Код:
begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
QuarantineFile('C:\Users\Alex\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE','');
QuarantineFile('C:\Users\Alex\AppData\Roaming\newSI_4396\s_inst.exe','');
QuarantineFile('C:\Users\Alex\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE','');
QuarantineFile('C:\Users\Alex\AppData\Roaming\DIGITA~2\UPDATE~1\UPDATE~1.EXE','');
DelCLSID('{D21D88E8-4123-48BA-B0B1-3FDBE4AE5FA4}');
DelBHO('{FB4F6285-4C32-49F2-950F-A5998F9CEC6C}');
QuarantineFile('D:\IQIYI Video\Common\Accelerator\IEHelper.dll','');
DeleteService('TS888');
DeleteService('QMUdisk');
SetServiceStart('ksapi', 4);
DeleteService('ksapi');
SetServiceStart('kisnetm', 4);
DeleteService('kisnetm');
SetServiceStart('KDHacker', 4);
DeleteService('KDHacker');
TerminateProcessByName('d:\iqiyi video\common\qyfragment.exe');
QuarantineFile('d:\iqiyi video\common\qyfragment.exe','');
QuarantineFile('d:\iqiyi video\lstyle\qyclient.exe','');
TerminateProcessByName('d:\iqiyi video\lstyle\qyclient.exe');
TerminateProcessByName('c:\program files\kingsoft\kingsoft antivirus\kxetray.exe');
TerminateProcessByName('c:\program files\kingsoft\kingsoft antivirus\kusbgd.exe');
TerminateProcessByName('c:\program files\application assistance\apphelper.exe');
QuarantineFile('c:\program files\application assistance\apphelper.exe','');
DeleteFile('c:\program files\application assistance\apphelper.exe','32');
DeleteFile('c:\program files\kingsoft\kingsoft antivirus\kusbgd.exe','32');
DeleteFile('c:\program files\kingsoft\kingsoft antivirus\kxetray.exe','32');
DeleteFile('d:\iqiyi video\lstyle\qyclient.exe','32');
DeleteFile('d:\iqiyi video\common\qyfragment.exe','32');
DeleteFile('c:\program files\kingsoft\kingsoft antivirus\defendmon.dll','32');
DeleteFile('c:\program files\kingsoft\kingsoft antivirus\jsonv6.dll','32');
DeleteFile('C:\program files\kingsoft\kingsoft antivirus\kavmenu.dll','32');
DeleteFile('c:\program files\kingsoft\kingsoft antivirus\kcctrl.dll','32');
DeleteFile('c:\program files\kingsoft\kingsoft antivirus\kdefendpop.dll','32');
DeleteFile('c:\program files\kingsoft\kingsoft antivirus\kdgui.dll','32');
DeleteFile('c:\program files\kingsoft\kingsoft antivirus\kdgui2.dll','32');
DeleteFile('c:\program files\kingsoft\kingsoft antivirus\kdynmrey.dll','32');
DeleteFile('c:\program files\kingsoft\kingsoft antivirus\keasyipcn.dll','32');
DeleteFile('c:\program files\kingsoft\kingsoft antivirus\kfloatwin.dll','32');
DeleteFile('c:\program files\kingsoft\kingsoft antivirus\kismain.dll','32');
DeleteFile('c:\program files\kingsoft\kingsoft antivirus\kminitray.dll','32');
DeleteFile('c:\program files\kingsoft\kingsoft antivirus\kpopclt.dll','32');
DeleteFile('c:\program files\kingsoft\kingsoft antivirus\kpopsvr.dll','32');
DeleteFile('c:\program files\kingsoft\kingsoft antivirus\krcmddown.dll','32');
DeleteFile('c:\program files\kingsoft\kingsoft antivirus\krcmdmon.dll','32');
DeleteFile('c:\program files\kingsoft\kingsoft antivirus\ksapi.dll','32');
DeleteFile('c:\program files\kingsoft\kingsoft antivirus\ksdectrl.dll','32');
DeleteFile('c:\program files\kingsoft\kingsoft antivirus\kshmpg.dll','32');
DeleteFile('C:\program files\kingsoft\kingsoft antivirus\kskinmgr.dll','32');
DeleteFile('c:\program files\kingsoft\kingsoft antivirus\kspupwnd.dll','32');
DeleteFile('c:\program files\kingsoft\kingsoft antivirus\kstools.dll','32');
DeleteFile('c:\program files\kingsoft\kingsoft antivirus\kswscxex.dll','32');
DeleteFile('c:\program files\kingsoft\kingsoft antivirus\ksysopteng.dll','32');
DeleteFile('C:\program files\kingsoft\kingsoft antivirus\ktoolupd.dll','32');
DeleteFile('c:\program files\kingsoft\kingsoft antivirus\ktrashmon.dll','32');
DeleteFile('c:\program files\kingsoft\kingsoft antivirus\kupdatesp.dll','32');
DeleteFile('c:\program files\kingsoft\kingsoft antivirus\kusbcore.dll','32');
DeleteFile('c:\program files\kingsoft\kingsoft antivirus\kusbtool.dll','32');
DeleteFile('c:\program files\kingsoft\kingsoft antivirus\kvip.dll','32');
DeleteFile('c:\program files\kingsoft\kingsoft antivirus\kvipcore.dll','32');
