Код:
begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.'+#13#10+'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(true);
end;
SetServiceStart('MySafeProxyMonitor', 4);
TerminateProcessByName('c:\program files\hd-quality-v3\30a17d86-e61c-42ac-bbca-96aa76a9e34d.exe');
TerminateProcessByName('c:\users\Андрей\appdata\roaming\cppredistx86.exe');
TerminateProcessByName('c:\programdata\windows\csrss.exe');
TerminateProcessByName('c:\users\Андрей\appdata\local\temp\2fibcxhs.lkr\x86\m1.exe');
TerminateProcessByName('c:\program files\xtrm group\mysafeproxy\bin\mysafeproxymonitor.exe');
TerminateProcessByName('c:\program files\ver7speeditup\speeditup.exe');
TerminateProcessByName('c:\users\Андрей\appdata\roaming\ssleas.exe');
TerminateProcessByName('c:\windows\temp\mrt66bd.tmp\stdrt.exe');
QuarantineFile('C:\Program Files\HD-Quality-v3\829c9f05-e528-4dc3-b8c1-c6e41e5bf82b.exe','');
QuarantineFile('C:\Users\Андрей\AppData\Roaming\ALAGYTY.exe','');
QuarantineFile('C:\Users\Андрей\AppData\Roaming\GTVFZC.exe','');
QuarantineFile('C:\Users\Андрей\AppData\Roaming\JM.exe','');
QuarantineFile('C:\Users\Андрей\AppData\Roaming\QNH.exe','');
QuarantineFile('C:\Users\Андрей\AppData\Roaming\UIUEPY.exe','');
QuarantineFile('C:\Users\Андрей\AppData\Roaming\YK.exe','');
QuarantineFile('C:\Program Files\HD-Quality-v3\30a17d86-e61c-42ac-bbca-96aa76a9e34d.exe','');
QuarantineFile('C:\Program Files\TotalPlusHD-3.1V24.10\TotalPlusHD-3.1V24.10-codedownloader.exe','');
QuarantineFile('C:\Program Files\TotalPlusHD-3.1V24.10\4cc6f82f-85f3-43c3-82e4-5b8b87f853ab-11.exe','');
QuarantineFile('C:\Program Files\TotalPlusHD-3.1V24.10\4cc6f82f-85f3-43c3-82e4-5b8b87f853ab-2.exe','');
QuarantineFile('C:\Program Files\TotalPlusHD-3.1V24.10\4cc6f82f-85f3-43c3-82e4-5b8b87f853ab-3.exe','');
QuarantineFile('C:\Program Files\TotalPlusHD-3.1V24.10\4cc6f82f-85f3-43c3-82e4-5b8b87f853ab-4.exe','');
QuarantineFile('C:\Program Files\TotalPlusHD-3.1V24.10\4cc6f82f-85f3-43c3-82e4-5b8b87f853ab-5.exe','');
QuarantineFile('C:\Program Files\HD-Quality-v3\HD-Quality-v3-codedownloader.exe','');
QuarantineFile('C:\Program Files\HD-Quality-v3\f3de8751-6459-4143-81b7-b746461dcd51-11.exe','');
QuarantineFile('C:\Program Files\HD-Quality-v3\f3de8751-6459-4143-81b7-b746461dcd51-2.exe','');
QuarantineFile('C:\Program Files\HD-Quality-v3\f3de8751-6459-4143-81b7-b746461dcd51-3.exe','');
QuarantineFile('C:\Program Files\HD-Quality-v3\f3de8751-6459-4143-81b7-b746461dcd51-4.exe','');
QuarantineFile('C:\Program Files\HD-Quality-v3\f3de8751-6459-4143-81b7-b746461dcd51-5.exe','');
QuarantineFile('C:\Program Files\ver7SpeeditUp\d9SpeeditUpU75.exe','');
QuarantineFile('C:\Users\A4F7~1\AppData\Local\Temp\start.exe','');
QuarantineFile('C:\Program Files\TotalPlusHD-3.1V24.10\TotalPlusHD-3.1V24.10-bho.dll','');
