Код:
begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
QuarantineFile('C:\Documents and Settings\Administrator\Local Settings\Application Data\SystemDir\nethost.exe','');
QuarantineFile('C:\Documents and Settings\Administrator\Application Data\FMZTRJ.exe','');
QuarantineFile('C:\WINDOWS\system32\serv32.dll','');
QuarantineFile('C:\opera.bat','');
QuarantineFile('C:\Windows\Sys\taskmgr.vbs','');
QuarantineFile('C:\Program Files\Application Assistance\ap1.exe','');
QuarantineFile('C:\Program Files\Application Assistance\ap.exe','');
QuarantineFile('C:\Documents and Settings\Administrator\Local Settings\Application Data\SmartWeb\SmartWebHelper.exe','');
QuarantineFile('C:\Documents and Settings\Administrator\Local Settings\Application Data\Kometa\kometaup.exe','');
QuarantineFile('C:\Documents and Settings\Administrator\Local Settings\Application Data\Kometa\Panel\KometaLaunchPanel.exe','');
QuarantineFile('C:\Documents and Settings\Administrator\Application Data\svchost.exe','');
QuarantineFile('C:\Documents and Settings\Administrator\Application Data\eTranslator\eTranslator.exe','');
QuarantineFile('C:\Documents and Settings\Administrator\Application Data\Java\Update\Download\Cache\jsheded.exe','');
QuarantineFile('C:\Documents and Settings\Administrator\Application Data\Browsers\exe.rehcnual.bat','');
QuarantineFile('C:\Documents and Settings\Administrator\Application Data\Browsers\exe.emorhc.bat','');
QuarantineFile('C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ap2.exe','');
QuarantineFile('C:\Documents and Settings\Administrator\Application Data\Browsers\exe.arepo.bat','');
DeleteService('ckjsckaq');
SetServiceStart('BdSandBox', 4);
DeleteService('BdSandBox');
SetServiceStart('BDMWrench', 4);
DeleteService('BDMWrench');
SetServiceStart('BDFileDefend', 4);
DeleteService('BDFileDefend');
SetServiceStart('BDArKit', 4);
DeleteService('BDArKit');
SetServiceStart('bd0004', 4);
DeleteService('bd0004');
SetServiceStart('bd0003', 4);
DeleteService('bd0003');
SetServiceStart('bd0001', 4);
DeleteService('bd0001');
DeleteService('BDKVRTP');
SetServiceStart('BDSGRTP', 4);
DeleteService('BDSGRTP');
QuarantineFile('c:\windows\system32\wbem\wmiapsrv.exe','');
QuarantineFile('c:\windows\system32\spoolsv.exe','');
QuarantineFile('c:\windows\system32\dllhost.exe','');
TerminateProcessByName('c:\program files\common files\baidu\baiduprotect1.3\1.3.0.622\baiduprotect.exe');
DeleteFile('C:\Program Files\Common Files\Baidu\BaiduProtect1.3\1.3.0.622\ad.dll','32');
DeleteFile('C:\Program Files\Common Files\Baidu\BaiduProtect1.3\1.3.0.622\BDKitUtils.dll','32');
DeleteFile('C:\Program Files\Common Files\Baidu\BaiduProtect1.3\1.3.0.622\BDLogicUtils.dll','32');
DeleteFile('C:\Program Files\Common Files\Baidu\BaiduProtect1.3\1.3.0.622\BDMNet.dll','32');
DeleteFile('C:\Program Files\Common Files\Baidu\BaiduProtect1.3\1.3.0.622\BDMReport.dll','32');
DeleteFile('C:\Program Files\Common Files\Baidu\BaiduProtect1.3\1.3.0.622\bdsg0001.dll','32');
DeleteFile('C:\Program Files\Common Files\Baidu\BaiduProtect1.3\1.3.0.622\DriverManager.dll','32');
DeleteFile('C:\Program Files\Common Files\Baidu\BaiduProtect1.3\1.3.0.622\dynplugins\BbSavior.dll','32');
DeleteFile('C:\Program Files\Common Files\Baidu\BaiduProtect1.3\1.3.0.622\plugins\BaiduRepair.dll','32');
DeleteFile('C:\Program Files\Common Files\Baidu\BaiduProtect1.3\1.3.0.622\plugins\HIPS.dll','32');
DeleteFile('C:\Program Files\Common Files\Baidu\BaiduProtect1.3\1.3.0.622\SafeBrowserDll.dll','32');
DeleteFile('C:\Program Files\Common Files\Baidu\BaiduProtect1.3\1.3.0.622\SafeExplorer.dll','32');
DeleteFile('C:\WINDOWS\system32\DRIVERS\bd0001.sys','32');
DeleteFile('C:\WINDOWS\system32\DRIVERS\bd0003.sys','32');
DeleteFile('C:\WINDOWS\system32\DRIVERS\bd0004.sys','32');
DeleteFile('C:\WINDOWS\system32\DRIVERS\BDArKit.sys','32');
DeleteFile('C:\WINDOWS\system32\DRIVERS\BDFileDefend.sys','32');
DeleteFile('C:\WINDOWS\system32\DRIVERS\BDMWrench.sys','32');
DeleteFile('C:\Program Files\Baidu\BaiduSd\3.0.0.4605\BaiduSdSvc.exe','32');
DeleteFile('C:\WINDOWS\system32\drivers\ckjsckaq.sys','32');
DeleteFile('C:\Documents and Settings\Administrator\Application Data\Browsers\exe.arepo.bat','32');
DeleteFile('C:\Documents and Settings\Administrator\Application Data\AceWebExtension\updater\ace_web_extension.exe','32');
DeleteFile('C:\Documents and Settings\Administrator\Application Data\ACEStream\engine\ace_engine.exe','32');
DeleteFile('C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ap2.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ap2','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AceStream','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AceWebException','command');
DeleteFile('C:\Documents and Settings\Administrator\Application Data\Browsers\exe.emorhc.bat','32');
DeleteFile('C:\Documents and Settings\Administrator\Application Data\Browsers\exe.rehcnual.bat','32');
DeleteFile('C:\Documents and Settings\Administrator\Application Data\eTranslator\eTranslator.exe','32');
DeleteFile('C:\Documents and Settings\Administrator\Application Data\svchost.exe','32');
DeleteFile('C:\Documents and Settings\Administrator\Local Settings\Application Data\Kometa\Panel\KometaLaunchPanel.exe','32');
DeleteFile('C:\Documents and Settings\Administrator\Local Settings\Application Data\Kometa\kometaup.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\kometaup','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KometaLaunchPanel','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\eTranslator Automatic Update','command');
DeleteFile('C:\Documents and Settings\Administrator\Local Settings\Application Data\SmartWeb\SmartWebHelper.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SmartWeb','command');
DeleteFile('C:\Program Files\Application Assistance\ap.exe','32');
DeleteFile('C:\Program Files\Application Assistance\ap1.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ap1','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ap','command');
DeleteFile('C:\Windows\Sys\taskmgr.vbs','32');
DeleteFile('C:\opera.bat','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Program','command');
DeleteFile('C:\WINDOWS\Tasks\FMZTRJ.job','32');
DeleteFile('C:\Documents and Settings\Administrator\Application Data\FMZTRJ.exe','32');
DeleteFile('C:\Documents and Settings\Administrator\Local Settings\Application Data\SystemDir\nethost.exe','32');
DeleteFile('C:\WINDOWS\Tasks\nethost task.job','32');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(false);
end.
Будет выполнена перезагрузка компьютера.