Код:
begin
ExecuteAVUpdate;
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.'+#13#10+'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
StopService('WdMan');
DeleteService('WdMan');
QuarantineFile('C:\Documents and Settings\Admin\Application Data\MicrosoftUpdater\MicrosoftUpdater.exe','');
QuarantineFile('c:\documents and settings\admin\local settings\application data\gmsd_ru_025010221\upgmsd_ru_025010221.exe','');
QuarantineFile('C:\Documents and Settings\Admin\Local Settings\Application Data\Hostinstaller\3624133977_installcube.exe','');
QuarantineFile('C:\Documents and Settings\Admin\Local Settings\Temp\r742CdIiQjba.exe','');
QuarantineFile('c:\documents and settings\all users\application data\fwdmf\wdman.exe','');
QuarantineFile('C:\Documents and Settings\All Users\Application Data\KRB Updater Utility\krbupdater.exe','');
QuarantineFile('C:\Documents and Settings\All Users\Application Data\Microsoft\Macromed\Flash Player\EAA52587-0826-487F-A27D-D2649D244533\3B575057-5FD2-4BA3-9037-113325CA33D1.exe','');
QuarantineFile('C:\Program Files\gmsd_ru_025010221\gmsd_ru_025010221.exe','');
QuarantineFile('C:\Program Files\Kinoroom Browser\krbrowser.exe','');
QuarantineFile('C:\Program Files\Zaxar\ZaxarGameBrowser.exe','');
QuarantineFile('C:\Program Files\Zaxar\ZaxarLoader.exe','');
QuarantineFile('C:\Documents and Settings\Admin\Local Settings\Temp\sHnKRmurf8fW.exe','');
DeleteFile('C:\Documents and Settings\Admin\Local Settings\Temp\sHnKRmurf8fW.exe','32');
DeleteFile('C:\Documents and Settings\Admin\Application Data\MicrosoftUpdater\MicrosoftUpdater.exe','32');
DeleteFile('c:\documents and settings\admin\local settings\application data\gmsd_ru_025010221\upgmsd_ru_025010221.exe','32');
DeleteFile('C:\Documents and Settings\Admin\Local Settings\Application Data\Hostinstaller\3624133977_installcube.exe','32');
DeleteFile('C:\Documents and Settings\Admin\Local Settings\Temp\r742CdIiQjba.exe','32');
DeleteFile('c:\documents and settings\all users\application data\fwdmf\wdman.exe','32');
DeleteFile('C:\Documents and Settings\All Users\Application Data\KRB Updater Utility\krbupdater.exe','32');
DeleteFile('C:\Documents and Settings\All Users\Application Data\Microsoft\Macromed\Flash Player\EAA52587-0826-487F-A27D-D2649D244533\3B575057-5FD2-4BA3-9037-113325CA33D1.exe','32');
DeleteFile('C:\Program Files\gmsd_ru_025010221\gmsd_ru_025010221.exe','32');
DeleteFile('C:\Program Files\Kinoroom Browser\krbrowser.exe','32');
DeleteFile('C:\Program Files\Zaxar\ZaxarGameBrowser.exe','32');
DeleteFile('C:\Program Files\Zaxar\ZaxarLoader.exe','32');
DeleteFile('C:\WINDOWS\Tasks\MicrosoftUpdater.job','32');
DeleteFile('C:\WINDOWS\Tasks\Soft installer.job','32');
DeleteFileMask('c:\documents and settings\admin\local settings\application data\gmsd_ru_025010221', '*', true, ' ');
DeleteDirectory('c:\documents and settings\admin\local settings\application data\gmsd_ru_025010221');
DeleteFileMask('C:\Documents and Settings\Admin\Application Data\MicrosoftUpdater', '*', true, ' ');
DeleteDirectory('C:\Documents and Settings\Admin\Application Data\MicrosoftUpdater');
DeleteFileMask('C:\Documents and Settings\Admin\Local Settings\Application Data\Hostinstaller', '*', true, ' ');
DeleteDirectory('C:\Documents and Settings\Admin\Local Settings\Application Data\Hostinstaller');
DeleteFileMask('c:\documents and settings\all users\application data\fwdmf', '*', true, ' ');
DeleteDirectory('c:\documents and settings\all users\application data\fwdmf');
DeleteFileMask('C:\Program Files\gmsd_ru_025010221', '*', true, ' ');
DeleteDirectory('C:\Program Files\gmsd_ru_025010221');
DeleteFileMask('C:\Program Files\Kinoroom Browser', '*', true, ' ');
DeleteDirectory('C:\Program Files\Kinoroom Browser');
DeleteFileMask('C:\Program Files\Zaxar', '*', true, ' ');
DeleteDirectory('C:\Program Files\Zaxar');
DeleteFileMask('C:\Program Files\Kinoroom Browser', '*', true, ' ');
DeleteDirectory('C:\Program Files\Kinoroom Browser');
RegKeyStrParamWrite('HKCU', 'Control Panel\Desktop', 'WaitToKillAppTimeout', '20000');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\etqsnhlrkt','command');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','EAA52587-0826-487F-A27D-D2649D244533');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\gmsd_ru_025010221','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Kinoroom Browser','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\sphqzvnkey','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\upgmsd_ru_025010221.exe','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ZaxarGameBrowser','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ZaxarLoader','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run','EAA52587-0826-487F-A27D-D2649D244533');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run','KRB Updater Utility');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','upgmsd_ru_025010221.exe');
BC_ImportALL;
ExecuteSysClean;
BC_Activate;
ExecuteWizard('SCU', 2, 3, true);
RebootWindows(true);
end.
После выполнения скрипта компьютер перезагрузится.