Код:
begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
QuarantineFile('wadsrv.exe','');
QuarantineFile('C:\ProgramData\WADHostAgent\startprocess.js','');
QuarantineFile('C:\Program Files (x86)\Microsoft Data\InstallAddons.exe','');
QuarantineFile('C:\Program Files (x86)\VK Downloader\UTikzNzHO9.exe','');
QuarantineFile('C:\Windows\TEMP\VKDownloader_restartonfail_exe\VKDownloader.exe','');
QuarantineFile('C:\Program Files (x86)\ver8BlockAndSurf\J4BlockAndSurfJ52.exe','');
DelBHO('{7CE987D5-11B3-44FC-9C3D-03069360D462}');
DelBHO('{1FE48F08-A2AC-44AC-A21C-0556D91C50DA}');
DelBHO('{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}');
DelBHO('{3C6CF3C0-D800-4B4D-A3D8-8ADE406523B6}');
DelBHO('{488DBF46-B8FF-32F4-7C40-F09EB95D0BA7}');
QuarantineFile('C:\Program Files (x86)\ver8BlockAndSurf\190.dll','');
QuarantineFile('C:\Program Files (x86)\VK Downloader\K_l9EtqEFc.dll','');
QuarantineFile('C:\Program Files (x86)\XTab\SupTab.dll','');
QuarantineFile('C:\Users\Пользователь\AppData\Local\Yandex\browser.bat','');
QuarantineFile('C:\Users\Пользователь\AppData\Local\03DE0294-1426013884-05DA-6C06-380700080009\bnsd6B44.exe','');
QuarantineFile('C:\Program Files (x86)\Zaxar\timetasks.exe','');
QuarantineFile('C:\Program Files (x86)\Zaxar\ZaxarLoader.exe','');
QuarantineFile('C:\Program Files (x86)\Zaxar\ZaxarGameBrowser.exe','');
QuarantineFile('C:\Program Files (x86)\Google\chrome.bat','');
QuarantineFile('C:\Program Files\Common Files\WADHost\WADHost Client\waddrw.sys','');
SetServiceStart('webTinstMKTN', 4);
DeleteService('webTinstMKTN');
SetServiceStart('wadupdd', 4);
DeleteService('wadupdd');
SetServiceStart('WindowsMangerProtect', 4);
DeleteService('WindowsMangerProtect');
QuarantineFile('C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe','');
QuarantineFile('C:\Program Files\Common Files\WADHost\WADHost Client\wadsrv.exe','');
SetServiceStart('WADUpd', 4);
DeleteService('WADUpd');
QuarantineFile('C:\Program Files (x86)\advPlugin\Basement\ExtensionUpdaterService.exe','');
SetServiceStart('Update Service for advPlugin', 4);
DeleteService('Update Service for advPlugin');
SetServiceStart('ReimageRealTimeProtector', 4);
DeleteService('ReimageRealTimeProtector');
QuarantineFile('C:\Program Files (x86)\XTab\ProtectService.exe','');
SetServiceStart('IHProtect Service', 4);
DeleteService('IHProtect Service');
SetServiceStart('BasementDuster', 4);
DeleteService('BasementDuster');
QuarantineFile('C:\Windows\system32\Drivers\webTinstMKTN.sys','');
QuarantineFile('C:\Windows\system32\BDL.dll','');
QuarantineFile('C:\Users\Пользователь\AppData\Local\SmartWeb\swhk.dll','');
TerminateProcessByName('c:\users\Пользователь\appdata\local\smartweb\smartwebhelper.exe');
QuarantineFile('c:\users\Пользователь\appdata\local\smartweb\smartwebhelper.exe','');
TerminateProcessByName('c:\users\Пользователь\appdata\local\smartweb\smartwebapp.exe');
QuarantineFile('c:\users\Пользователь\appdata\local\smartweb\smartwebapp.exe','');
TerminateProcessByName('C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe');
QuarantineFile('C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe','');
TerminateProcessByName('C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe');
QuarantineFile('C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe','');
TerminateProcessByName('c:\programdata\windowsmangerprotect\protectwindowsmanager.exe');
QuarantineFile('c:\programdata\windowsmangerprotect\protectwindowsmanager.exe','');
TerminateProcessByName('c:\program files (x86)\xtab\protectservice.exe');
QuarantineFile('c:\program files (x86)\xtab\protectservice.exe','');
TerminateProcessByName('c:\program files (x86)\ver8blockandsurf\j4blockandsurfj52.exe');
QuarantineFile('c:\program files (x86)\ver8blockandsurf\j4blockandsurfj52.exe','');
TerminateProcessByName('c:\program files (x86)\advplugin\basement\extensionupdaterservice.exe');
QuarantineFile('c:\program files (x86)\advplugin\basement\extensionupdaterservice.exe','');
TerminateProcessByName('c:\program files (x86)\ver8blockandsurf\blockandsurf.exe');
QuarantineFile('c:\program files (x86)\ver8blockandsurf\blockandsurf.exe','');
