Код:
begin
ExecuteAVUpdate;
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.'+#13#10+'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(true);
end;
ClearQuarantine;
TerminateProcessByName('c:\program files\common files\baidu\baiduprotect1.3\1.3.0.443\baiduprotect.exe');
SetServiceStart('BDSafeBrowser', 4);
SetServiceStart('BDMWrench', 4);
SetServiceStart('BDArKit', 4);
SetServiceStart('bd0004', 4);
SetServiceStart('bd0001', 4);
StopService('BDSafeBrowser');
StopService('BDMWrench');
StopService('BDArKit');
StopService('bd0004');
StopService('bd0001');
QuarantineFile('C:\Users\Марина\appdata\roaming\mail.ru newgamest\api.dll','');
QuarantineFile('C:\Program Files\RCP\systweakasp.exe','');
QuarantineFile('C:\iexplore.bat','');
QuarantineFile('C:\Users\Марина\AppData\Roaming\newnext.me\nengine.dll','');
QuarantineFile('C:\Users\Марина\AppData\Roaming\Mail.RU NewGamesT\Encrypt.exe','');
QuarantineFile('C:\Users\Марина\AppData\Roaming\FunSpace\VKMusicUpd\FunSpace.Update.Process.exe','');
QuarantineFile('C:\Users\Марина\AppData\Local\Yandex\YandexBrowser\Application\browser.url','');
QuarantineFile('C:\Users\Марина\AppData\Local\Win_update\Win_update.exe','');
QuarantineFile('C:\Program Files\Google\chrome.bat','');
DeleteFile('c:\program files\common files\baidu\baiduprotect1.3\1.3.0.443\baiduprotect.exe','32');
DeleteFile('C:\Program Files\Common Files\Baidu\BaiduProtect1.3\1.3.0.443\ad.dll','32');
DeleteFile('C:\Program Files\Common Files\Baidu\BaiduProtect1.3\1.3.0.443\BDKitUtils.dll','32');
DeleteFile('C:\Program Files\Common Files\Baidu\BaiduProtect1.3\1.3.0.443\BDLogicUtils.dll','32');
DeleteFile('C:\Program Files\Common Files\Baidu\BaiduProtect1.3\1.3.0.443\BDMNet.dll','32');
DeleteFile('C:\Program Files\Common Files\Baidu\BaiduProtect1.3\1.3.0.443\BDMReport.dll','32');
DeleteFile('C:\Program Files\Common Files\Baidu\BaiduProtect1.3\1.3.0.443\bdsg0001.dll','32');
DeleteFile('C:\Program Files\Common Files\Baidu\BaiduProtect1.3\1.3.0.443\DriverManager.dll','32');
DeleteFile('C:\Program Files\Common Files\Baidu\BaiduProtect1.3\1.3.0.443\plugins\BaiduRepair.dll','32');
DeleteFile('C:\Program Files\Common Files\Baidu\BaiduProtect1.3\1.3.0.443\plugins\HIPS.dll','32');
DeleteFile('C:\Program Files\Common Files\Baidu\BaiduProtect1.3\1.3.0.443\SafeBrowserDll.dll','32');
DeleteFile('C:\Program Files\Common Files\Baidu\BaiduProtect1.3\1.3.0.443\SafeExplorer.dll','32');
DeleteFile('C:\Windows\system32\DRIVERS\bd0002.sys','32');
DeleteFile('C:\Windows\system32\drivers\BDSafeBrowser.sys','32');
DeleteFile('C:\Windows\system32\DRIVERS\BDMWrench.sys','32');
DeleteFile('C:\Windows\system32\DRIVERS\BDArKit.sys','32');
DeleteFile('C:\Windows\system32\DRIVERS\bd0004.sys','32');
DeleteFile('C:\Windows\system32\DRIVERS\bd0001.sys','32');
DeleteFile('C:\Program Files\Mobogenie\DaemonProcess.exe','32');
DeleteFile('C:\Program Files\Google\chrome.bat','32');
DeleteFile('C:\Users\Марина\AppData\Local\Win_update\Win_update.exe','32');
DeleteFile('C:\Users\Марина\AppData\Local\Yandex\YandexBrowser\Application\browser.url','32');
DeleteFile('C:\Users\Марина\AppData\Roaming\FunSpace\VKMusicUpd\FunSpace.Update.Process.exe','32');
DeleteFile('C:\Users\Марина\AppData\Roaming\Mail.RU NewGamesT\Encrypt.exe','32');
DeleteFile('C:\Users\Марина\AppData\Roaming\newnext.me\nengine.dll','32');
DeleteFile('C:\iexplore.bat','32');
DeleteFile('C:\Windows\Tasks\Digital Sites.job','32');
DeleteFile('C:\Windows\Tasks\DSite.job','32');