QuarantineFile('C:\Program Files\HD-Quality-v3\HD-Quality-v3-bho.dll','');
QuarantineFile('C:\Program Files\suptab\windowssupportdll32.dll','');
QuarantineFile('C:\Program Files\suptab\suptab.dll','');
QuarantineFile('C:\Program Files\suptab\search~2.dll','');
QuarantineFile('C:\Program Files\suptab\search~1.dll','');
QuarantineFile('C:\Program Files\suptab\hpui.exe','');
QuarantineFile('C:\Program Files\suptab\dpinterface32.dll','');
QuarantineFile('C:\Program Files\microsoft data\nsi.exe','');
QuarantineFile('C:\Program Files\hd-quality-v3\829C9F05-E528-4DC3-B8C1-C6E41E5BF82B.exe','');
QuarantineFile('C:\Program Files\hd-quality-v3\30A17D86-E61C-42AC-BBCA-96AA76A9E34D.exe','');
QuarantineFile('C:\Program Files\hd-quality-v3\hd-quality-v3-codedownloader.exe','');
QuarantineFile('C:\Program Files\hd-quality-v3\hd-quality-v3-bho.dll','');
QuarantineFile('C:\Program Files\hd-quality-v3\F3DE8751-6459-4143-81B7-B746461DCD51-5.exe','');
QuarantineFile('C:\Program Files\hd-quality-v3\F3DE8751-6459-4143-81B7-B746461DCD51-4.exe','');
QuarantineFile('C:\Program Files\hd-quality-v3\F3DE8751-6459-4143-81B7-B746461DCD51-3.exe','');
QuarantineFile('C:\Program Files\hd-quality-v3\F3DE8751-6459-4143-81B7-B746461DCD51-2.exe','');
QuarantineFile('C:\Program Files\hd-quality-v3\F3DE8751-6459-4143-81B7-B746461DCD51-11.exe','');
QuarantineFile('C:\Users\Андрей\appdata\roaming\yk.exe','');
QuarantineFile('C:\Users\Андрей\appdata\roaming\x11\engine.exe','');
QuarantineFile('C:\Users\Андрей\appdata\roaming\uiuepy.exe','');
QuarantineFile('C:\Users\Андрей\appdata\roaming\cppredistx86.exe','');
QuarantineFile('C:\Users\Андрей\appdata\local\temp\start.exe','');
QuarantineFile('C:\ProgramData\adsy\2GvNiv1x79DAS2.dll','');
QuarantineFile('C:\ProgramData\JoniCoUpoon\fsY3hKzEERDxDY.dll','');
QuarantineFile('C:\ProgramData\7save\kcz1tGlXfrJNBb.dll','');
QuarantineFile('C:\ProgramData\7save\e6LDI4xY0d2YZN.dll','');
QuarantineFile('C:\ProgramData\takeshop\L5IOp21B6heqeT.dll','');
QuarantineFile('C:\ProgramData\CooupExTeNssion\tYiCl69U2r8aix.dll','');
QuarantineFile('C:\Program Files\Deal Keeper\bin\utilDealKeeper.exe','');
QuarantineFile('C:\Program Files\Deal Keeper\updateDealKeeper.exe','');
QuarantineFile('C:\Windows\System32\lnsecsl.exe','');
QuarantineFile('C:\Windows\system32\Drivers\webinstrNew.sys','');
QuarantineFile('C:\Windows\system32\drivers\{55dce8ba-9dec-4013-937e-adbf9317d990}w.sys','');
QuarantineFile('C:\Users\Андрей\AppData\Local\Temp\2fibcxhs.lkr\x86\libwinpthread-1.dll','');
QuarantineFile('c:\windows\temp\mrt66bd.tmp\stdrt.exe','');
QuarantineFile('c:\users\Андрей\appdata\roaming\ssleas.exe','');
QuarantineFile('c:\program files\ver7speeditup\speeditup.exe','');
QuarantineFile('c:\program files\xtrm group\mysafeproxy\bin\mysafeproxymonitor.exe','');
