Код:
begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
QuarantineFile('D:\Documents and Settings\All Users\Application Data\ZuiSyog\pibd6peo.exe','');
QuarantineFile('D:\Documents and Settings\Admin\Local Settings\Application Data\SystemDir\nethost.exe','');
QuarantineFile('D:\Documents and Settings\Admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Вoйти в Интeрнет 2inf.net.lnk','');
QuarantineFile('D:\IEXPLORE.bat','');
QuarantineFile('D:\Documents and Settings\Admin\Application Data\Browsers\exe.erolpxei.bat','');
QuarantineFile('D:\Documents and Settings\Admin\Application Data\Browsers\exe.emorhc.bat','');
QuarantineFile('D:\DOCUME~1\Admin\LOCALS~1\APPLIC~1\Kometa\kometaup.exe','');
QuarantineFile('D:\Documents and Settings\Admin\Local Settings\Application Data\Kometa\kometaup.exe','');
QuarantineFile('D:\Program Files\explore.exe','');
QuarantineFile('D:\Documents and Settings\Admin\Local Settings\Application Data\gmsd_ru_025010077\upgmsd_ru_025010077.exe','');
DeleteService('TSSK');
DeleteService('QMUdisk');
QuarantineFile('D:\WINDOWS\system32\drivers\ppfd_vt_1_10_0_22.sys','');
QuarantineFile('D:\WINDOWS\system32\drivers\pfnfd_1_10_0_8.sys','');
DeleteService('ppfd_vt_1_10_0_22');
SetServiceStart('pfnfd_1_10_0_8', 4);
DeleteService('pfnfd_1_10_0_8');
DeleteService('globalUpdate');
QuarantineFile('D:\Program Files\globalUpdate\Update\globalupdate.exe','');
QuarantineFile('D:\Documents and Settings\Admin\Application Data\1E00FA60-1424208357-3D01-566E-001FC6E9793D\nsh27F.tmp','');
DeleteService('beryluxy');
QuarantineFile('D:\Documents and Settings\Admin\Application Data\1E00FA60-1424208357-3D01-566E-001FC6E9793D\JOSrv.exe','');
DeleteService('serverjo');
QuarantineFile('d:\windows\system32\codecs\updatechecker.exe','');
TerminateProcessByName('d:\documents and settings\admin\application data\newsi_10\s_inst.exe');
QuarantineFile('d:\documents and settings\admin\application data\newsi_10\s_inst.exe','');
TerminateProcessByName('d:\documents and settings\admin\application data\newsi_8\s_inst.exe');
QuarantineFile('d:\documents and settings\admin\application data\newsi_8\s_inst.exe','');
TerminateProcessByName('d:\documents and settings\admin\application data\newsi_2\s_inst.exe');
QuarantineFile('d:\documents and settings\admin\application data\newsi_2\s_inst.exe','');
TerminateProcessByName('d:\documents and settings\admin\application data\newsi_9\s_inst.exe');
QuarantineFile('d:\documents and settings\admin\application data\newsi_9\s_inst.exe','');
TerminateProcessByName('d:\documents and settings\admin\local settings\application data\kometa\kometaup.exe');
QuarantineFile('d:\documents and settings\admin\local settings\application data\kometa\kometaup.exe','');
DeleteFile('d:\documents and settings\admin\local settings\application data\kometa\kometaup.exe','32');
DeleteFile('d:\documents and settings\admin\application data\newsi_9\s_inst.exe','32');
DeleteFile('d:\documents and settings\admin\application data\newsi_2\s_inst.exe','32');
DeleteFile('d:\documents and settings\admin\application data\newsi_8\s_inst.exe','32');
DeleteFile('d:\documents and settings\admin\application data\newsi_10\s_inst.exe','32');
DeleteFile('D:\Documents and Settings\Admin\Application Data\1E00FA60-1424208357-3D01-566E-001FC6E9793D\JOSrv.exe','32');
DeleteFile('D:\Documents and Settings\Admin\Application Data\1E00FA60-1424208357-3D01-566E-001FC6E9793D\nsh27F.tmp','32');
DeleteFile('D:\Program Files\globalUpdate\Update\globalupdate.exe','32');
DeleteFile('D:\WINDOWS\system32\drivers\pfnfd_1_10_0_8.sys','32');
DeleteFile('D:\WINDOWS\system32\drivers\ppfd_vt_1_10_0_22.sys','32');
DeleteFile('D:\Program Files\Tencent\QQPCMgr\10.10.16443.223\QMUdisk.sys','32');
DeleteFile('D:\WINDOWS\system32\tssk.sys','32');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','frodsfdbfd');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','upgmsd_ru_025010077.exe');
DeleteFile('D:\Documents and Settings\Admin\Local Settings\Application Data\gmsd_ru_025010077\upgmsd_ru_025010077.exe','32');
DeleteFile('D:\Program Files\explore.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','pr');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','ap');
DeleteFile('D:\Documents and Settings\Admin\Local Settings\Application Data\Kometa\kometaup.exe','32');
DeleteFile('D:\DOCUME~1\Admin\LOCALS~1\APPLIC~1\Kometa\kometaup.exe','32');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\RunOnce','kometaupremove');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','kometaup');
DeleteFile('D:\Documents and Settings\Admin\Application Data\Browsers\exe.emorhc.bat','32');
DeleteFile('D:\Documents and Settings\Admin\Application Data\Browsers\exe.erolpxei.bat','32');
DeleteFile('D:\IEXPLORE.bat','32');
DeleteFile('D:\Documents and Settings\Admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Вoйти в Интeрнет 2inf.net.lnk','32');
DeleteFile('D:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job','32');
DeleteFile('D:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job','32');
DeleteFile('D:\WINDOWS\Tasks\nethost task.job','32');
DeleteFile('D:\Documents and Settings\Admin\Local Settings\Application Data\SystemDir\nethost.exe','32');
DeleteFile('D:\WINDOWS\Tasks\newSI_10.job','32');
DeleteFile('D:\WINDOWS\Tasks\newSI_2.job','32');
DeleteFile('D:\WINDOWS\Tasks\newSI_8.job','32');
DeleteFile('D:\WINDOWS\Tasks\newSI_9.job','32');
DeleteFile('D:\Documents and Settings\All Users\Application Data\ZuiSyog\pibd6peo.exe','32');
DeleteFile('D:\WINDOWS\Tasks\Tempo Runner pibd6peo.job','32');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(false);
end.
Будет выполнена перезагрузка компьютера.