DeleteFile('c:\program files\kingsoft\kingsoft antivirus\kwansvc.dll','32');
DeleteFile('C:\program files\kingsoft\kingsoft antivirus\kwssp.dll','32');
DeleteFile('c:\program files\kingsoft\kingsoft antivirus\kwsui.dll','32');
DeleteFile('c:\program files\kingsoft\kingsoft antivirus\kxebase.dll','32');
DeleteFile('c:\program files\kingsoft\kingsoft antivirus\kxebscsp.dll','32');
DeleteFile('C:\program files\kingsoft\kingsoft antivirus\kxecore\kxelog.dll','32');
DeleteFile('c:\program files\kingsoft\kingsoft antivirus\lblocker.dll','32');
DeleteFile('C:\program files\kingsoft\kingsoft antivirus\security\kxescan\kanthack.dll','32');
DeleteFile('c:\program files\kingsoft\kingsoft antivirus\security\kxescan\kavquara.dll','32');
DeleteFile('C:\program files\kingsoft\kingsoft antivirus\security\kxescan\kfcdetect.dll','32');
DeleteFile('C:\program files\kingsoft\kingsoft antivirus\security\kxescan\ksbwdet2.dll','32');
DeleteFile('C:\program files\kingsoft\kingsoft antivirus\security\kxescan\ksesscan.dll','32');
DeleteFile('C:\program files\kingsoft\kingsoft antivirus\security\kxescan\kseutil.dll','32');
DeleteFile('D:\IQIYI Video\Common\Accelerator\browseradapter.dll','32');
DeleteFile('D:\IQIYI Video\Common\AppNet.dll','32');
DeleteFile('D:\IQIYI Video\Common\avcodec-55.dll','32');
DeleteFile('D:\IQIYI Video\Common\avformat-55.dll','32');
DeleteFile('D:\IQIYI Video\Common\avutil-52.dll','32');
DeleteFile('D:\IQIYI Video\Common\fp2xh.dll','32');
DeleteFile('D:\IQIYI Video\Common\freetype6.dll','32');
DeleteFile('D:\IQIYI Video\Common\HCDNClientNet.dll','32');
DeleteFile('D:\IQIYI Video\Common\HCDNProxy.dll','32');
DeleteFile('D:\IQIYI Video\Common\libass.dll','32');
DeleteFile('D:\IQIYI Video\Common\libcdn-dll.dll','32');
DeleteFile('D:\IQIYI Video\Common\pthreadVC2.dll','32');
DeleteFile('D:\IQIYI Video\Common\pthreadGC2.dll','32');
DeleteFile('D:\IQIYI Video\Common\PopupWndProxy.dll','32');
DeleteFile('D:\IQIYI Video\Common\libfontconfig-1.dll','32');
DeleteFile('D:\IQIYI Video\Common\libexpat-1.dll','32');
DeleteFile('D:\IQIYI Video\Common\puma.dll','32');
DeleteFile('D:\IQIYI Video\Common\QuiLib.dll','32');
DeleteFile('D:\IQIYI Video\Common\QyPopWndDll.dll','32');
DeleteFile('D:\IQIYI Video\LStyle\Qylogger.dll','32');
DeleteFile('D:\IQIYI Video\LStyle\QYDownLoadProxy.dll','32');
DeleteFile('D:\IQIYI Video\LStyle\PumaPlayer.dll','32');
DeleteFile('D:\IQIYI Video\LStyle\ppsmb.dll','32');
DeleteFile('D:\IQIYI Video\LStyle\PHM.dll','32');
DeleteFile('c:\program files\kingsoft\kingsoft antivirus\security\kxescan\kdhacker.sys','32');
DeleteFile('c:\program files\kingsoft\kingsoft antivirus\security\ksnetm\kisnetm.sys','32');
DeleteFile('C:\Windows\system32\drivers\ksapi.sys','32');
DeleteFile('c:\program files\kingsoft\kingsoft antivirus\kusbquery.sys','32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\10.5.15816.217\QMUdisk.sys','32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\10.5.15816.217\TS888.sys','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','AppHelper');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved','{D21D88E8-4123-48BA-B0B1-3FDBE4AE5FA4}');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows NT\CurrentVersion\WOW\boot','shell');
DeleteFile('D:\IQIYI Video\Common\Accelerator\IEHelper.dll','32');
DeleteFile('C:\Users\Alex\AppData\Roaming\DIGITA~2\UPDATE~1\UPDATE~1.EXE','32');
DeleteFile('C:\Windows\Tasks\Digital Sites.job','32');
DeleteFile('C:\Windows\Tasks\DigitalSite.job','32');
DeleteFile('C:\Users\Alex\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE','32');
DeleteFile('C:\Users\Alex\AppData\Roaming\newSI_4396\s_inst.exe','32');
DeleteFile('C:\Windows\Tasks\newSI_4396.job','32');
DeleteFile('C:\Windows\Tasks\UpdaterEX.job','32');
DeleteFile('C:\Windows\system32\Tasks\Digital Sites','32');
DeleteFile('C:\Windows\system32\Tasks\DigitalSite','32');
DeleteFile('C:\Users\Alex\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE','32');
DeleteFile('C:\Windows\system32\Tasks\newSI_4396','32');
DeleteFile('C:\Windows\system32\Tasks\UpdaterEX','32');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(false);
end.
Компьютер перезагрузится.