'Software\Microsoft\Windows\CurrentVersion\Run', 'otllzuedue');
RegKeyParamDel('HKEY_CURRENT_USER', 'Software\Microsoft\Windows\CurrentVersion\Run', 'FileSystemOptions');
RegKeyParamDel('HKEY_LOCAL_MACHINE', 'Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run', 'TestMenu');
RegKeyParamDel('HKEY_LOCAL_MACHINE', 'Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run', 'ImmediateHelp');
RegKeyParamDel('HKEY_CURRENT_USER', 'Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run', 'LastNews');
RegKeyParamDel('HKEY_CURRENT_USER', 'Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run', 'ValidateLife');
RegKeyParamDel('HKEY_LOCAL_MACHINE', 'Software\Microsoft\Windows\CurrentVersion\Run', 'DateOption');
BC_ImportALL;
ExecuteSysClean;
BC_Activate;
RebootWindows(true);
end.
Компьютер перезагрузится.