Код:
begin
ExecuteAVUpdate;
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.'+#13#10+'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(true);
end;
ClearQuarantine;
TerminateProcessByName('c:\windows\system32\netupdsrv.exe');
TerminateProcessByName('c:\windows\system32\nethtsrv.exe');
TerminateProcessByName('c:\program files\gamesrs\gupdater.exe');
TerminateProcessByName('c:\program files\edealspop\edealspop.exe');
TerminateProcessByName('c:\users\1\appdata\local\biosdebugkeyboard\direct3dregistertask.exe');
TerminateProcessByName('c:\users\1\appdata\local\biosdebugkeyboard\biosdebugkeyboard.exe');
SetServiceStart('{16d667ee-6782-4b21-81df-8ded8ebc3868}w', 4);
SetServiceStart('nethfdrv', 4);
SetServiceStart('ServiceUpdater', 4);
SetServiceStart('NetHttpService', 4);
SetServiceStart('GamesRS', 4);
SetServiceStart('BIOSDebugKeyboard.exe', 4);
StopService('{16d667ee-6782-4b21-81df-8ded8ebc3868}w');
StopService('nethfdrv');
StopService('ServiceUpdater');
StopService('NetHttpService');
StopService('GamesRS');
StopService('BIOSDebugKeyboard.exe');
QuarantineFile('C:\Program Files\suptab\suptab.dll','');
QuarantineFile('C:\Program Files\adobe flash players 10.1\ie\x86\adobeflash32.dll','');
QuarantineFile('C:\Program Files\Adobe\install_flash_player_13_plugin.exe','');
QuarantineFile('C:\Users\1\AppData\Local\OSSambaWizard\OSSambaWizard.exe','');
QuarantineFile('C:\Users\1\AppData\Local\MethodMinimalRepository\MethodMinimalRepository.exe','');
QuarantineFile('C:\Users\1\AppData\Local\CronDebuggerODBC\CronDebuggerODBC.exe','');
QuarantineFile('C:\Users\1\AppData\Local\CopyFileMotion\CopyFileMotion.exe','');
QuarantineFile('C:\Users\1\AppData\Local\CodecMacroTooltip\CodecMacroTooltip.exe','');
QuarantineFile('C:\Users\1\AppData\Local\ClipboardQuickWindows\ClipboardQuickWindows.exe','');
QuarantineFile('C:\Program Files\BrowseMark\updateBrowseMark.exe','');
QuarantineFile('C:\Users\1\AppData\Local\PirritSuggestor\PirritService.exe','');
QuarantineFile('C:\Users\1\AppData\Local\a6ce1e96444c9b50de94ff39cd0bb8be\0c9bab70bac64a8.exe','');
QuarantineFile('C:\Windows\system32\drivers\nethfdrv.sys','');
QuarantineFile('C:\Windows\system32\drivers\{16d667ee-6782-4b21-81df-8ded8ebc3868}w.sys','');
QuarantineFile('C:\Windows\system32\hfpapi.dll','');
QuarantineFile('C:\Windows\system32\hfnapi.dll','');
QuarantineFile('c:\windows\system32\netupdsrv.exe','');
QuarantineFile('c:\windows\system32\nethtsrv.exe','');
QuarantineFile('c:\program files\gamesrs\gupdater.exe','');
QuarantineFile('c:\program files\edealspop\edealspop.exe','');
QuarantineFile('c:\users\1\appdata\local\biosdebugkeyboard\direct3dregistertask.exe','');
QuarantineFile('c:\users\1\appdata\local\biosdebugkeyboard\biosdebugkeyboard.exe','');
DeleteFile('c:\users\1\appdata\local\biosdebugkeyboard\direct3dregistertask.exe','32');
DeleteFile('C:\Windows\system32\hfnapi.dll','32');
DeleteFile('C:\Windows\system32\hfpapi.dll','32');
DeleteFile('C:\Windows\system32\drivers\{16d667ee-6782-4b21-81df-8ded8ebc3868}w.sys','32');
DeleteFile('C:\Users\1\AppData\Local\BIOSDebugKeyboard\BIOSDebugKeyboard.exe','32');
DeleteFile('C:\Users\1\AppData\Local\a6ce1e96444c9b50de94ff39cd0bb8be\0c9bab70bac64a8.exe','32');
DeleteFile('C:\Users\1\AppData\Local\PirritSuggestor\PirritService.exe','32');
DeleteFile('C:\Program Files\BrowseMark\updateBrowseMark.exe','32');
DeleteFile('C:\Users\1\AppData\Local\ClipboardQuickWindows\ClipboardQuickWindows.exe','32');
DeleteFile('C:\Users\1\AppData\Local\CodecMacroTooltip\CodecMacroTooltip.exe','32');
