Код:
begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
QuarantineFile('C:\Users\ноутбук\Desktop\SWW\SWW.exe','');
QuarantineFile('C:\PROGRA~1\YOUTUB~1\Updater.exe','');
QuarantineFile('C:\Program Files\YTAHelper\YTAHelper.exe','');
QuarantineFile('C:\ProgramData\ShopperPro\spbihe.js','');
QuarantineFile('C:\Program Files\ShopperPro\JSDriver\1.37.0.1365\jsdrv.exe','');
QuarantineFile('C:\Program Files\ShopperPro\updater.exe','');
QuarantineFile('C:\Program Files\ShopperPro\ShopperPro.exe','');
QuarantineFile('C:\Users\ноутбук\AppData\Local\Microsoft\Extensions\safebrowser.exe','');
QuarantineFile('C:\Program Files\Optimizer Pro\OptProLauncher.exe','');
QuarantineFile('C:\Program Files\Kinoroom Browser\kinoroom-browser.exe','');
QuarantineFile('C:\ProgramData\Kbupdater Utility\kbupdater-utility.exe','');
QuarantineFile('C:\Program Files\Common Files\Distribute Application\appdistrib.exe','');
QuarantineFile('C:\Program Files\BBerry\yAvTnLXM06.exe','');
QuarantineFile('C:\Users\ноутбук\AppData\Roaming\newSI_4196\s_inst.exe','');
QuarantineFile('C:\Users\ноутбук\AppData\Roaming\PZ.exe','');
QuarantineFile('C:\Users\ноутбук\AppData\Roaming\SXMQIHM.exe','');
QuarantineFile('C:\Users\ноутбук\AppData\Roaming\newSI_2149\s_inst.exe','');
QuarantineFile('C:\Users\ноутбук\AppData\Roaming\NDZRN.exe','');
QuarantineFile('C:\Users\ноутбук\AppData\Roaming\AVNUOK.exe','');
QuarantineFile('C:\Users\B9DA~1\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE','');
QuarantineFile('C:\Program Files\Senses\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-5.exe','');
QuarantineFile('C:\Program Files\Senses\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-4.exe','');
QuarantineFile('C:\Program Files\Senses\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-3.exe','');
QuarantineFile('C:\Program Files\Senses\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-2.exe','');
QuarantineFile('C:\Program Files\Senses\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-11.exe','');
QuarantineFile('C:\Program Files\Senses\Senses-codedownloader.exe','');
QuarantineFile('C:\Program Files\iWebar\170225a0-8048-4608-9719-56e8042fbbba-5.exe','');
QuarantineFile('C:\Program Files\iWebar\170225a0-8048-4608-9719-56e8042fbbba-4.exe','');
QuarantineFile('C:\Program Files\iWebar\170225a0-8048-4608-9719-56e8042fbbba-2.exe','');
QuarantineFile('C:\Program Files\iWebar\170225a0-8048-4608-9719-56e8042fbbba-11.exe','');
QuarantineFile('C:\Program Files\iWebar\iWebar-codedownloader.exe','');
DelBHO('{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}');
DelBHO('{6899109b-4834-41b5-be44-66668b779b1e}');
DelBHO('{a55b7be6-2055-4dd2-b977-6612159b7243}');
QuarantineFile('C:\ProgramData\LuckyCoupon\gjrbrsDeg9WX6x.dll','');
QuarantineFile('C:\ProgramData\FlexiBlEShoappEr\bokyNX3ADqfHVF.dll','');
DelBHO('{3C6CF3C0-D800-4B4D-A3D8-8ADE406523B6}');
QuarantineFile('C:\Program Files\VK Downloader\Toolbar32.dll','');
QuarantineFile('C:\Program Files\YouTube Accelerator\YouTubeAccelerator.exe','');
QuarantineFile('C:\Users\ноутбук\AppData\Roaming\Browsers\exe.resworb-mooronik.bat','');
QuarantineFile('C:\Users\ноутбук\AppData\Roaming\2CB39B8C\bin.exe','');
QuarantineFile('C:\Users\ноутбук\AppData\Local\Kometa\kometaup.exe','');
SetServiceStart('iSafeKrnlBoot', 4);
DeleteService('iSafeKrnlBoot');
