Код:
begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
QuarantineFile('C:\Users\Reigun\AppData\Roaming\HGQF.exe','');
QuarantineFile('C:\Users\Reigun\AppData\Roaming\GIQYHLF.exe','');
QuarantineFile('C:\Program Files (x86)\CinemaP-1.3cV10.12\335c4f0f-ecff-4f38-a4d3-29c987d614af-7.exe','');
QuarantineFile('C:\Program Files (x86)\CinemaP-1.3cV10.12\335c4f0f-ecff-4f38-a4d3-29c987d614af-6.exe','');
QuarantineFile('C:\Program Files (x86)\CinemaP-1.3cV10.12\335c4f0f-ecff-4f38-a4d3-29c987d614af-5.exe','');
QuarantineFile('C:\Program Files (x86)\CinemaP-1.3cV10.12\335c4f0f-ecff-4f38-a4d3-29c987d614af-4.exe','');
QuarantineFile('C:\Program Files (x86)\CinemaP-1.3cV10.12\335c4f0f-ecff-4f38-a4d3-29c987d614af-3.exe','');
QuarantineFile('C:\Program Files (x86)\CinemaP-1.3cV10.12\335c4f0f-ecff-4f38-a4d3-29c987d614af-2.exe','');
QuarantineFile('C:\Program Files (x86)\CinemaP-1.3cV10.12\335c4f0f-ecff-4f38-a4d3-29c987d614af-11.exe','');
QuarantineFile('C:\Program Files (x86)\CinemaP-1.3cV10.12\CinemaP-1.3cV10.12-codedownloader.exe','');
QuarantineFile('C:\Program Files (x86)\CinemaP-1.3cV10.12\0205dfd6-6ca5-4d2a-ad32-4b32e3aab076.exe','');
DelBHO('{11111111-1111-1111-1111-110611571181}');
QuarantineFile('C:\Program Files (x86)\CinemaP-1.3cV10.12\CinemaP-1.3cV10.12-bho.dll','');
TerminateProcessByName('c:\program files (x86)\cinemap-1.3cv10.12\335c4f0f-ecff-4f38-a4d3-29c987d614af-6.exe');
QuarantineFile('c:\program files (x86)\cinemap-1.3cv10.12\335c4f0f-ecff-4f38-a4d3-29c987d614af-6.exe','');
TerminateProcessByName('C:\Program Files (x86)\CinemaP-1.3cV10.12\0b4b17df-f18c-4ebc-a1d6-70773a860f82.exe');
QuarantineFile('C:\Program Files (x86)\CinemaP-1.3cV10.12\0b4b17df-f18c-4ebc-a1d6-70773a860f82.exe','');
TerminateProcessByName('c:\program files (x86)\cinemap-1.3cv10.12\0205dfd6-6ca5-4d2a-ad32-4b32e3aab076.exe');
QuarantineFile('c:\program files (x86)\cinemap-1.3cv10.12\0205dfd6-6ca5-4d2a-ad32-4b32e3aab076.exe','');
DeleteFile('c:\program files (x86)\cinemap-1.3cv10.12\0205dfd6-6ca5-4d2a-ad32-4b32e3aab076.exe','32');
DeleteFile('C:\Program Files (x86)\CinemaP-1.3cV10.12\0b4b17df-f18c-4ebc-a1d6-70773a860f82.exe','32');
DeleteFile('c:\program files (x86)\cinemap-1.3cv10.12\335c4f0f-ecff-4f38-a4d3-29c987d614af-6.exe','32');
DeleteFile('C:\Program Files (x86)\Mobogenie\DaemonProcess.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','mobilegeni daemon');
DeleteFile('C:\Program Files (x86)\CinemaP-1.3cV10.12\CinemaP-1.3cV10.12-bho.dll','32');
DeleteFile('C:\Windows\Tasks\0205dfd6-6ca5-4d2a-ad32-4b32e3aab076.job','64');
DeleteFile('C:\Program Files (x86)\CinemaP-1.3cV10.12\0205dfd6-6ca5-4d2a-ad32-4b32e3aab076.exe','32');
DeleteFile('C:\Windows\Tasks\0b4b17df-f18c-4ebc-a1d6-70773a860f82.job','64');
DeleteFile('C:\Program Files (x86)\CinemaP-1.3cV10.12\CinemaP-1.3cV10.12-codedownloader.exe','32');
DeleteFile('C:\Windows\Tasks\335c4f0f-ecff-4f38-a4d3-29c987d614af-1.job','64');
