Код:
begin
ClearQuarantine;
SearchRootkit(true, true);
SetAVZGuardStatus(true);
TerminateProcessByName('c:\windows\widrive32.exe');
QuarantineFile('C:\WINDOWS\system32\cmdow.exe','');
QuarantineFile('C:\WINDOWS\widrive32.exe','');
QuarantineFile('C:\WINDOWS\system32\vmgre32.exe','');
QuarantineFile('C:\WINDOWS\system32\umdmgr.exe','');
QuarantineFile('c:\windows\widrive32.exe','');
DeleteFile('C:\WINDOWS\system32\umdmgr.exe');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','280');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','524');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','179');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','956');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','957');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','619');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','161');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','745');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','890');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','838');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','358');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','663');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','255');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','740');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','089');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','vmgre32');
DeleteFile('C:\WINDOWS\system32\vmgre32.exe');
DeleteFile('C:\WINDOWS\widrive32.exe');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','Microsoft Driver Setup');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run','Microsoft Driver Setup');
DeleteFile('C:\WINDOWS\system32\cmdow.exe');
BC_ImportDeletedList;
ExecuteSysClean;
ExecuteWizard('TSW',2,2,true);
BC_Activate;
CreateQurantineArchive(GetAVZDirectory+'quarantine.zip');
RebootWindows(true);
end.
После выполнения скрипта компьютер перезагрузится.