Код:
begin
SetAVZGuardStatus(True);
DeleteFileMask(GetAVZDirectory+'Quarantine', '*.*', true);
RegKeyIntParamWrite('HKLM','SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer','NoDriveTypeAutoRun', 221);
RegKeyIntParamWrite('HKEY_LOCAL_MACHINE', 'SYSTEM\CurrentControlSet\Control\Terminal Server','fAllowToGetHelp', 0);
RegKeyIntParamWrite('HKEY_LOCAL_MACHINE', 'SYSTEM\CurrentControlSet\Control\LSA','RestrictAnonymous', 2);
RegKeyIntParamWrite('HKEY_LOCAL_MACHINE', 'System\CurrentControlSet\Services\CDROM','AutoRun', 0);
SetServiceStart('Schedule', 4);
SetServiceStart('RemoteRegistry', 4);
QuarantineFile('C:\WINDOWS\msmqinst.log:UlZ8OoETAwE','');
DelCLSID('049F7772-5BF9-0488-0105-010800000804');
QuarantineFile('C:\WINDOWS\system32\flash.exe','');
DelBHO('{1E796980-9CC5-11D1-A83F-00C04FC99D61}');
DelBHO('{5067A26B-1337-4436-8AFE-EE169C2DA79F}');
DelBHO('{4DC09257-6893-44F5-8F74-60DC2F259111}');
QuarantineFile('C:\WINDOWS\system32\cd.dll','');
QuarantineFile('C:\WINDOWS\system32\ntos.exe','');
DeleteService('prexigfj');
QuarantineFile('C:\WINDOWS\system32\drivers\prexigfj.sys','');
DeleteService('mpr_freader');
DeleteFile('C:\DOCUME~1\0759~1\LOCALS~1\Temp\RarSFX3\mpr_freader.sys');
DeleteFile('C:\WINDOWS\system32\drivers\prexigfj.sys');
DeleteFile('C:\WINDOWS\system32\ntos.exe');
DeleteFile('C:\WINDOWS\system32\cd.dll');
DeleteFile('C:\WINDOWS\system32\flash.exe');
DeleteFile('C:\WINDOWS\msmqinst.log:UlZ8OoETAwE');
RegKeyStrParamWrite('HKEY_LOCAL_MACHINE', 'Software\Microsoft\Windows NT\CurrentVersion\Windows', 'AppInit_DLLs', StringReplace(RegKeyStrParamRead('HKEY_LOCAL_MACHINE', 'Software\Microsoft\Windows NT\CurrentVersion\Windows', 'AppInit_DLLs'), 'C:\WINDOWS\msmqinst.log:UlZ8OoETAwE', ''));
RegKeyStrParamWrite('HKEY_LOCAL_MACHINE', 'Software\Microsoft\Windows NT\CurrentVersion\Windows', 'AppInit_DLLs', StringReplace(RegKeyStrParamRead('HKEY_LOCAL_MACHINE', 'Software\Microsoft\Windows NT\CurrentVersion\Windows', 'AppInit_DLLs'), ',,', ','));
DeleteFileMask('%tmp% ','*.* ',true );
BC_ImportDeletedList;
ExecuteSysClean;
ExecuteWizard('TSW', 3, 3, true);
ExecuteWizard('SCU', 3, 3, true);
BC_Activate;
RebootWindows(true);
end.
После выполнения скрипта компьютер перезагрузится!