DeleteFile('C:\Users\1\AppData\Local\CopyFileMotion\CopyFileMotion.exe','32');
DeleteFile('C:\Users\1\AppData\Local\CronDebuggerODBC\CronDebuggerODBC.exe','32');
DeleteFile('C:\Users\1\AppData\Local\MethodMinimalRepository\MethodMinimalRepository.exe','32');
DeleteFile('C:\Users\1\AppData\Local\OSSambaWizard\OSSambaWizard.exe','32');
DeleteFile('C:\Program Files\Mobogenie\DaemonProcess.exe','32');
DeleteFile('C:\Program Files\eDealsPop\eDealsPop.exe','32');
DeleteFile('C:\Windows\Tasks\Digital Sites.job','32');
DeleteFile('C:\Windows\system32\Tasks\Daily Trigger ScheduleCD','32');
DeleteFile('C:\Windows\system32\Tasks\Digital Sites','32');
DeleteFile('C:\Windows\system32\Tasks\kbrowser-updater-utility','32');
DeleteFile('C:\Windows\system32\nethtsrv.exe','32');
DeleteFile('C:\Windows\system32\netupdsrv.exe','32');
DeleteFile('C:\Windows\system32\Drivers\nethfdrv.sys','32');
DeleteFile('C:\Program Files\gamesrs\gupdater.exe','32');
DeleteFile('C:\Program Files\suptab\suptab.dll','32');
DeleteFile('C:\Program Files\Adobe\install_flash_player_13_plugin.exe','32');
DeleteFile('C:\Windows\system32\Tasks\adobe-updater-startup-utility-ru','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','mobilegeni daemon');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','eDealsPop');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','Adobe Flash Player SU');
DeleteService('{16d667ee-6782-4b21-81df-8ded8ebc3868}w');
DeleteService('nethfdrv');
DeleteService('OSSambaWizard.exe');
DeleteService('MethodMinimalRepository.exe');
DeleteService('CronDebuggerODBC.exe');
DeleteService('CopyFileMotion.exe');
DeleteService('CodecMacroTooltip.exe');
DeleteService('ClipboardQuickWindows.exe');
DeleteService('Update BrowseMark');
DeleteService('PirritDesktop');
DeleteService('0c9bab70bac64a8.exe');
DeleteService('ServiceUpdater');
DeleteService('NetHttpService');
DeleteService('GamesRS');
DeleteService('BIOSDebugKeyboard.exe');
DeleteFileMask('c:\program files\gamesrs', '*', true, ' ');
DeleteFileMask('c:\program files\edealspop', '*', true, ' ');
DeleteFileMask('c:\users\1\appdata\local\biosdebugkeyboard', '*', true, ' ');
DeleteFileMask('C:\Users\1\AppData\Local\OSSambaWizard', '*', true, ' ');
DeleteFileMask('C:\Users\1\AppData\Local\MethodMinimalRepository', '*', true, ' ');
DeleteFileMask('C:\Users\1\AppData\Local\CronDebuggerODBC', '*', true, ' ');
DeleteFileMask('C:\Users\1\AppData\Local\CopyFileMotion', '*', true, ' ');
DeleteFileMask('C:\Users\1\AppData\Local\CodecMacroTooltip', '*', true, ' ');
DeleteFileMask('C:\Users\1\AppData\Local\ClipboardQuickWindows', '*', true, ' ');
DeleteFileMask('C:\Users\1\AppData\Local\PirritSuggestor', '*', true, ' ');
DeleteFileMask('C:\Users\1\AppData\Local\a6ce1e96444c9b50de94ff39cd0bb8be', '*', true, ' ');
DeleteDirectory('c:\program files\gamesrs');
DeleteDirectory('c:\program files\edealspop');
DeleteDirectory('c:\users\1\appdata\local\biosdebugkeyboard');
DeleteDirectory('C:\Users\1\AppData\Local\OSSambaWizard');
DeleteDirectory('C:\Users\1\AppData\Local\MethodMinimalRepository');
DeleteDirectory('C:\Users\1\AppData\Local\CronDebuggerODBC');
DeleteDirectory('C:\Users\1\AppData\Local\CopyFileMotion');
DeleteDirectory('C:\Users\1\AppData\Local\CodecMacroTooltip');
DeleteDirectory('C:\Users\1\AppData\Local\ClipboardQuickWindows');
DeleteDirectory('C:\Users\1\AppData\Local\PirritSuggestor');
DeleteDirectory('C:\Users\1\AppData\Local\a6ce1e96444c9b50de94ff39cd0bb8be');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(false);
end.