SetServiceStart('fssfltr', 4);
DeleteService('fssfltr');
SetServiceStart('FileMonitor', 4);
DeleteService('FileMonitor');
SetServiceStart('FairplayKD', 4);
DeleteService('FairplayKD');
SetServiceStart('iSafeNetFilter', 4);
DeleteService('iSafeNetFilter');
SetServiceStart('iSafeKrnlR3', 4);
DeleteService('iSafeKrnlR3');
SetServiceStart('iSafeKrnlMon', 4);
DeleteService('iSafeKrnlMon');
SetServiceStart('iSafeKrnlKit', 4);
DeleteService('iSafeKrnlKit');
SetServiceStart('iSafeKrnl', 4);
DeleteService('iSafeKrnl');
DeleteService('serverca');
DeleteService('serverig');
DeleteService('Update Service for VK Downloader');
DeleteService('YouTubeAcceleratorService');
QuarantineFile('C:\PROGRA~1\YOUTUB~1\YouTubeAcceleratorService.exe','');
QuarantineFile('C:\Program Files\VK Downloader\Basement\ExtensionUpdaterService.exe','');
QuarantineFile('C:\Users\ноутбук\AppData\Local\igs\IGSrv.exe','');
QuarantineFile('C:\Users\ноутбук\AppData\Local\ConvertAd\CASrv.exe','');
QuarantineFile('C:\Program Files\IGS\OptimizerMonitor.exe','');
DeleteService('OptimizerMonitor');
QuarantineFile('C:\ProgramData\IePluginServices\PluginService.exe','');
DeleteService('IePluginServices');
SetServiceStart('iSafeService', 4);
DeleteService('iSafeService');
QuarantineFile('C:\ProgramData\YTAHelper\YTAHelper.dll','');
TerminateProcessByName('c:\program files\elex-tech\yac\isafesvc.exe');
DeleteFile('c:\program files\elex-tech\yac\isafesvc.exe','32');
DeleteFile('C:\Program Files\Elex-tech\YAC\curlpp.dll','32');
DeleteFile('C:\Program Files\Elex-tech\YAC\iCommu.dll','32');
DeleteFile('C:\Program Files\Elex-tech\YAC\iImportLib.dll','32');
DeleteFile('C:\Program Files\Elex-tech\YAC\ipcproxy.dll','32');
DeleteFile('C:\Program Files\Elex-tech\YAC\iSafeAdless.dll','32');
DeleteFile('C:\Program Files\Elex-tech\YAC\iSafebs.dll','32');
DeleteFile('C:\Program Files\Elex-tech\YAC\isafechlp.dll','32');
DeleteFile('C:\Program Files\Elex-tech\YAC\iSafeDisp.dll','32');
DeleteFile('C:\Program Files\Elex-tech\YAC\iSafeKrnlCall.dll','32');
DeleteFile('C:\Program Files\Elex-tech\YAC\iSafeKrnlMonCall.dll','32');
DeleteFile('C:\Program Files\Elex-tech\YAC\iSafenpf.dll','32');
DeleteFile('C:\Program Files\Elex-tech\YAC\isafepxy.dll','32');
DeleteFile('C:\Program Files\Elex-tech\YAC\isaferpt.dll','32');
DeleteFile('C:\Program Files\Elex-tech\YAC\isafeupbiz.dll','32');
DeleteFile('C:\Program Files\Elex-tech\YAC\iSvc.dll','32');
DeleteFile('C:\Program Files\Elex-tech\YAC\iSvc2.dll','32');
DeleteFile('C:\Program Files\Elex-tech\YAC\libcurl.dll','32');
DeleteFile('C:\Program Files\Elex-tech\YAC\LIBEAY32.dll','32');
DeleteFile('C:\Program Files\Elex-tech\YAC\sqlite3.dll','32');
DeleteFile('C:\Program Files\Elex-tech\YAC\SSLEAY32.dll','32');
DeleteFile('C:\ProgramData\YTAHelper\YTAHelper.dll','32');
DeleteFile('C:\Program Files\Elex-tech\YAC\iSafeKrnl.sys','32');
DeleteFile('C:\Program Files\Elex-tech\YAC\iSafeKrnlKit.sys','32');
DeleteFile('C:\Program Files\Elex-tech\YAC\iSafeKrnlMon.sys','32');
DeleteFile('C:\Program Files\Elex-tech\YAC\iSafeKrnlR3.sys','32');
DeleteFile('C:\Windows\system32\DRIVERS\iSafeNetFilter.sys','32');
DeleteFile('C:\ProgramData\IePluginServices\PluginService.exe','32');
DeleteFile('C:\Program Files\IGS\OptimizerMonitor.exe','32');
DeleteFile('C:\Users\ноутбук\AppData\Local\ConvertAd\CASrv.exe','32');
