Код:
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
QuarantineFile('C:\WINDOWS\system32\userini.exe','');
QuarantineFile('C:\WINDOWS\svc2.exe','');
QuarantineFile('C:\RECYCLER\S-1-5-21-8160551230-1161350719-587588468-0195\yv8g67.exe','');
QuarantineFile('C:\Documents and Settings\1\qilxrhojы.exe','');
QuarantineFile('C:\Documents and Settings\1\qilxrhojч.exe','');
QuarantineFile('C:\WINDOWS\system32\sys32.exe','');
QuarantineFile('C:\Documents and Settings\1\qilxrhojо.exe','');
QuarantineFile('C:\Documents and Settings\1\qilxrhojг.exe','');
QuarantineFile('C:\Documents and Settings\1\qilxrhojЮ.exe','');
QuarantineFile('C:\Documents and Settings\1\qilxrhojЎ.exe','');
QuarantineFile('C:\Documents and Settings\1\qilxrhojњ.exe','');
QuarantineFile('C:\Documents and Settings\1\qilxrhoj•.exe','');
QuarantineFile('C:\Documents and Settings\1\qilxrhoj”.exe','');
QuarantineFile('C:\Documents and Settings\1\qilxrhojЏ.exe','');
QuarantineFile('C:\Documents and Settings\1\qilxrhojЋ.exe','');
QuarantineFile('C:\Documents and Settings\1\qilxrhoj‰.exe','');
QuarantineFile('C:\Documents and Settings\1\qilxrhoj‡.exe','');
QuarantineFile('C:\Documents and Settings\1\qilxrhoj}.exe','');
QuarantineFile('C:\Documents and Settings\1\qilxrhoj{.exe','');
QuarantineFile('C:\Documents and Settings\1\qilxrhojz.exe','');
QuarantineFile('C:\Documents and Settings\1\qilxrhojx.exe','');
QuarantineFile('C:\Documents and Settings\1\qilxrhojw.exe','');
QuarantineFile('C:\Documents and Settings\1\qilxrhojs.exe','');
QuarantineFile('C:\Documents and Settings\1\qilxrhojn.exe','');
QuarantineFile('C:\Documents and Settings\1\qilxrhoji.exe','');
QuarantineFile('C:\Documents and Settings\1\qilxrhojg.exe','');
QuarantineFile('C:\Documents and Settings\1\qilxrhojP.exe','');
QuarantineFile('C:\Documents and Settings\1\qilxrhojD.exe','');
QuarantineFile('C:\Documents and Settings\1\qilxrhoj0.exe','');
QuarantineFile('C:\Documents and Settings\1\qilxrhoj#.exe','');
QuarantineFile('C:\WINDOWS\system32\drivers\zgnxuwluycfjj3.sys','');
DeleteService('zgnxuwluycfjj3');
DeleteFile('C:\WINDOWS\system32\drivers\zgnxuwluycfjj3.sys');
DeleteFile('C:\Documents and Settings\1\qilxrhoj#.exe');
DeleteFile('C:\Documents and Settings\1\qilxrhoj0.exe');
DeleteFile('C:\Documents and Settings\1\qilxrhojD.exe');
DeleteFile('C:\Documents and Settings\1\qilxrhojP.exe');
DeleteFile('C:\Documents and Settings\1\qilxrhojg.exe');
DeleteFile('C:\Documents and Settings\1\qilxrhoji.exe');
DeleteFile('C:\Documents and Settings\1\qilxrhojn.exe');
DeleteFile('C:\Documents and Settings\1\qilxrhojs.exe');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','qilxrhoj#');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','qilxrhoj0');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','qilxrhojD');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','qilxrhojP');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','qilxrhojG');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','qilxrhoji');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','qilxrhojn');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','qilxrhojS');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','qilxrhojw');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','qilxrhojx');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','qilxrhojz');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','qilxrhoj{');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','qilxrhoj}');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','qilxrhoj‡');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','qilxrhoj‰');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','qilxrhojЋ');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','qilxrhojЏ');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','qilxrhoj”');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','qilxrhoj•');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','qilxrhojњ');
DeleteFile('C:\Documents and Settings\1\qilxrhojw.exe');
DeleteFile('C:\Documents and Settings\1\qilxrhojx.exe');
DeleteFile('C:\Documents and Settings\1\qilxrhojz.exe');
DeleteFile('C:\Documents and Settings\1\qilxrhoj{.exe');
DeleteFile('C:\Documents and Settings\1\qilxrhoj}.exe');
DeleteFile('C:\Documents and Settings\1\qilxrhoj‡.exe');
DeleteFile('C:\Documents and Settings\1\qilxrhoj‰.exe');
DeleteFile('C:\Documents and Settings\1\qilxrhojЋ.exe');
DeleteFile('C:\Documents and Settings\1\qilxrhojЏ.exe');
DeleteFile('C:\Documents and Settings\1\qilxrhoj”.exe');
DeleteFile('C:\Documents and Settings\1\qilxrhoj•.exe');
DeleteFile('C:\Documents and Settings\1\qilxrhojњ.exe');
DeleteFile('C:\Documents and Settings\1\qilxrhojЎ.exe');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','qilxrhojЎ');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','qilxrhoj¤');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','qilxrhoj*');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','qilxrhojЇ');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','qilxrhojі');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','qilxrhojє');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','qilxrhojж');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','qilxrhojщ');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','qilxrhojЮ');
DeleteFile('C:\Documents and Settings\1\qilxrhojЮ.exe');
DeleteFile('C:\Documents and Settings\1\qilxrhojЩ.exe');
DeleteFile('C:\Documents and Settings\1\qilxrhojЖ.exe');
DeleteFile('C:\Documents and Settings\1\qilxrhojѕ.exe');
DeleteFile('C:\Documents and Settings\1\qilxrhojє.exe');
DeleteFile('C:\Documents and Settings\1\qilxrhojі.exe');
DeleteFile('C:\Documents and Settings\1\qilxrhojЇ.exe');
DeleteFile('C:\Documents and Settings\1\qilxrhoj*.exe');
DeleteFile('C:\Documents and Settings\1\qilxrhoj¤.exe');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','qilxrhojя');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','qilxrhojѕ');
DeleteFile('C:\Documents and Settings\1\qilxrhojЯ.exe');
DeleteFile('C:\Documents and Settings\1\qilxrhojа.exe');
DeleteFile('C:\Documents and Settings\1\qilxrhojб.exe');
DeleteFile('C:\Documents and Settings\1\qilxrhojг.exe');
DeleteFile('C:\Documents and Settings\1\qilxrhojо.exe');
DeleteFile('C:\Documents and Settings\1\qilxrhojр.exe');
DeleteFile('C:\Documents and Settings\1\qilxrhojч.exe');
DeleteFile('C:\Documents and Settings\1\qilxrhojы.exe');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','qilxrhojЫ');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','qilxrhojч');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','qilxrhojр');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','qilxrhojо');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','qilxrhojг');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','qilxrhojб');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','qilxrhojа');
DeleteFile('C:\WINDOWS\svc2.exe');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','NetLog2');
DeleteFile('C:\WINDOWS\system32\userini.exe');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','userini');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run','userini');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows NT\CurrentVersion\Winlogon','Taskman ');
BC_ImportAll;
ExecuteSysClean;
ExecuteRepair(11);
ExecuteWizard('TSW', 2, 2, true);
ExecuteWizard('SCU', 2, 2, true);
RegKeyIntParamWrite('HKLM','SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer','NoDriveTypeAutoRun',221);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '2201', 1);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1001', 1);
BC_Activate;
RebootWindows(true);
end.
После перезагрузки: