begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
ClearHostsFile;
QuarantineFile('C:\Windows\system32\3rs23563.dll','');
QuarantineFile('C:\Users\ELNINO~1\AppData\Local\Temp\donDF52.tmp','');
QuarantineFile('C:\Windows\system32\dgihdva.dll','');
DeleteFile('C:\Windows\system32\dgihdva.dll');
DeleteFile('C:\Users\ELNINO~1\AppData\Local\Temp\donDF52.tmp');
DeleteFile('C:\Windows\system32\3rs23563.dll');
DelBHO('{FF0FE70F-B832-42F1-BAFF-247753B5E452}');
DelBHO('{F1E59DF7-D7FC-4ED6-BC1D-D13BE02FE6C5}');
RegKeyStrParamWrite('HKLM', 'SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows', 'AppInit_DLLs', '');
RegKeyStrParamWrite('HKEY_LOCAL_MACHINE','Software\Microsoft\WindowsNT\CurrentVersion\Winlogon','Userinit','C:\WINDOWS\system32\userinit.exe,');
BC_ImportALL;
ExecuteSysClean;
BC_Activate;
ExecuteWizard('SCU',2,3,true);
RebootWindows(true);
end.