DeleteFile('C:\Users\ноутбук\AppData\Local\igs\IGSrv.exe','32');
DeleteFile('C:\Program Files\VK Downloader\Basement\ExtensionUpdaterService.exe','32');
DeleteFile('C:\PROGRA~1\YOUTUB~1\YouTubeAcceleratorService.exe','32');
DeleteFile('C:\Users\ноутбук\AppData\Local\Kometa\kometaup.exe','32');
DeleteFile('C:\Users\ноутбук\AppData\Roaming\2CB39B8C\bin.exe','32');
DeleteFile('C:\Users\ноутбук\AppData\Roaming\Browsers\exe.resworb-mooronik.bat','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\2CB39B8C','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\kometaup','command');
DeleteFile('C:\Program Files\YouTube Accelerator\YouTubeAccelerator.exe','32');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','GOOBZOYouTubeAccelerator');
DeleteFile('C:\Program Files\VK Downloader\Toolbar32.dll','32');
DeleteFile('C:\ProgramData\FlexiBlEShoappEr\bokyNX3ADqfHVF.dll','32');
DeleteFile('C:\ProgramData\LuckyCoupon\gjrbrsDeg9WX6x.dll','32');
DeleteFile('C:\Program Files\iWebar\iWebar-codedownloader.exe','32');
DeleteFile('C:\Program Files\iWebar\170225a0-8048-4608-9719-56e8042fbbba-11.exe','32');
DeleteFile('C:\Program Files\iWebar\170225a0-8048-4608-9719-56e8042fbbba-2.exe','32');
DeleteFile('C:\Program Files\iWebar\170225a0-8048-4608-9719-56e8042fbbba-4.exe','32');
DeleteFile('C:\Program Files\iWebar\170225a0-8048-4608-9719-56e8042fbbba-5.exe','32');
DeleteFile('C:\Windows\Tasks\170225a0-8048-4608-9719-56e8042fbbba-5_user.job','32');
DeleteFile('C:\Windows\Tasks\170225a0-8048-4608-9719-56e8042fbbba-5.job','32');
DeleteFile('C:\Windows\Tasks\170225a0-8048-4608-9719-56e8042fbbba-4.job','32');
DeleteFile('C:\Windows\Tasks\170225a0-8048-4608-9719-56e8042fbbba-2.job','32');
DeleteFile('C:\Windows\Tasks\170225a0-8048-4608-9719-56e8042fbbba-11.job','32');
DeleteFile('C:\Windows\Tasks\170225a0-8048-4608-9719-56e8042fbbba-1.job','32');
DeleteFile('C:\Windows\Tasks\357ca3d7-2a8f-4476-8774-d2a8b805956d-1.job','32');
DeleteFile('C:\Windows\Tasks\357ca3d7-2a8f-4476-8774-d2a8b805956d-11.job','32');
DeleteFile('C:\Windows\Tasks\357ca3d7-2a8f-4476-8774-d2a8b805956d-2.job','32');
DeleteFile('C:\Windows\Tasks\357ca3d7-2a8f-4476-8774-d2a8b805956d-3.job','32');
DeleteFile('C:\Windows\Tasks\357ca3d7-2a8f-4476-8774-d2a8b805956d-4.job','32');
DeleteFile('C:\Windows\Tasks\357ca3d7-2a8f-4476-8774-d2a8b805956d-5.job','32');
DeleteFile('C:\Windows\Tasks\357ca3d7-2a8f-4476-8774-d2a8b805956d-5_user.job','32');
DeleteFile('C:\Program Files\Senses\Senses-codedownloader.exe','32');
DeleteFile('C:\Program Files\Senses\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-11.exe','32');
DeleteFile('C:\Program Files\Senses\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-2.exe','32');
DeleteFile('C:\Program Files\Senses\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-3.exe','32');
DeleteFile('C:\Program Files\Senses\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-4.exe','32');
DeleteFile('C:\Program Files\Senses\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-5.exe','32');
DeleteFile('C:\Windows\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-5_user.job','32');
DeleteFile('C:\Windows\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-5.job','32');
DeleteFile('C:\Windows\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-4.job','32');
