Код:
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
QuarantineFile('C:\WINDOWS\system32\42.exe','');
QuarantineFile('C:\WINDOWS\system32\32.exe','');
QuarantineFile('C:\WINDOWS\system32\28.exe','');
QuarantineFile('C:\WINDOWS\system32\24.exe','');
QuarantineFile('C:\WINDOWS\system32\16.exe','');
QuarantineFile('C:\WINDOWS\system32\15.exe','');
QuarantineFile('C:\WINDOWS\system32\11.exe','');
QuarantineFile('C:\WINDOWS\system32\04.exe','');
QuarantineFile('C:\WINDOWS\system32\02.exe','');
QuarantineFile('C:\WINDOWS\system32\00.exe','');
QuarantineFile('C:\WINDOWS\system32\86.exe','');
QuarantineFile('C:\WINDOWS\system32\55.exe','');
QuarantineFile('C:\WINDOWS\system32\77.exe','');
QuarantineFile('C:\WINDOWS\system32\67.exe','');
QuarantineFile('C:\WINDOWS\system32\26.exe','');
QuarantineFile('C:\WINDOWS\system32\06.scr','');
QuarantineFile('C:\WINDOWS\system32\74.scr','');
QuarantineFile('C:\WINDOWS\system32\64.exe','');
QuarantineFile('C:\WINDOWS\system32\12.scr','');
QuarantineFile('C:\WINDOWS\system32\67.scr','');
QuarantineFile('C:\WINDOWS\system32\57.exe','');
QuarantineFile('C:\WINDOWS\system32\41.exe','');
QuarantineFile('C:\WINDOWS\system32\14.exe','');
QuarantineFile('C:\WINDOWS\system32\12.exe','');
QuarantineFile('C:\WINDOWS\system32\78.exe','');
QuarantineFile('C:\WINDOWS\system32\53.exe','');
QuarantineFile('C:\WINDOWS\system32\23.exe','');
QuarantineFile('C:\WINDOWS\system32\system.exe','');
QuarantineFile('C:\Documents and Settings\DAstashevich\Application Data\ltzqai.exe,C:\RECYCLER\S-1-5-21-0340169181-1155139293-923477065-0159\syscr.exe,explorer.exe','');
QuarantineFile('C:\RECYCLER\S-1-5-21-0340169181-1155139293-923477065-0159\syscr.exe','');
QuarantineFile('C:\Documents and Settings\DAstashevich\Application Data\ltzqai.exe','');
TerminateProcessByName('c:\windows\system32\syscache.exe');
QuarantineFile('c:\windows\system32\syscache.exe','');
TerminateProcessByName('c:\windows\system32\msvmiode.exe');
QuarantineFile('c:\windows\system32\msvmiode.exe','');
TerminateProcessByName('c:\docume~1\dastas~1\locals~1\temp\57643.exe');
QuarantineFile('c:\docume~1\dastas~1\locals~1\temp\57643.exe','');
TerminateProcessByName('c:\docume~1\dastas~1\locals~1\temp\152843.exe');
QuarantineFile('c:\docume~1\dastas~1\locals~1\temp\152843.exe','');
DeleteFile('c:\docume~1\dastas~1\locals~1\temp\152843.exe');
DeleteFile('c:\docume~1\dastas~1\locals~1\temp\57643.exe');
DeleteFile('c:\windows\system32\msvmiode.exe');
DeleteFile('c:\windows\system32\syscache.exe');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','Advanced DHTML Enable');
DeleteFile('C:\Documents and Settings\DAstashevich\Application Data\ltzqai.exe');
DeleteFile('C:\Documents and Settings\DAstashevich\Application Data\ltzqai.exe,C:\RECYCLER\S-1-5-21-0340169181-1155139293-923477065-0159\syscr.exe,explorer.exe');
DeleteFile('C:\RECYCLER\S-1-5-21-0340169181-1155139293-923477065-0159\syscr.exe');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','MSODESNV7');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','00636');
DeleteFile('C:\WINDOWS\system32\system.exe');
DeleteFile('C:\WINDOWS\system32\23.exe');
DeleteFile('C:\WINDOWS\system32\53.exe');
DeleteFile('C:\WINDOWS\system32\78.exe');
DeleteFile('C:\WINDOWS\system32\12.exe');
DeleteFile('C:\WINDOWS\system32\14.exe');
DeleteFile('C:\WINDOWS\system32\41.exe');
DeleteFile('C:\WINDOWS\system32\57.exe');
DeleteFile('C:\WINDOWS\system32\67.scr');
DeleteFile('C:\WINDOWS\system32\12.scr');
DeleteFile('C:\WINDOWS\system32\64.exe');
DeleteFile('C:\WINDOWS\system32\74.scr');
DeleteFile('C:\WINDOWS\system32\06.scr');
DeleteFile('C:\WINDOWS\system32\26.exe');
DeleteFile('C:\WINDOWS\system32\67.exe');
DeleteFile('C:\WINDOWS\system32\77.exe');
DeleteFile('C:\WINDOWS\system32\55.exe');
DeleteFile('C:\WINDOWS\system32\86.exe');
DeleteFile('C:\WINDOWS\system32\00.exe');
DeleteFile('C:\WINDOWS\system32\02.exe');
DeleteFile('C:\WINDOWS\system32\04.exe');
DeleteFile('C:\WINDOWS\system32\11.exe');
DeleteFile('C:\WINDOWS\system32\15.exe');
DeleteFile('C:\WINDOWS\system32\16.exe');
DeleteFile('C:\WINDOWS\system32\24.exe');
DeleteFile('C:\WINDOWS\system32\28.exe');
DeleteFile('C:\WINDOWS\system32\32.exe');
DeleteFile('C:\WINDOWS\system32\42.exe');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows NT\CurrentVersion\Winlogon','Taskman');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(true);
end.
Компьютер перезагрузится.