QuarantineFile('c:\users\Андрей\appdata\local\temp\2fibcxhs.lkr\x86\m1.exe','');
QuarantineFile('c:\users\Андрей\appdata\local\temp\2fibcxhs.lkr\dcore.exe','');
QuarantineFile('c:\programdata\windows\csrss.exe','');
QuarantineFile('c:\users\Андрей\appdata\roaming\cppredistx86.exe','');
QuarantineFile('c:\program files\hd-quality-v3\30a17d86-e61c-42ac-bbca-96aa76a9e34d.exe','');
DeleteFile('c:\program files\hd-quality-v3\30a17d86-e61c-42ac-bbca-96aa76a9e34d.exe','32');
DeleteFile('c:\users\Андрей\appdata\roaming\cppredistx86.exe','32');
DeleteFile('c:\programdata\windows\csrss.exe','32');
DeleteFile('c:\users\Андрей\appdata\local\temp\2fibcxhs.lkr\dcore.exe','32');
DeleteFile('c:\users\Андрей\appdata\local\temp\2fibcxhs.lkr\x86\m1.exe','32');
DeleteFile('c:\program files\xtrm group\mysafeproxy\bin\mysafeproxymonitor.exe','32');
DeleteFile('c:\users\Андрей\appdata\roaming\ssleas.exe','32');
DeleteFile('c:\windows\temp\mrt66bd.tmp\stdrt.exe','32');
DeleteFile('C:\Users\Андрей\AppData\Local\Temp\2fibcxhs.lkr\x86\libwinpthread-1.dll','32');
DeleteFile('C:\Windows\system32\drivers\{55dce8ba-9dec-4013-937e-adbf9317d990}w.sys','32');
DeleteFile('C:\Windows\system32\Drivers\webinstrNew.sys','32');
DeleteFile('C:\Windows\System32\lnsecsl.exe','32');
DeleteFile('C:\Program Files\Deal Keeper\updateDealKeeper.exe','32');
DeleteFile('C:\Program Files\Deal Keeper\bin\utilDealKeeper.exe','32');
DeleteFile('C:\Program Files\baidu\baidu.exe','32');
DeleteFile('C:\ProgramData\CooupExTeNssion\tYiCl69U2r8aix.dll','32');
DeleteFile('C:\ProgramData\takeshop\L5IOp21B6heqeT.dll','32');
DeleteFile('C:\ProgramData\7save\e6LDI4xY0d2YZN.dll','32');
DeleteFile('C:\ProgramData\7save\kcz1tGlXfrJNBb.dll','32');
DeleteFile('C:\ProgramData\JoniCoUpoon\fsY3hKzEERDxDY.dll','32');
DeleteFile('C:\ProgramData\adsy\2GvNiv1x79DAS2.dll','32');
DeleteFile('C:\Users\Андрей\appdata\local\temp\start.exe','32');
DeleteFile('C:\Users\Андрей\appdata\roaming\cppredistx86.exe','32');
DeleteFile('C:\Users\Андрей\appdata\roaming\uiuepy.exe','32');
DeleteFile('C:\Users\Андрей\appdata\roaming\x11\engine.exe','32');
DeleteFile('C:\Users\Андрей\appdata\roaming\yk.exe','32');
DeleteFile('C:\Program Files\hd-quality-v3\F3DE8751-6459-4143-81B7-B746461DCD51-11.exe','32');
DeleteFile('C:\Program Files\hd-quality-v3\F3DE8751-6459-4143-81B7-B746461DCD51-2.exe','32');
DeleteFile('C:\Program Files\hd-quality-v3\F3DE8751-6459-4143-81B7-B746461DCD51-3.exe','32');
DeleteFile('C:\Program Files\hd-quality-v3\F3DE8751-6459-4143-81B7-B746461DCD51-4.exe','32');
DeleteFile('C:\Program Files\hd-quality-v3\F3DE8751-6459-4143-81B7-B746461DCD51-5.exe','32');
DeleteFile('C:\Program Files\hd-quality-v3\hd-quality-v3-bho.dll','32');
