Код:
begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.'+#13#10+'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(true);
end;
ClearQuarantine;
QuarantineFile('C:\Documents and Settings\Admin\Application Data\Mjeeeq.exe','');
QuarantineFileF('C:\Documents and Settings\Admin\Application Data\ujgieauf', '*', true, ' ', 0, 0);
QuarantineFileF('C:\Documents and Settings\All Users\Application Data\IBank', '*', true, ' ', 0, 0);
QuarantineFileF('C:\Documents and Settings\Admin\Application Data\EMgTQGOSUus', '*', true, ' ', 0, 0);
DeleteFile('C:\Documents and Settings\Admin\Application Data\Mjeeeq.exe','32');
DeleteFile('C:\WINDOWS.0\system32\xtgina.dll','32');
DeleteFile('C:\WINDOWS.0\System32\BeTwinServiceXP.exe','32');
DeleteFile('C:\Documents and Settings\Admin\Start Menu\Programs\Startup\start0.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','software\microsoft\shared tools\msconfig\startupreg','Mjeeeq');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Policies\System','Windows Debugger 32');
RegKeyStrParamWrite('HKEY_LOCAL_MACHINE','system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list','C:\WINDOWS\system32\svchost.exe','C:\WINDOWS\system32\svchost.exe:*:Enabled:ipsec');
DeleteFileMask('C:\Documents and Settings\All Users\Application Data\IBank', '*', true, ' ');
DeleteFileMask('C:\Documents and Settings\Admin\Application Data\EMgTQGOSUus', '*', true, ' ');
DeleteFileMask('C:\Documents and Settings\Admin\Application Data\ujgieauf', '*', true, ' ');
DeleteDirectory('C:\Documents and Settings\Admin\Application Data\ujgieauf');
DeleteDirectory('C:\Documents and Settings\All Users\Application Data\IBank');
DeleteDirectory('C:\Documents and Settings\Admin\Application Data\EMgTQGOSUus');
DeleteService('BeTwinVideo');
DeleteService('BeTwinSystem');
DeleteService('BeTwinKeyboard');
DeleteService('BeTwinMouse');
BC_ImportAll;
ExecuteSysClean;
ExecuteWizard('SCU', 2, 3, true);
BC_Activate;
RebootWindows(true);
end.