Код:
begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
QuarantineFile('D:\Documents and Settings\Admin\Local Settings\Application Data\wincheck\wincheck.exe','');
QuarantineFile('D:\Documents and Settings\Admin\Application Data\Browsers\exe.xoferif.bat','');
QuarantineFile('D:\Documents and Settings\Admin\Application Data\Browsers\exe.rehcnual.bat','');
QuarantineFile('D:\Documents and Settings\Admin\Application Data\Browsers\exe.erolpxei.bat','');
QuarantineFile('D:\Documents and Settings\Admin\Application Data\Browsers\exe.emorhc.bat','');
DeleteService('servervo');
SetServiceStart('serversu', 4);
DeleteService('serversu');
SetServiceStart('serverca', 4);
DeleteService('serverca');
SetServiceStart('BlockAndSurf', 4);
DeleteService('BlockAndSurf');
QuarantineFile('D:\Program Files\Google\Chrome\Application\40.0.2214.93\PepperFlash\pepflashplayer.dll','');
QuarantineFile('D:\Program Files\ver2BlockAndSurf\b5sH186.dll','');
TerminateProcessByName('d:\program files\ver2blockandsurf\v9o.exe');
QuarantineFile('d:\program files\ver2blockandsurf\v9o.exe','');
TerminateProcessByName('d:\documents and settings\admin\local settings\application data\gmsd_ru_103\upgmsd_ru_103.exe');
QuarantineFile('d:\documents and settings\admin\local settings\application data\gmsd_ru_103\upgmsd_ru_103.exe','');
TerminateProcessByName('d:\documents and settings\admin\local settings\application data\microsoft\windows\toolbar.exe');
QuarantineFile('d:\documents and settings\admin\local settings\application data\microsoft\windows\toolbar.exe','');
TerminateProcessByName('d:\documents and settings\admin\application data\softwareupdater\susrv.exe');
QuarantineFile('d:\documents and settings\admin\application data\softwareupdater\susrv.exe','');
TerminateProcessByName('d:\program files\ver2blockandsurf\j6blockandsurfr79.exe');
QuarantineFile('d:\program files\ver2blockandsurf\j6blockandsurfr79.exe','');
TerminateProcessByName('d:\program files\gmsd_ru_103\gmsd_ru_103.exe');
QuarantineFile('d:\program files\gmsd_ru_103\gmsd_ru_103.exe','');
TerminateProcessByName('d:\documents and settings\admin\local settings\application data\convertad\casrv.exe');
QuarantineFile('d:\documents and settings\admin\local settings\application data\convertad\casrv.exe','');
TerminateProcessByName('d:\program files\ver2blockandsurf\b5sh186.exe');
QuarantineFile('d:\program files\ver2blockandsurf\b5sh186.exe','');
DeleteFile('d:\program files\ver2blockandsurf\b5sh186.exe','32');
DeleteFile('d:\documents and settings\admin\local settings\application data\convertad\casrv.exe','32');
DeleteFile('d:\program files\gmsd_ru_103\gmsd_ru_103.exe','32');
DeleteFile('d:\program files\ver2blockandsurf\j6blockandsurfr79.exe','32');
DeleteFile('d:\documents and settings\admin\application data\softwareupdater\susrv.exe','32');
DeleteFile('d:\documents and settings\admin\local settings\application data\microsoft\windows\toolbar.exe','32');
DeleteFile('d:\documents and settings\admin\local settings\application data\gmsd_ru_103\upgmsd_ru_103.exe','32');
DeleteFile('d:\program files\ver2blockandsurf\v9o.exe','32');
DeleteFile('D:\Program Files\ver2BlockAndSurf\b5sH186.dll','32');
DeleteFile('D:\Documents and Settings\Admin\Application Data\Browsers\exe.emorhc.bat','32');
DeleteFile('D:\Documents and Settings\Admin\Application Data\Browsers\exe.erolpxei.bat','32');
DeleteFile('D:\Documents and Settings\Admin\Application Data\Browsers\exe.rehcnual.bat','32');
DeleteFile('D:\Documents and Settings\Admin\Application Data\Browsers\exe.xoferif.bat','32');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','SystemScript');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SystemScript','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','upgmsd_ru_103.exe');
DeleteFile('D:\Documents and Settings\Admin\Local Settings\Application Data\wincheck\wincheck.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WinCheck','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','gmsd_ru_103');
DeleteFile('D:\WINDOWS\Tasks\APSnotifierPP1.job','32');
DeleteFile('D:\WINDOWS\Tasks\APSnotifierPP2.job','32');
DeleteFile('D:\WINDOWS\Tasks\APSnotifierPP3.job','32');
DeleteFile('D:\WINDOWS\Tasks\BlockAndSurf Update.job','32');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(false);
end.
Компьютер перезагрузится.