DeleteFile('C:\Program Files\hd-quality-v3\hd-quality-v3-codedownloader.exe','32');
DeleteFile('C:\Program Files\hd-quality-v3\30A17D86-E61C-42AC-BBCA-96AA76A9E34D.exe','32');
DeleteFile('C:\Program Files\hd-quality-v3\829C9F05-E528-4DC3-B8C1-C6E41E5BF82B.exe','32');
DeleteFile('C:\Program Files\microsoft data\nsi.exe','32');
DeleteFile('C:\Program Files\suptab\dpinterface32.dll','32');
DeleteFile('C:\Program Files\suptab\hpui.exe','32');
DeleteFile('C:\Program Files\suptab\search~1.dll','32');
DeleteFile('C:\Program Files\suptab\search~2.dll','32');
DeleteFile('C:\Program Files\suptab\suptab.dll','32');
DeleteFile('C:\Program Files\suptab\windowssupportdll32.dll','32');
DeleteFile('C:\Program Files\HD-Quality-v3\HD-Quality-v3-bho.dll','32');
DeleteFile('C:\Program Files\TotalPlusHD-3.1V24.10\TotalPlusHD-3.1V24.10-bho.dll','32');
DeleteFile('C:\Users\A4F7~1\AppData\Local\Temp\start.exe','32');
DeleteFile('C:\Program Files\ver7SpeeditUp\d9SpeeditUpU75.exe','32');
DeleteFile('C:\Windows\system32\Tasks\SpeeditUp Update','32');
DeleteFile('C:\Windows\system32\Tasks\WdfHG','32');
DeleteFile('C:\Program Files\HD-Quality-v3\f3de8751-6459-4143-81b7-b746461dcd51-5.exe','32');
DeleteFile('C:\Program Files\HD-Quality-v3\f3de8751-6459-4143-81b7-b746461dcd51-4.exe','32');
DeleteFile('C:\Program Files\HD-Quality-v3\f3de8751-6459-4143-81b7-b746461dcd51-3.exe','32');
DeleteFile('C:\Windows\system32\Tasks\f3de8751-6459-4143-81b7-b746461dcd51-3','32');
DeleteFile('C:\Windows\system32\Tasks\f3de8751-6459-4143-81b7-b746461dcd51-4','32');
DeleteFile('C:\Windows\system32\Tasks\f3de8751-6459-4143-81b7-b746461dcd51-5','32');
DeleteFile('C:\Program Files\HD-Quality-v3\f3de8751-6459-4143-81b7-b746461dcd51-2.exe','32');
DeleteFile('C:\Program Files\HD-Quality-v3\f3de8751-6459-4143-81b7-b746461dcd51-11.exe','32');
DeleteFile('C:\Program Files\HD-Quality-v3\HD-Quality-v3-codedownloader.exe','32');
DeleteFile('C:\Windows\system32\Tasks\f3de8751-6459-4143-81b7-b746461dcd51-11','32');
DeleteFile('C:\Windows\system32\Tasks\f3de8751-6459-4143-81b7-b746461dcd51-1','32');
DeleteFile('C:\Windows\system32\Tasks\4cc6f82f-85f3-43c3-82e4-5b8b87f853ab-5','32');
DeleteFile('C:\Program Files\TotalPlusHD-3.1V24.10\4cc6f82f-85f3-43c3-82e4-5b8b87f853ab-5.exe','32');
DeleteFile('C:\Program Files\TotalPlusHD-3.1V24.10\4cc6f82f-85f3-43c3-82e4-5b8b87f853ab-4.exe','32');
DeleteFile('C:\Program Files\TotalPlusHD-3.1V24.10\4cc6f82f-85f3-43c3-82e4-5b8b87f853ab-3.exe','32');
DeleteFile('C:\Program Files\TotalPlusHD-3.1V24.10\4cc6f82f-85f3-43c3-82e4-5b8b87f853ab-2.exe','32');
DeleteFile('C:\Program Files\TotalPlusHD-3.1V24.10\4cc6f82f-85f3-43c3-82e4-5b8b87f853ab-11.exe','32');
DeleteFile('C:\Program Files\TotalPlusHD-3.1V24.10\TotalPlusHD-3.1V24.10-codedownloader.exe','32');