DeleteFile('C:\Windows\Tasks\335c4f0f-ecff-4f38-a4d3-29c987d614af-11.job','64');
DeleteFile('C:\Program Files (x86)\CinemaP-1.3cV10.12\335c4f0f-ecff-4f38-a4d3-29c987d614af-11.exe','32');
DeleteFile('C:\Program Files (x86)\CinemaP-1.3cV10.12\335c4f0f-ecff-4f38-a4d3-29c987d614af-2.exe','32');
DeleteFile('C:\Windows\Tasks\335c4f0f-ecff-4f38-a4d3-29c987d614af-2.job','64');
DeleteFile('C:\Windows\Tasks\335c4f0f-ecff-4f38-a4d3-29c987d614af-3.job','64');
DeleteFile('C:\Program Files (x86)\CinemaP-1.3cV10.12\335c4f0f-ecff-4f38-a4d3-29c987d614af-3.exe','32');
DeleteFile('C:\Windows\Tasks\335c4f0f-ecff-4f38-a4d3-29c987d614af-4.job','64');
DeleteFile('C:\Program Files (x86)\CinemaP-1.3cV10.12\335c4f0f-ecff-4f38-a4d3-29c987d614af-4.exe','32');
DeleteFile('C:\Program Files (x86)\CinemaP-1.3cV10.12\335c4f0f-ecff-4f38-a4d3-29c987d614af-5.exe','32');
DeleteFile('C:\Windows\Tasks\335c4f0f-ecff-4f38-a4d3-29c987d614af-5.job','64');
DeleteFile('C:\Windows\Tasks\335c4f0f-ecff-4f38-a4d3-29c987d614af-5_user.job','64');
DeleteFile('C:\Program Files (x86)\CinemaP-1.3cV10.12\335c4f0f-ecff-4f38-a4d3-29c987d614af-6.exe','32');
DeleteFile('C:\Program Files (x86)\CinemaP-1.3cV10.12\335c4f0f-ecff-4f38-a4d3-29c987d614af-7.exe','32');
DeleteFile('C:\Windows\Tasks\335c4f0f-ecff-4f38-a4d3-29c987d614af-7.job','64');
DeleteFile('C:\Windows\Tasks\335c4f0f-ecff-4f38-a4d3-29c987d614af-6.job','64');
DeleteFile('C:\Users\Reigun\AppData\Roaming\GIQYHLF.exe','32');
DeleteFile('C:\Windows\Tasks\GIQYHLF.job','64');
DeleteFile('C:\Windows\Tasks\HGQF.job','64');
DeleteFile('C:\Users\Reigun\AppData\Roaming\HGQF.exe','32');
DeleteFile('C:\Windows\system32\Tasks\0205dfd6-6ca5-4d2a-ad32-4b32e3aab076','64');
DeleteFile('C:\Windows\system32\Tasks\0b4b17df-f18c-4ebc-a1d6-70773a860f82','64');
DeleteFile('C:\Windows\system32\Tasks\335c4f0f-ecff-4f38-a4d3-29c987d614af-1','64');
DeleteFile('C:\Windows\system32\Tasks\335c4f0f-ecff-4f38-a4d3-29c987d614af-11','64');
DeleteFile('C:\Windows\system32\Tasks\335c4f0f-ecff-4f38-a4d3-29c987d614af-2','64');
DeleteFile('C:\Windows\system32\Tasks\335c4f0f-ecff-4f38-a4d3-29c987d614af-3','64');
DeleteFile('C:\Windows\system32\Tasks\335c4f0f-ecff-4f38-a4d3-29c987d614af-4','64');
DeleteFile('C:\Windows\system32\Tasks\335c4f0f-ecff-4f38-a4d3-29c987d614af-5','64');
DeleteFile('C:\Windows\system32\Tasks\335c4f0f-ecff-4f38-a4d3-29c987d614af-5_user','64');
DeleteFile('C:\Windows\system32\Tasks\335c4f0f-ecff-4f38-a4d3-29c987d614af-6','64');
DeleteFile('C:\Windows\system32\Tasks\335c4f0f-ecff-4f38-a4d3-29c987d614af-7','64');
DeleteFile('C:\Windows\system32\Tasks\GIQYHLF','64');
DeleteFile('C:\Windows\system32\Tasks\HGQF','64');
DeleteFileMask('C:\Program Files (x86)\CinemaP-1.3cV10.12', '*', true);
DeleteDirectory('C:\Program Files (x86)\CinemaP-1.3cV10.12');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(false);
end.
Компьютер перезагрузится.