Код:
begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.'+#13#10+'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(true);
end;
ClearQuarantine;
TerminateProcessByName('c:\users\user\appdata\roaming\1e002fe0-1426013611-d900-e43d-485b3982c6ec\nsu9bfb.tmp');
TerminateProcessByName('C:\Program Files\Core Temp\Core Temp.exe');
TerminateProcessByName('c:\users\user\appdata\roaming\1e002fe0-1426013611-d900-e43d-485b3982c6ec\jnsfd644.tmp');
StopService('pegesore');
QuarantineFile('C:\Users\User\AppData\Roaming\Yontoo\YontooDesktop.exe','');
QuarantineFile('C:\Users\User\AppData\Local\Temp\42226678FdOh','');
QuarantineFile('c:\users\user\appdata\roaming\1e002fe0-1426013611-d900-e43d-485b3982c6ec\nsu9bfb.tmp','');
QuarantineFile('c:\users\user\appdata\roaming\1e002fe0-1426013611-d900-e43d-485b3982c6ec\jnsfd644.tmp','');
DeleteFile('c:\users\user\appdata\roaming\1e002fe0-1426013611-d900-e43d-485b3982c6ec\nsu9bfb.tmp','32');
DeleteFile('C:\Users\User\AppData\Roaming\1E002FE0-1426013611-D900-E43D-485B3982C6EC\jnsfD644.tmp','32');
DeleteFile('C:\Windows\system32\drivers\qrnfd_1_10_0_9.sys','32');
DeleteFile('C:\Windows\system32\drivers\ssnfd.sys','32');
DeleteFile('C:\Program Files (x86)\Zaxar\ZaxarGameBrowser.exe','32');
DeleteFile('C:\Program Files (x86)\Zaxar\ZaxarLoader.exe','32');
DeleteFile('C:\Program Files (x86)\Zaxar\timetasks.exe','32');
DeleteFile('C:\Users\User\AppData\Local\Temp\42226678FdOh','32');
DeleteFile('C:\Users\User\AppData\Roaming\ASPackage\ASPackage.exe','32');
DeleteFile('C:\Users\User\AppData\Roaming\Yontoo\YontooDesktop.exe','32');
DeleteFile('C:\Windows\Tasks\APSnotifierPP1.job','64');
DeleteFile('C:\Windows\Tasks\APSnotifierPP2.job','64');
DeleteFile('C:\Windows\Tasks\APSnotifierPP3.job','64');
DeleteFile('C:\Windows\Tasks\PC SpeedUp Service Deactivator.job','64');
DeleteFile('C:\Windows\system32\Tasks\APSnotifierPP1','64');
DeleteFile('C:\Windows\system32\Tasks\APSnotifierPP2','64');
DeleteFile('C:\Windows\system32\Tasks\APSnotifierPP3','64');
DeleteFile('C:\Windows\system32\Tasks\At1','64');
DeleteFile('C:\Windows\system32\Tasks\PC SpeedUp Service Deactivator','64');
DeleteFile('C:\Windows\system32\Tasks\SmartWeb Upgrade Trigger Task','64');
DeleteFile('C:\Windows\system32\Tasks\{ACD68F1B-0C5C-46FB-B900-31B35B840EC3}','64');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ExpressFiles','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','ZaxarGameBrowser');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','ZaxarLoader');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','Timestasks');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\42226787','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\RunOnce','Update');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Yontoo Desktop','command');
DeleteService('ssnfd');
DeleteService('qrnfd_1_10_0_9');
DeleteService('pegesore');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
ExecuteRepair(3);
RebootWindows(false);
end.