DeleteFile('C:\Program Files\HD-Quality-v3\30a17d86-e61c-42ac-bbca-96aa76a9e34d.exe','32');
DeleteFile('C:\Windows\system32\Tasks\30a17d86-e61c-42ac-bbca-96aa76a9e34d','32');
DeleteFile('C:\Windows\system32\Tasks\4cc6f82f-85f3-43c3-82e4-5b8b87f853ab-1','32');
DeleteFile('C:\Windows\system32\Tasks\4cc6f82f-85f3-43c3-82e4-5b8b87f853ab-11','32');
DeleteFile('C:\Windows\system32\Tasks\4cc6f82f-85f3-43c3-82e4-5b8b87f853ab-2','32');
DeleteFile('C:\Windows\system32\Tasks\4cc6f82f-85f3-43c3-82e4-5b8b87f853ab-3','32');
DeleteFile('C:\Windows\system32\Tasks\4cc6f82f-85f3-43c3-82e4-5b8b87f853ab-4','32');
DeleteFile('C:\Users\Андрей\AppData\Roaming\YK.exe','32');
DeleteFile('C:\Users\Андрей\AppData\Roaming\UIUEPY.exe','32');
DeleteFile('C:\Users\Андрей\AppData\Roaming\QNH.exe','32');
DeleteFile('C:\Users\Андрей\AppData\Roaming\JM.exe','32');
DeleteFile('C:\Users\Андрей\AppData\Roaming\GTVFZC.exe','32');
DeleteFile('C:\Windows\Tasks\GTVFZC.job','32');
DeleteFile('C:\Windows\Tasks\JM.job','32');
DeleteFile('C:\Windows\Tasks\QNH.job','32');
DeleteFile('C:\Windows\Tasks\SpeeditUp Update.job','32');
DeleteFile('C:\Windows\Tasks\UIUEPY.job','32');
DeleteFile('C:\Windows\Tasks\YK.job','32');
DeleteFile('C:\Windows\Tasks\f3de8751-6459-4143-81b7-b746461dcd51-5_user.job','32');
DeleteFile('C:\Windows\Tasks\f3de8751-6459-4143-81b7-b746461dcd51-5.job','32');
DeleteFile('C:\Windows\Tasks\f3de8751-6459-4143-81b7-b746461dcd51-4.job','32');
DeleteFile('C:\Windows\Tasks\f3de8751-6459-4143-81b7-b746461dcd51-3.job','32');
DeleteFile('C:\Windows\Tasks\f3de8751-6459-4143-81b7-b746461dcd51-2.job','32');
DeleteFile('C:\Windows\Tasks\f3de8751-6459-4143-81b7-b746461dcd51-11.job','32');
DeleteFile('C:\Windows\Tasks\f3de8751-6459-4143-81b7-b746461dcd51-1.job','32');
DeleteFile('C:\Users\Андрей\AppData\Roaming\ALAGYTY.exe','32');
DeleteFile('C:\Program Files\HD-Quality-v3\829c9f05-e528-4dc3-b8c1-c6e41e5bf82b.exe','32');
DeleteFile('C:\Windows\Tasks\ALAGYTY.job','32');
DeleteFile('C:\Windows\Tasks\829c9f05-e528-4dc3-b8c1-c6e41e5bf82b.job','32');
DeleteFile('C:\Windows\Tasks\4cc6f82f-85f3-43c3-82e4-5b8b87f853ab-5_user.job','32');
DeleteFile('C:\Windows\Tasks\4cc6f82f-85f3-43c3-82e4-5b8b87f853ab-5.job','32');
DeleteFile('C:\Windows\Tasks\4cc6f82f-85f3-43c3-82e4-5b8b87f853ab-4.job','32');
DeleteFile('C:\Windows\Tasks\4cc6f82f-85f3-43c3-82e4-5b8b87f853ab-3.job','32');
DeleteFile('C:\Windows\Tasks\4cc6f82f-85f3-43c3-82e4-5b8b87f853ab-2.job','32');
DeleteFile('C:\Windows\Tasks\4cc6f82f-85f3-43c3-82e4-5b8b87f853ab-11.job','32');
DeleteFile('C:\Windows\Tasks\4cc6f82f-85f3-43c3-82e4-5b8b87f853ab-1.job','32');
DeleteFile('C:\Windows\Tasks\30a17d86-e61c-42ac-bbca-96aa76a9e34d.job','32');
DelBHO('{143db00d-899f-4910-a6b4-e17b0f2b692c}');
DelBHO('{3399a3f8-abb2-49ed-a33d-e37398280492}');
