Код:
begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
QuarantineFile('C:\dolibarr\rundoliwamp.bat','');
QuarantineFile('C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe','');
QuarantineFile('C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe','');
DeleteService('MyWebSearchService');
QuarantineFile('C:\Windows\system32\drivers\{4f8c067a-e55a-4229-81e6-7be1491578a2}Gw.sys','');
SetServiceStart('{4f8c067a-e55a-4229-81e6-7be1491578a2}Gw', 4);
DeleteService('{4f8c067a-e55a-4229-81e6-7be1491578a2}Gw');
DeleteFile('C:\Windows\system32\drivers\{4f8c067a-e55a-4229-81e6-7be1491578a2}Gw.sys','32');
DeleteFile('MyWebSearchService.sys','32');
DeleteFile('C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe','32');
DeleteFile('C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MyWebSearch Email Plugin','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\My Web Search Bar Search Scope Monitor','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DriverScanner','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SpeedUpMyPC','command');
DeleteFile('C:\PROGRA~1\Uniblue\SPEEDU~1\launcher.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MobileDocuments','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\pr','command');
DeleteFile('C:\Program Files\Процесс312.docx.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WinsysMon','command');
DeleteFile('C:\Users\FOREXI~1\AppData\Local\Temp\nsc1235.tmp\googletoolbar.exe','32');
DeleteFile('C:\Users\ForexInvestGroup\AppData\Local\Amigo\Application\amigo.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\amigo','command');
DeleteFile('C:\Users\ForexInvestGroup\AppData\Roaming\ACEStream\engine\ace_engine.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AceStream','command');
DeleteFile('C:\Users\ForexInvestGroup\AppData\Roaming\eTranslator\eTranslator.exe','32');
DeleteFile('C:\Users\ForexInvestGroup\Documents\Almeza\StaffLogger\sysdrvmon.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Staff Logger','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\eTranslator Update','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\mwuvtcplul','command');
DeleteFile('C:\Users\ForexInvestGroup\appdata\roaming\acestream\engine\lib\ctools.dll','32');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(false);
end.
Будет выполнена перезагрузка компьютера.