Код:
begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.'+#13#10+'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(true);
end;
ClearQuarantine;
TerminateProcessByName('c:\users\hp\appdata\roaming\aan-dupksppo\unvise32.exe');
TerminateProcessByName('c:\programdata\trusted publisher\sw-booster\sw-booster.exe');
TerminateProcessByName('c:\programdata\iepluginservices\pluginservice.exe');
TerminateProcessByName('C:\Program Files (x86)\SupTab\Loader64.exe');
TerminateProcessByName('c:\program files (x86)\suptab\loader32.exe');
TerminateProcessByName('c:\program files (x86)\suptab\hpui.exe');
TerminateProcessByName('c:\program files (x86)\advplugin\basement\extensionupdaterservice.exe');
TerminateProcessByName('c:\programdata\windows\csrss.exe');
TerminateProcessByName('c:\program files (x86)\advplugin\backgroundsingleton.exe');
StopService('{9edd0ea8-2819-47c2-8320-b007d5996f8a}w64');
StopService('{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64');
StopService('{55685567-4840-4a91-962b-49a412e9485a}w64');
StopService('{0d4cca85-dc2d-45b2-bbaf-78d1b51629f0}w64');
StopService('Update Service for advPlugin');
StopService('IePluginServices');
QuarantineFile('c:\progra~2\search~1\datamngr\iebho.dllc:\progra~2\sw-boo~1\assist~1.dll','');
QuarantineFile('c:\progra~2\search~1\datamngr\datamngr.dll','');
QuarantineFile('C:\Users\Hp\AppData\Roaming\eTranslator\eTranslator.exe','');
QuarantineFile('C:\Users\Hp\AppData\Roaming\earurdfh\fradsfvv.exe','');
QuarantineFile('C:\Users\Hp\AppData\Local\jtunozw.dll','');
QuarantineFile('C:\Users\Hp\AppData\Local\Temp\temp3500049084.exe','');
QuarantineFile('C:\Users\Hp\AppData\Local\Temp\1565.tmp.exe','');
QuarantineFile('C:\PROGRA~2\SEARCH~1\Datamngr\x64\datamngr.dll','');
QuarantineFile('C:\PROGRA~2\SEARCH~1\Datamngr\x64\IEBHO.dllC:\PROGRA~2\SW-BOO~1\ASSIST~2.DLL','');
QuarantineFile('C:\Windows\system32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}w64.sys','');
QuarantineFile('C:\Windows\system32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys','');
QuarantineFile('C:\Windows\system32\drivers\{55685567-4840-4a91-962b-49a412e9485a}w64.sys','');
QuarantineFile('C:\Windows\system32\drivers\{0d4cca85-dc2d-45b2-bbaf-78d1b51629f0}w64.sys','');
QuarantineFile('c:\users\hp\appdata\roaming\aan-dupksppo\unvise32.exe','');
QuarantineFile('c:\programdata\trusted publisher\sw-booster\sw-booster.exe','');
QuarantineFile('c:\programdata\iepluginservices\pluginservice.exe','');
QuarantineFile('C:\Program Files (x86)\SupTab\Loader64.exe','');
QuarantineFile('c:\program files (x86)\suptab\loader32.exe','');
QuarantineFile('c:\program files (x86)\suptab\hpui.exe','');
QuarantineFile('c:\program files (x86)\advplugin\basement\extensionupdaterservice.exe','');
QuarantineFile('c:\programdata\windows\csrss.exe','');
QuarantineFile('c:\program files (x86)\advplugin\backgroundsingleton.exe','');
DeleteFile('c:\program files (x86)\advplugin\backgroundsingleton.exe','32');
DeleteFile('c:\programdata\windows\csrss.exe','32');
DeleteFile('c:\program files (x86)\suptab\hpui.exe','32');
DeleteFile('c:\program files (x86)\suptab\loader32.exe','32');
DeleteFile('C:\Program Files (x86)\SupTab\Loader64.exe','32');
DeleteFile('c:\programdata\trusted publisher\sw-booster\sw-booster.exe','32');
DeleteFile('C:\Windows\system32\drivers\{0d4cca85-dc2d-45b2-bbaf-78d1b51629f0}w64.sys','32');
DeleteFile('C:\Windows\system32\drivers\{55685567-4840-4a91-962b-49a412e9485a}w64.sys','32');
DeleteFile('C:\Windows\system32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys','32');
DeleteFile('C:\Windows\system32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}w64.sys','32');
DeleteFile('C:\Program Files (x86)\advPlugin\Basement\ExtensionUpdaterService.exe','32');
DeleteFile('C:\ProgramData\IePluginServices\PluginService.exe','32');
DeleteFile('C:\PROGRA~2\SEARCH~1\Datamngr\x64\IEBHO.dllC:\PROGRA~2\SW-BOO~1\ASSIST~2.DLL','32');
DeleteFile('C:\PROGRA~2\SEARCH~1\Datamngr\x64\datamngr.dll','32');
DeleteFile('C:\Users\Hp\AppData\Local\Temp\1565.tmp.exe','32');
DeleteFile('C:\Users\Hp\AppData\Local\Temp\temp3500049084.exe','32');
DeleteFile('C:\Users\Hp\AppData\Local\jtunozw.dll','32');
DeleteFile('C:\Users\Hp\AppData\Roaming\AAN-DUPKSPPO\unvise32.exe','32');
DeleteFile('C:\Users\Hp\AppData\Roaming\earurdfh\fradsfvv.exe','32');
DeleteFile('C:\Users\Hp\AppData\Roaming\eTranslator\eTranslator.exe','32');
DeleteFile('c:\progra~2\search~1\datamngr\datamngr.dll','32');
DeleteFile('c:\progra~2\search~1\datamngr\iebho.dllc:\progra~2\sw-boo~1\assist~1.dll','32');
DeleteFile('C:\Windows\Tasks\Digital Sites.job','64');
DeleteFile('C:\Windows\Tasks\SW-Booster-S-792098896.job','64');
DeleteFile('C:\Windows\Tasks\UpdaterEX.job','64');
DeleteFile('C:\Windows\system32\Tasks\Digital Sites','64');
DeleteFile('C:\Windows\system32\Tasks\SW-Booster-S-792098896','64');
DeleteFile('C:\Windows\system32\Tasks\UpdaterEX','64');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','Client Server Runtime Subsystem');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CrashReportInformer','command');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','TimeSaver');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','jtunozw');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','unvise32.exe');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\unvise32.exe','command');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','eTranslator Update');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','Zugo');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Zugo','command');
DeleteService('{9edd0ea8-2819-47c2-8320-b007d5996f8a}w64');
DeleteService('{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64');
DeleteService('{55685567-4840-4a91-962b-49a412e9485a}w64');
DeleteService('{0d4cca85-dc2d-45b2-bbaf-78d1b51629f0}w64');
DeleteService('Update Service for advPlugin');
DeleteService('IePluginServices');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(false);
end.