Код:
begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
QuarantineFile('C:\Users\НИКИТА\appdata\roaming\svchost.exe','');
QuarantineFile('C:\Users\НИКИТА\appdata\roaming\microsoft\network\nf3box.se.exe','');
QuarantineFile('C:\Users\НИКИТА\appdata\roaming\microsoft\network\nf3box.in.exe','');
QuarantineFile('C:\Windows\vc_redist(x86).exe','');
QuarantineFile('C:\Windows\smss.exe','');
QuarantineFile('D:\autorun.inf','');
QuarantineFile('D:\vcompress.exe','');
QuarantineFile('C:\vcompress.exe','');
QuarantineFile('C:\autorun.inf','');
QuarantineFile('c:\progra~3\msoksi.exe','');
QuarantineFile('C:\Windows\svchost.exe','');
QuarantineFile('C:\Users\гость123\AppData\Roaming\Elements\Vcach.exe','');
QuarantineFile('C:\Users\гость123\AppData\Local\treehost.exe','');
QuarantineFile('C:\Users\НИКИТА\AppData\Roaming\vcomp.exe','');
QuarantineFile('C:\Users\НИКИТА\AppData\Roaming\sndacc.exe','');
QuarantineFile('C:\Users\НИКИТА\AppData\Roaming\proskp.exe','');
QuarantineFile('C:\Users\НИКИТА\AppData\Roaming\mypic.vbs','');
QuarantineFile('C:\Users\НИКИТА\AppData\Roaming\h01dw.vbs','');
QuarantineFile('C:\Users\НИКИТА\AppData\Roaming\Tbkcp\pshared.exe','');
QuarantineFile('C:\Users\НИКИТА\AppData\Roaming\Tbkcp\start.vbs','');
QuarantineFile('C:\Users\НИКИТА\AppData\Roaming\SunJavaUpdataShedule\SunJavaUpdata.exe','');
QuarantineFile('C:\Users\НИКИТА\AppData\Roaming\Render32.exe','');
QuarantineFile('C:\Users\НИКИТА\AppData\Roaming\DesktopAdm\dwm.exe','');
QuarantineFile('C:\Users\НИКИТА\AppData\Roaming\Cacher\Vcache.exe','');
QuarantineFile('C:\Documents\DCSCMIN\IMDCSC.exe','');
QuarantineFile('c:\users\НИКИТА\appdata\roaming\render32.exe','');
TerminateProcessByName('c:\windows\awfhrie.exe');
QuarantineFile('c:\windows\awfhrie.exe','');
DeleteFile('c:\windows\awfhrie.exe','32');
DeleteFile('C:\Documents\DCSCMIN\IMDCSC.exe','32');
DeleteFile('C:\Users\НИКИТА\AppData\Roaming\Cacher\Vcache.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\RunOnce','Vcs');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\RunOnce','Vcs');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run','Vcs');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run','Vcs');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HKCU','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HKLM','command');
DeleteFile('C:\Users\НИКИТА\AppData\Roaming\DesktopAdm\dwm.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','HKLM');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\RunOnce','dwmm');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','HKCU');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\RunOnce','dwmm');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run','dwmm');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run','dwmm');
DeleteFile('C:\Users\НИКИТА\AppData\Roaming\Render32.exe','32');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\RunOnce','fastupd');
DeleteFile('C:\Users\НИКИТА\AppData\Roaming\SunJavaUpdataShedule\SunJavaUpdata.exe','32');
DeleteFile('C:\Users\НИКИТА\AppData\Roaming\Tbkcp\start.vbs','32');
DeleteFile('C:\Users\НИКИТА\AppData\Roaming\Tbkcp\pshared.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\jhgfdertyui','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Tbkcp','command');
DeleteFile('C:\Users\НИКИТА\AppData\Roaming\h01dw.vbs','32');
DeleteFile('C:\Users\НИКИТА\AppData\Roaming\mypic.vbs','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\mypic','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','mypic');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run','mypic');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','mypic');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\h01dw','command');
DeleteFile('C:\Users\НИКИТА\AppData\Roaming\proskp.exe','32');
DeleteFile('C:\Users\НИКИТА\AppData\Roaming\sndacc.exe','32');
DeleteFile('C:\Users\НИКИТА\AppData\Roaming\vcomp.exe','32');
DeleteFile('C:\Users\гость123\AppData\Local\treehost.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\mainres','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\eedaede255435bc5c5c4','command');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\RunOnce','yyu45stream');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','eedaede255435bc5c5c4');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\RunOnce','sndcenter');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\RunOnce','IMJDC0');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\RunOnce','develspkp');
DeleteFile('C:\Users\гость123\AppData\Roaming\Elements\Vcach.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\RunOnce','Vcss');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\RunOnce','Vcss');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run','Vcss');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run','Vcss');
DeleteFile('C:\Windows\svchost.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\truevideo','command');
RegKeyParamDel('HKEY_USERS','S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run','jhgfdertyui');
RegKeyParamDel('HKEY_USERS','.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run','jhgfdertyui');
DeleteFile('c:\progra~3\msoksi.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run','43587');
DeleteFile('C:\autorun.inf','32');
DeleteFile('C:\vcompress.exe','32');
DeleteFile('D:\vcompress.exe','32');
DeleteFile('D:\autorun.inf','32');
DeleteFile('C:\Windows\smss.exe','32');
DeleteFile('C:\Windows\vc_redist(x86).exe','32');
DeleteFile('C:\Users\НИКИТА\appdata\roaming\microsoft\network\nf3box.in.exe','32');
DeleteFile('C:\Users\НИКИТА\appdata\roaming\microsoft\network\nf3box.se.exe','32');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
ExecuteREpair(9);
RebootWindows(false);
end.
Компьютер перезагрузится.