Код:
begin
DeleteFileMask(GetAVZDirectory+'Quarantine', '*.*', true);
SearchRootkit(true, true);
SetAVZGuardStatus(True);
StopService('oaajrzpd');
DeleteService('zwtqpywpycdh7');
DeleteService('zspfoadokm7');
DeleteService('zslkkitmqrd9');
DeleteService('zqrmkglwrlmib1');
DeleteService('zkutsvggcgrgx5');
DeleteService('zfmtvgum7');
DeleteService('zbfqjsyetx7');
DeleteService('oaajrzpd');
QuarantineFile('C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\MHLDQ32E\tnup[1].exe','');
QuarantineFile('C:\WINDOWS.0\system32\24.scr','');
QuarantineFile('C:\WINDOWS.0\system32\wuaucIt.exe','');
QuarantineFile('C:\WINDOWS.0\system32\winulty.exe','');
QuarantineFile('C:\WINDOWS.0\system32\sdra64.exe','');
QuarantineFile('C:\WINDOWS.0\system32\regedit.exe','');
QuarantineFile('C:\WINDOWS.0\system32\photo_id.exe','');
QuarantineFile('C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1455\fresdg.exe','');
QuarantineFile('C:\Documents and Settings\Admin\av_md.exe','');
QuarantineFile('C:\WINDOWS.0\system32\Drivers\oaajrzpd.sys','');
QuarantineFile('C:\WINDOWS.0\system32\csrcs.exe','');
QuarantineFile('C:\WINDOWS.0\system32\cftmon.exe','');
QuarantineFile('C:\WINDOWS.0\system32\av_md.exe','');
QuarantineFile('C:\WINDOWS.0\services.exe','');
QuarantineFile('c:\windows.0\system32\wuaucit.exe','');
TerminateProcessByName('c:\windows.0\system32\wuaucit.exe');
QuarantineFile('c:\windows.0\services.exe','');
TerminateProcessByName('c:\windows.0\services.exe');
QuarantineFile('c:\windows.0\system32\cftmon.exe','');
QuarantineFile('c:\windows.0\system32\csrcs.exe','');
TerminateProcessByName('c:\windows.0\system32\csrcs.exe');
QuarantineFile('c:\documents and settings\admin\av_md.exe','');
TerminateProcessByName('c:\documents and settings\admin\av_md.exe');
QuarantineFile('c:\windows.0\system32\av_md.exe','');
TerminateProcessByName('c:\windows.0\system32\av_md.exe');
DeleteFile('c:\windows.0\system32\av_md.exe');
DeleteFile('c:\documents and settings\admin\av_md.exe');
DeleteFile('c:\windows.0\system32\csrcs.exe');
DeleteFile('c:\windows.0\services.exe');
DeleteFile('c:\windows.0\system32\wuaucit.exe');
DeleteFile('C:\Documents and Settings\Admin\av_md.exe');
DeleteFile('C:\WINDOWS.0\services.exe');
DeleteFile('C:\WINDOWS.0\system32\av_md.exe');
DeleteFile('C:\WINDOWS.0\system32\csrcs.exe');
DeleteFile('C:\WINDOWS.0\system32\Drivers\oaajrzpd.sys');
DeleteFile('C:\WINDOWS.0\system32\drivers\zbfqjsyetx7.sys');
DeleteFile('C:\WINDOWS.0\system32\drivers\zfmtvgum7.sys');
DeleteFile('C:\WINDOWS.0\system32\drivers\zkutsvggcgrgx5.sys');
DeleteFile('C:\WINDOWS.0\system32\drivers\zqrmkglwrlmib1.sys');
DeleteFile('C:\WINDOWS.0\system32\drivers\zslkkitmqrd9.sys');
DeleteFile('C:\WINDOWS.0\system32\drivers\zspfoadokm7.sys');
DeleteFile('C:\WINDOWS.0\system32\drivers\zwtqpywpycdh7.sys');
DeleteFile('C:\WINDOWS.0\system32\drivers\zxapevcbs3.sys');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','av_md');
DeleteFile('C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1455\fresdg.exe');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','Test321');
RegKeyParamDel('HKEY_USERS','.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run','Test321');
RegKeyParamDel('HKEY_USERS','S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run','Test321');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','services');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','av_md');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run','ControlExecTromp');
DeleteFile('C:\WINDOWS.0\system32\photo_id.exe');
DeleteFile('C:\WINDOWS.0\system32\cftmon.exe');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','photo_id');
DeleteFile('C:\WINDOWS.0\system32\regedit.exe');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','Regedit32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run','csrcs');
DeleteFile('C:\WINDOWS.0\system32\sdra64.exe');
DeleteFile('C:\WINDOWS.0\system32\winulty.exe');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','Windows Upgrate Utility');
DeleteFile('C:\WINDOWS.0\system32\wuaucIt.exe');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','Windows Update');
DeleteFile('C:\WINDOWS.0\system32\24.scr');
DeleteFile('C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\MHLDQ32E\tnup[1].exe');
RegKeyParamDel('HKEY_LOCAL_MACHINE',' Software\Microsoft\Windows NT\CurrentVersion\Winlogon',' Taskman');
DeleteFileMask('C:\WINDOWS\system32','??.scr', false);
BC_ImportDeletedList;
ExecuteSysClean;
BC_Activate;
ExecuteRepair(16);
RebootWindows(true);
end.
ПК перезагрузится.