Код:
begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1804', 1);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '2201', 3);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1004', 3);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1001', 1);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1201', 3);
QuarantineFile('C:\Users\Антно\appdata\local\apps\2.0\abril.exe','');
QuarantineFile('C:\ProgramData\Microsoft\Macromed\Flash Player\2952C70F-0E9D-4E55-9B70-8CFBB3D8A065\58E5F63C-7E1E-479A-A9B6-E5B72DB86DE3.exe','');
QuarantineFile('C:\ProgramData\KRB Updater Utility\krbupdater.exe','');
QuarantineFile('C:\Program Files (x86)\Kinoroom Browser\krbrowser.exe','');
QuarantineFile('C:\Program Files (x86)\Bvafivagh\arafeshgracacultrnwwating.exe','');
QuarantineFile('C:\Users\Антно\AppData\Local\Microsoft\B162D9CB2F78ED749039BE74D8AB9F65\E6548167019FD143C2FA143E0C929BD5.exe','');
DelBHO('{2BC46CFA-4B00-4193-A7BD-6AD1D0BCB5BC}');
QuarantineFile('C:\Users\Антно\AppData\LocalLow\SearchGo\searchgo.dll','');
DeleteService('arafeshgracacultrnwshazerryarcather.exe');
DeleteService('dowidoly');
DeleteService('lYTnwfuI');
DeleteService('MPCProtectService');
DeleteService('rijufoze');
DeleteService('vepyremyzbt');
DeleteService('zigipyro');
QuarantineFile('C:\Users\Антно\AppData\Local\12B92340-1471861454-81F5-3E61-10C37BE6065B\qnsmE8A8.tmp','');
QuarantineFile('C:\Program Files (x86)\12B92340-1471850302-81F5-3E61-10C37BE6065B\knsu79CC.tmpfs','');
QuarantineFile('C:\Program Files (x86)\12B92340-1471850302-81F5-3E61-10C37BE6065B\hnslBD9F.tmp','');
QuarantineFile('C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe','');
QuarantineFile('C:\Program Files (x86)\WebShield\WebShield.exe','');
QuarantineFile('C:\Program Files (x86)\12B92340-1471850302-81F5-3E61-10C37BE6065B\jnsmA60F.tmp','');
QuarantineFile('C:\Program Files (x86)\Bvafivagh\arafeshgracacultrnwshazerryarcather.exe','');
TerminateProcessByName('c:\users\2e13~1\appdata\local\temp\nsb6d8d.tmp\4b5181f1-1cbd-6adc-b110-246295dba599.exe');
QuarantineFile('c:\users\2e13~1\appdata\local\temp\nsb6d8d.tmp\4b5181f1-1cbd-6adc-b110-246295dba599.exe','');
DeleteFile('c:\users\2e13~1\appdata\local\temp\nsb6d8d.tmp\4b5181f1-1cbd-6adc-b110-246295dba599.exe','32');
DeleteFile('C:\Program Files (x86)\Bvafivagh\arafeshgracacultrnwshazerryarcather.exe','32');
DeleteFile('C:\Program Files (x86)\12B92340-1471850302-81F5-3E61-10C37BE6065B\jnsmA60F.tmp','32');
DeleteFile('C:\Program Files (x86)\WebShield\WebShield.exe','32');
DeleteFile('C:\Program Files (x86)\12B92340-1471850302-81F5-3E61-10C37BE6065B\hnslBD9F.tmp','32');
DeleteFile('C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe','32');
DeleteFile('C:\Program Files (x86)\12B92340-1471850302-81F5-3E61-10C37BE6065B\knsu79CC.tmpfs','32');
DeleteFile('C:\Users\Антно\AppData\Local\12B92340-1471861454-81F5-3E61-10C37BE6065B\qnsmE8A8.tmp','32');
DeleteFile('C:\Users\Антно\AppData\LocalLow\SearchGo\searchgo.dll','32');
DeleteFile('C:\Users\Антно\AppData\Local\Microsoft\B162D9CB2F78ED749039BE74D8AB9F65\E6548167019FD143C2FA143E0C929BD5.exe','32');
DeleteFile('C:\Program Files (x86)\Bvafivagh\arafeshgracacultrnwwating.exe','32');
DeleteFile('C:\Windows\system32\Tasks\Arafeshgracacult Renew','64');
DeleteFile('C:\Windows\system32\Tasks\Microsoft\929BD5C0E341AF2C341DF91076E65481','64');
DeleteFile('C:\Windows\system32\Tasks\Microsoft\929BD5C0E341AF2C341DF91076E65481SB','64');
DeleteFile('C:\Windows\system32\Tasks\Microsoft\KRBUUS\KRB Updater Utility Service','64');
DeleteFile('C:\Windows\system32\Tasks\Microsoft\KRBUUS\KRBLNKRUN','64');
DeleteFile('C:\Program Files (x86)\Kinoroom Browser\krbrowser.exe','32');
DeleteFile('C:\ProgramData\KRB Updater Utility\krbupdater.exe','32');
DeleteFile('C:\Windows\system32\Tasks\Microsoft\Windows\929BD5C0E341AF2C341DF91076E65481','64');
DeleteFile('C:\Windows\system32\Tasks\Microsoft\Windows\929BD5C0E341AF2C341DF91076E65481SB','64');
DeleteFile('C:\Windows\system32\Tasks\Microsoft\Windows\A2952C70F-0E9D-4E55-9B70-8CFBB3D8A065','64');
DeleteFile('C:\ProgramData\Microsoft\Macromed\Flash Player\2952C70F-0E9D-4E55-9B70-8CFBB3D8A065\58E5F63C-7E1E-479A-A9B6-E5B72DB86DE3.exe','32');
DeleteFile('C:\Users\Антно\appdata\local\apps\2.0\abril.exe','32');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(false);
end.
Будет выполнена перезагрузка компьютера.