Код:
begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.'+#13#10+'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(true);
end;
TerminateProcessByName('c:\documents and settings\collider\application data\1c.exe');
QuarantineFile('c:\documents and settings\collider\application data\5.exe','');
QuarantineFile('c:\documents and settings\collider\application data\4.exe','');
QuarantineFile('c:\documents and settings\collider\application data\3.exe','');
QuarantineFile('c:\documents and settings\collider\application data\2.exe','');
QuarantineFile('c:\documents and settings\collider\application data\1.exe','');
QuarantineFile('C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-87891\sxsh10.exe','');
QuarantineFile('C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-81540\sxshin.exe','');
QuarantineFile('C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-756715\hdjojoba.exe','');
QuarantineFile('C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1981751\hyalla1.exe','');
QuarantineFile('C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-187892\s11h10.exe','');
QuarantineFile('C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-145751\h881lla1.exe','');
QuarantineFile('C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-11609\fjpdqz.exe','');
QuarantineFile('C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-111715\h1oba.exe','');
QuarantineFile('C:\RECYCLER\FWDmgr.exe','');
QuarantineFile('C:\Documents and Settings\Collider\Application Data\ScreenSaverPro.scr','');
QuarantineFile('C:\Documents and Settings\Collider\Application Data\Microsoft\Xrrqrn.exe','');
QuarantineFile('C:\Documents and Settings\Collider\Application Data\Microsoft\Trrqrj.exe','');
QuarantineFile('C:\Documents and Settings\Collider\Application Data\Microsoft\Prrqrf.exe','');
QuarantineFile('C:\Documents and Settings\Collider\Application Data\Microsoft\Krrqra.exe','');
QuarantineFile('C:\Documents and Settings\Collider\Application Data\Microsoft\Errqru.exe','');
QuarantineFile('C:\Documents and Settings\Collider\Application Data\Microsoft\Csrqrs.exe','');
QuarantineFile('C:\Documents and Settings\Collider\Application Data\Microsoft\Asrqrq.exe','');
QuarantineFile('C:\Documents and Settings\Collider\Application Data\Microsoft\Arrqrq.exe','');
QuarantineFile('C:\Documents and Settings\Collider\Application Data\Dqrqrt.exe','');
QuarantineFile('c:\documents and settings\collider\application data\1c.exe','');
DeleteFile('c:\documents and settings\collider\application data\1c.exe','32');
DeleteFile('C:\Documents and Settings\Collider\Application Data\Dqrqrt.exe','32');
DeleteFile('C:\Documents and Settings\Collider\Application Data\Microsoft\Arrqrq.exe','32');
DeleteFile('C:\Documents and Settings\Collider\Application Data\Microsoft\Asrqrq.exe','32');
DeleteFile('C:\Documents and Settings\Collider\Application Data\Microsoft\Csrqrs.exe','32');
DeleteFile('C:\Documents and Settings\Collider\Application Data\Microsoft\Errqru.exe','32');
DeleteFile('C:\Documents and Settings\Collider\Application Data\Microsoft\Krrqra.exe','32');
DeleteFile('C:\Documents and Settings\Collider\Application Data\Microsoft\Prrqrf.exe','32');
DeleteFile('C:\Documents and Settings\Collider\Application Data\Microsoft\Trrqrj.exe','32');
DeleteFile('C:\Documents and Settings\Collider\Application Data\Microsoft\Xrrqrn.exe','32');
DeleteFile('C:\Documents and Settings\Collider\Application Data\ScreenSaverPro.scr','32');
DeleteFile('C:\RECYCLER\FWDmgr.exe','32');
DeleteFile('C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-111715\h1oba.exe','32');
DeleteFile('C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-11609\fjpdqz.exe','32');
DeleteFile('C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-145751\h881lla1.exe','32');
DeleteFile('C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-187892\s11h10.exe','32');
DeleteFile('C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1981751\hyalla1.exe','32');
DeleteFile('C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-756715\hdjojoba.exe','32');
DeleteFile('C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-81540\sxshin.exe','32');
DeleteFile('C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-87891\sxsh10.exe','32');
DeleteFile('c:\documents and settings\collider\application data\5.exe','32');
DeleteFile('c:\documents and settings\collider\application data\4.exe','32');
DeleteFile('c:\documents and settings\collider\application data\3.exe','32');
DeleteFile('c:\documents and settings\collider\application data\2.exe','32');
DeleteFile('c:\documents and settings\collider\application data\1.exe','32');
RegKeyParamDel('HKEY_USERS','S-1-5-21-861567501-746137067-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run','Dqrqrt');
RegKeyParamDel('HKEY_USERS','S-1-5-21-861567501-746137067-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run','Arrqrq');
RegKeyParamDel('HKEY_USERS','S-1-5-21-861567501-746137067-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run','Asrqrq');
RegKeyParamDel('HKEY_USERS','S-1-5-21-861567501-746137067-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run','Csrqrs');
RegKeyParamDel('HKEY_USERS','S-1-5-21-861567501-746137067-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run','Errqru');
RegKeyParamDel('HKEY_USERS','S-1-5-21-861567501-746137067-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run','Krrqra');
RegKeyParamDel('HKEY_USERS','S-1-5-21-861567501-746137067-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run','Prrqrf');
RegKeyParamDel('HKEY_USERS','S-1-5-21-861567501-746137067-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run','Trrqrj');
RegKeyParamDel('HKEY_USERS','S-1-5-21-861567501-746137067-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run','Xrrqrn');
RegKeyParamDel('HKEY_USERS','S-1-5-21-861567501-746137067-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run','Screen Saver Pro 3.1');
RegKeyParamDel('HKEY_USERS','S-1-5-21-861567501-746137067-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run','Windows Firewall IP Manager');
RegKeyParamDel('HKEY_USERS','S-1-5-21-861567501-746137067-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run','h1dljoba');
RegKeyParamDel('HKEY_USERS','S-1-5-21-861567501-746137067-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run','fjpdqz');
RegKeyParamDel('HKEY_USERS','S-1-5-21-861567501-746137067-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run','h881la1');
RegKeyParamDel('HKEY_USERS','S-1-5-21-861567501-746137067-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run','x111n9');
RegKeyParamDel('HKEY_USERS','S-1-5-21-861567501-746137067-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run','hyalla1');
RegKeyParamDel('HKEY_USERS','S-1-5-21-861567501-746137067-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run','hdjojoba');
RegKeyParamDel('HKEY_USERS','S-1-5-21-861567501-746137067-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run','xshin');
RegKeyParamDel('HKEY_USERS','S-1-5-21-861567501-746137067-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run','xsh2n9');
RegKeyParamDel('HKEY_USERS','S-1-5-21-861567501-746137067-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run','MSNetTKNowiz');
RegKeyParamDel('HKEY_USERS','S-1-5-21-861567501-746137067-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run','MSNetDKNowiz');
BC_ImportAll;
ExecuteSysClean;
ExecuteWizard('SCU', 2, 3, true);
BC_Activate;
RebootWindows(true);
end.