TerminateProcessByName('c:\program files (x86)\igs\basementduster.exe');
QuarantineFile('c:\program files (x86)\igs\basementduster.exe','');
DeleteFile('c:\program files (x86)\igs\basementduster.exe','32');
DeleteFile('c:\program files (x86)\ver8blockandsurf\blockandsurf.exe','32');
DeleteFile('c:\program files (x86)\advplugin\basement\extensionupdaterservice.exe','32');
DeleteFile('c:\program files (x86)\ver8blockandsurf\j4blockandsurfj52.exe','32');
DeleteFile('c:\program files (x86)\xtab\protectservice.exe','32');
DeleteFile('c:\programdata\windowsmangerprotect\protectwindowsmanager.exe','32');
DeleteFile('C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe','32');
DeleteFile('C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe','32');
DeleteFile('c:\users\Пользователь\appdata\local\smartweb\smartwebapp.exe','32');
DeleteFile('c:\users\Пользователь\appdata\local\smartweb\smartwebhelper.exe','32');
DeleteFile('C:\Users\Пользователь\AppData\Local\SmartWeb\swhk.dll','32');
DeleteFile('C:\Windows\system32\Drivers\webTinstMKTN.sys','32');
DeleteFile('C:\Program Files (x86)\XTab\ProtectService.exe','32');
DeleteFile('C:\Program Files (x86)\advPlugin\Basement\ExtensionUpdaterService.exe','32');
DeleteFile('C:\Program Files\Common Files\WADHost\WADHost Client\wadsrv.exe','32');
DeleteFile('C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe','32');
DeleteFile('C:\Program Files\Common Files\WADHost\WADHost Client\waddrw.sys','32');
DeleteFile('C:\Program Files (x86)\Google\chrome.bat','32');
DeleteFile('C:\Program Files (x86)\Zaxar\ZaxarGameBrowser.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','ZaxarGameBrowser');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','ZaxarLoader');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','Timestasks');
DeleteFile('C:\Program Files (x86)\Zaxar\ZaxarLoader.exe','32');
DeleteFile('C:\Program Files (x86)\Zaxar\timetasks.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','WinCheck');
DeleteFile('C:\Users\Пользователь\AppData\Local\03DE0294-1426013884-05DA-6C06-380700080009\bnsd6B44.exe','32');
DeleteFile('C:\Users\Пользователь\AppData\Local\Yandex\browser.bat','32');
DeleteFile('C:\Program Files (x86)\XTab\SupTab.dll','32');
DeleteFile('C:\Program Files (x86)\VK Downloader\K_l9EtqEFc.dll','32');
DeleteFile('C:\Program Files (x86)\ver8BlockAndSurf\190.dll','32');
DeleteFile('C:\Program Files (x86)\ver8BlockAndSurf\J4BlockAndSurfJ52.exe','32');
DeleteFile('C:\Windows\Tasks\BlockAndSurf Update.job','64');
DeleteFile('C:\Windows\Tasks\Rerun service for VK Downloader.job','64');
DeleteFile('C:\Windows\TEMP\VKDownloader_restartonfail_exe\VKDownloader.exe','32');
DeleteFile('C:\Program Files (x86)\VK Downloader\UTikzNzHO9.exe','32');
DeleteFile('C:\Windows\Tasks\Update Service for VK Downloader.job','64');
DeleteFile('C:\Windows\Tasks\Update Service for VK Downloader2.job','64');
DeleteFile('C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe','32');
DeleteFile('C:\Windows\system32\Tasks\APSnotifierPP1','64');
DeleteFile('C:\Windows\system32\Tasks\APSnotifierPP2','64');
DeleteFile('C:\Windows\system32\Tasks\BlockAndSurf Update','64');
DeleteFile('C:\Windows\system32\Tasks\chrome5','64');
DeleteFile('C:\Windows\system32\Tasks\chrome5_logon','64');
DeleteFile('C:\Program Files (x86)\Microsoft Data\InstallAddons.exe','32');
DeleteFile('C:\Windows\system32\Tasks\GoogleUpdateTaskUserS_1_5_22_478699874-4155726479-3780505679-1001UA__3834343338393432352d2d55506c2a5a55576c412334','64');
DeleteFile('C:\ProgramData\WADHostAgent\startprocess.js','32');
DeleteFile('wadsrv.exe','32');
DeleteFile('C:\Windows\system32\Tasks\ReimageUpdater','64');
DeleteFile('C:\Windows\system32\Tasks\Rerun service for VK Downloader','64');
DeleteFile('C:\Windows\system32\Tasks\Soft installer','64');
DeleteFile('C:\Users\Пользователь\AppData\Local\IObit installer\iobitdownloader_monster.exe','32');
DeleteFile('C:\Windows\system32\Tasks\Update Service for VK Downloader','64');
DeleteFile('C:\Windows\system32\Tasks\Update Service for VK Downloader2','64');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(false);
end.
Компьютер перезагрузится.