Код:
begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
QuarantineFile('C:\Program Files\xtab\cmdshell.exe','');
QuarantineFile('C:\Program Files\xtab\browerwatchff.dll','');
QuarantineFile('C:\Program Files\xtab\browerwatchch.dll','');
QuarantineFile('C:\Program Files\radio canyon\radio canyon-bho.dll','');
QuarantineFile('C:\Users\Валера\AppData\Roaming\mystartsearch\UninstallManager.exe','');
QuarantineFile('C:\Users\E8CA~1\AppData\Roaming\Funmoods\UPDATE~1\UPDATE~1.EXE','');
QuarantineFile('C:\Users\E8CA~1\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE','');
QuarantineFile('C:\Users\E8CA~1\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE','');
QuarantineFile('C:\Program Files\Radio Canyon\52cf2a59-1efb-4454-914c-87a2d98dc154-11.exe','');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RPCSVCS.EXE','command');
DeleteFile('C:\Users\E8CA~1\AppData\Local\Temp\7\rpcserv.exe','32');
DeleteFile('C:\Users\Валера\AppData\Local\Apps\2.0\6W37VDOQ.GWR\235N9QT3.P17\wund..tion_45ec1bcecca77a53_0002.0000_764351e8af09666f\Wunderlist.exe','32');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','Wunderlist');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Wunderlist','command');
RegKeyParamDel('HKEY_USERS','S-1-5-21-3108902277-195349802-1038024844-1005\Software\Microsoft\Windows\CurrentVersion\Run','Wunderlist');
DeleteFile('C:\Windows\Tasks\52cf2a59-1efb-4454-914c-87a2d98dc154-1.job','32');
DeleteFile('C:\Windows\Tasks\52cf2a59-1efb-4454-914c-87a2d98dc154-11.job','32');
DeleteFile('C:\Program Files\Radio Canyon\52cf2a59-1efb-4454-914c-87a2d98dc154-11.exe','32');
DeleteFile('C:\Windows\Tasks\At1.job','32');
DeleteFile('C:\Users\E8CA~1\AppData\Local\Temp\22790420','32');
DeleteFile('C:\Windows\Tasks\Digital Sites.job','32');
DeleteFile('C:\Users\E8CA~1\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE','32');
DeleteFile('C:\Windows\system32\Tasks\52cf2a59-1efb-4454-914c-87a2d98dc154-1','32');
DeleteFile('C:\Windows\system32\Tasks\52cf2a59-1efb-4454-914c-87a2d98dc154-11','32');
DeleteFile('C:\Windows\system32\Tasks\Digital Sites','32');
DeleteFile('C:\Windows\system32\Tasks\At1','32');
DeleteFile('C:\Windows\system32\Tasks\DSite','32');
DeleteFile('C:\Windows\system32\Tasks\Funmoods','32');
DeleteFile('C:\Users\E8CA~1\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE','32');
DeleteFile('C:\Users\E8CA~1\AppData\Roaming\Funmoods\UPDATE~1\UPDATE~1.EXE','32');
DeleteFile('C:\Users\Валера\AppData\Roaming\mystartsearch\UninstallManager.exe','32');
DeleteFile('C:\Windows\system32\Tasks\{6FCD8A6D-87F9-4771-A11F-64C0DFA7A4EB}','32');
DeleteFile('C:\Windows\system32\Tasks\{E3FECF72-243B-4CA4-B6DF-2566061BE138}','32');
DeleteFile('C:\Program Files\radio canyon\radio canyon-bho.dll','32');
DeleteFile('C:\Program Files\xtab\browerwatchch.dll','32');
DeleteFile('C:\Program Files\xtab\browerwatchff.dll','32');
DeleteFile('C:\Program Files\xtab\cmdshell.exe','32');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(false);
end.
Компьютер перезагрузится.