DelBHO('{44cb24be-63e8-4404-ba79-f6b2c6019337}');
DelBHO('{592a7c44-43ee-45b6-8837-d7adce1fc5a7}');
DelBHO('{5f0dbb39-8d51-4395-b682-25b53b12f0b1}');
DelBHO('{7fb8d862-90a3-4bb9-b754-1ed71376e51f}');
DeleteService('MySafeProxyMonitor');
DeleteService('Adobe Licensing Console');
DeleteService('Update Deal Keeper');
DeleteService('Util Deal Keeper');
RegKeyParamDel('HKEY_LOCAL_MACHINE','System\CurrentControlSet\Control\Session Manager\AppCertDlls','x64');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','Microsoft Visual C++ 2010');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','TornTv Downloader');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','Client Server Runtime Subsystem');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','baidu');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','CMD');
DeleteFileMask('C:\Program Files\HD-Quality-v3', '*', true);
DeleteDirectory('C:\Program Files\HD-Quality-v3');
DeleteFileMask('C:\Program Files\TotalPlusHD-3.1V24.10', '*', true);
DeleteDirectory('C:\Program Files\TotalPlusHD-3.1V24.10');
DeleteFileMask('C:\Program Files\ver7SpeeditUp', '*', true);
DeleteDirectory('C:\Program Files\ver7SpeeditUp');
DeleteFileMask('C:\Program Files\suptab', '*', true);
DeleteDirectory('C:\Program Files\suptab');
DeleteFileMask('C:\Users\Андрей\appdata\roaming\x11', '*', true);
DeleteDirectory('C:\Users\Андрей\appdata\roaming\x11');
DeleteFileMask('C:\Program Files\Microsoft Data', '*', true);
DeleteDirectory('C:\Program Files\Microsoft Data');
DeleteFileMask('C:\ProgramData\adsy', '*', true);
DeleteDirectory('C:\ProgramData\adsy');
DeleteFileMask('C:\ProgramData\JoniCoUpoon', '*', true);
DeleteDirectory('C:\ProgramData\JoniCoUpoon');
DeleteFileMask('C:\ProgramData\7save', '*', true);
DeleteDirectory('C:\ProgramData\7save');
DeleteFileMask('C:\ProgramData\takeshop', '*', true);
DeleteDirectory('C:\ProgramData\takeshop');
DeleteFileMask('C:\ProgramData\CooupExTeNssion', '*', true);
DeleteDirectory('C:\ProgramData\CooupExTeNssion');
DeleteFileMask('C:\Program Files\baidu', '*', true);
DeleteDirectory('C:\Program Files\baidu');
DeleteFileMask('C:\Program Files\Deal Keeper', '*', true);
DeleteDirectory('C:\Program Files\Deal Keeper');
DeleteFileMask('C:\Users\Андрей\AppData\Local\Temp\2fibcxhs.lkr', '*', true);
DeleteDirectory('C:\Users\Андрей\AppData\Local\Temp\2fibcxhs.lkr');
DeleteFileMask('c:\windows\temp\mrt66bd.tmp', '*', true);
DeleteDirectory('c:\windows\temp\mrt66bd.tmp');
DeleteFileMask('c:\program files\xtrm group', '*', true);
DeleteDirectory('c:\program files\xtrm group');
DeleteFileMask('c:\program files\movies toolbar', '*', true);
DeleteDirectory('c:\program files\movies toolbar');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(false);
end.
Компьютер перезагрузится.