DeleteFile('C:\Windows\Tasks\UpdaterEX.job','32');
DeleteFile('C:\Windows\system32\Tasks\ASP','32');
DeleteFile('C:\Windows\system32\Tasks\Digital Sites','32');
DeleteFile('C:\Windows\system32\Tasks\DSite','32');
DeleteFile('C:\Windows\system32\Tasks\Funmoods','32');
DeleteFile('C:\Program Files\RCP\systweakasp.exe','32');
DeleteFile('C:\Windows\system32\Tasks\UpdaterEX','32');
DeleteFile('C:\Users\Марина\appdata\roaming\mail.ru newgamest\api.dll','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\mobilegeni daemon','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TorrentExpress','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\VKMusic update process','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Encrypt','command');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','NextLive');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Search Protection','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','System\CurrentControlSet\Control\Session Manager\AppCertDlls','x64');
DeleteService('bd0002');
DeleteService('BDSafeBrowser');
DeleteService('BDMWrench');
DeleteService('BDArKit');
DeleteService('bd0004');
DeleteService('bd0001');
DeleteFileMask('C:\Users\Марина\AppData\Roaming\FunSpace', '*', true, ' ');
DeleteFileMask('C:\Users\Марина\AppData\Roaming\Mail.RU NewGamesT', '*', true, ' ');
DeleteFileMask('C:\Users\Марина\AppData\Local\Win_update', '*', true, ' ');
DeleteFileMask('C:\Program Files\Common Files\Baidu', '*', true, ' ');
DeleteDirectory('C:\Program Files\Common Files\Baidu');
DeleteDirectory('C:\Users\Марина\AppData\Roaming\FunSpace');
DeleteDirectory('C:\Users\Марина\AppData\Roaming\Mail.RU NewGamesT');
DeleteDirectory('C:\Users\Марина\AppData\Local\Win_update');
BC_ImportAll;
ExecuteSysClean;
BC_DeleteFile('c:\program files\common files\baidu\baiduprotect1.3\1.3.0.443\baiduprotect.exe');
BC_DeleteFile('C:\Program Files\Common Files\Baidu\BaiduProtect1.3\1.3.0.443\ad.dll');
BC_DeleteFile('C:\Program Files\Common Files\Baidu\BaiduProtect1.3\1.3.0.443\BDKitUtils.dll');
BC_DeleteFile('C:\Program Files\Common Files\Baidu\BaiduProtect1.3\1.3.0.443\BDLogicUtils.dll');
BC_DeleteFile('C:\Program Files\Common Files\Baidu\BaiduProtect1.3\1.3.0.443\BDMNet.dll');
BC_DeleteFile('C:\Program Files\Common Files\Baidu\BaiduProtect1.3\1.3.0.443\BDMReport.dll');
BC_DeleteFile('C:\Program Files\Common Files\Baidu\BaiduProtect1.3\1.3.0.443\bdsg0001.dll');
BC_DeleteFile('C:\Program Files\Common Files\Baidu\BaiduProtect1.3\1.3.0.443\DriverManager.dll');
BC_DeleteFile('C:\Program Files\Common Files\Baidu\BaiduProtect1.3\1.3.0.443\plugins\BaiduRepair.dll');
BC_DeleteFile('C:\Program Files\Common Files\Baidu\BaiduProtect1.3\1.3.0.443\plugins\HIPS.dll');
BC_DeleteFile('C:\Program Files\Common Files\Baidu\BaiduProtect1.3\1.3.0.443\SafeBrowserDll.dll');
BC_DeleteFile('C:\Program Files\Common Files\Baidu\BaiduProtect1.3\1.3.0.443\SafeExplorer.dll');
BC_DeleteFile('C:\Windows\system32\DRIVERS\bd0002.sys');
BC_DeleteFile('C:\Windows\system32\drivers\BDSafeBrowser.sys');
BC_DeleteFile('C:\Windows\system32\DRIVERS\BDMWrench.sys');
BC_DeleteFile('C:\Windows\system32\DRIVERS\BDArKit.sys');
BC_DeleteFile('C:\Windows\system32\DRIVERS\bd0004.sys');
BC_DeleteFile('C:\Windows\system32\DRIVERS\bd0001.sys');
BC_DeleteSvc('bd0001');
BC_DeleteSvc('bd0004');
BC_DeleteSvc('BDArKit');
BC_DeleteSvc('BDMWrench');
BC_DeleteSvc('BDSafeBrowser');
BC_DeleteSvc('bd0002');
BC_Activate;
ExecuteRepair(2);
RebootWindows(false);
end.