DeleteFile('C:\Windows\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-3.job','32');
DeleteFile('C:\Windows\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-2.job','32');
DeleteFile('C:\Windows\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-11.job','32');
DeleteFile('C:\Windows\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-1.job','32');
DeleteFile('C:\Windows\Tasks\AVNUOK.job','32');
DeleteFile('C:\Windows\Tasks\DSite.job','32');
DeleteFile('C:\Users\B9DA~1\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE','32');
DeleteFile('C:\Users\ноутбук\AppData\Roaming\AVNUOK.exe','32');
DeleteFile('C:\Users\ноутбук\AppData\Roaming\NDZRN.exe','32');
DeleteFile('C:\Users\ноутбук\AppData\Roaming\newSI_2149\s_inst.exe','32');
DeleteFile('C:\Windows\Tasks\newSI_2149.job','32');
DeleteFile('C:\Windows\Tasks\NDZRN.job','32');
DeleteFile('C:\Windows\Tasks\newSI_4196.job','32');
DeleteFile('C:\Windows\Tasks\PZ.job','32');
DeleteFile('C:\Windows\Tasks\SXMQIHM.job','32');
DeleteFile('C:\Users\ноутбук\AppData\Roaming\SXMQIHM.exe','32');
DeleteFile('C:\Users\ноутбук\AppData\Roaming\PZ.exe','32');
DeleteFile('C:\Users\ноутбук\AppData\Roaming\newSI_4196\s_inst.exe','32');
DeleteFile('C:\Program Files\BBerry\yAvTnLXM06.exe','32');
DeleteFile('C:\Windows\Tasks\Update Service for BBerry.job','32');
DeleteFile('C:\Windows\Tasks\Update Service for BBerry2.job','32');
DeleteFile('C:\Windows\system32\Tasks\170225a0-8048-4608-9719-56e8042fbbba-1','32');
DeleteFile('C:\Windows\system32\Tasks\170225a0-8048-4608-9719-56e8042fbbba-11','32');
DeleteFile('C:\Windows\system32\Tasks\170225a0-8048-4608-9719-56e8042fbbba-2','32');
DeleteFile('C:\Windows\system32\Tasks\170225a0-8048-4608-9719-56e8042fbbba-4','32');
DeleteFile('C:\Windows\system32\Tasks\170225a0-8048-4608-9719-56e8042fbbba-5','32');
DeleteFile('C:\Windows\system32\Tasks\357ca3d7-2a8f-4476-8774-d2a8b805956d-1','32');
DeleteFile('C:\Windows\system32\Tasks\357ca3d7-2a8f-4476-8774-d2a8b805956d-11','32');
DeleteFile('C:\Windows\system32\Tasks\357ca3d7-2a8f-4476-8774-d2a8b805956d-2','32');
DeleteFile('C:\Windows\system32\Tasks\357ca3d7-2a8f-4476-8774-d2a8b805956d-3','32');
DeleteFile('C:\Windows\system32\Tasks\357ca3d7-2a8f-4476-8774-d2a8b805956d-4','32');
DeleteFile('C:\Windows\system32\Tasks\357ca3d7-2a8f-4476-8774-d2a8b805956d-5','32');
DeleteFile('C:\Windows\system32\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-1','32');
DeleteFile('C:\Windows\system32\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-11','32');
DeleteFile('C:\Windows\system32\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-2','32');
DeleteFile('C:\Windows\system32\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-3','32');
DeleteFile('C:\Windows\system32\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-4','32');
DeleteFile('C:\Windows\system32\Tasks\44dcd776-1ddc-4c08-bcb1-87678c8f5a61-5','32');
DeleteFile('C:\Windows\system32\Tasks\DealPly','32');
DeleteFile('C:\Windows\system32\Tasks\DSite','32');
DeleteFile('C:\Windows\system32\Tasks\Kbupdater Utility','32');
DeleteFile('C:\Windows\system32\Tasks\Kinoroom Browser','32');
DeleteFile('C:\ProgramData\Kbupdater Utility\kbupdater-utility.exe','32');
DeleteFile('C:\Program Files\Kinoroom Browser\kinoroom-browser.exe','32');
DeleteFile('C:\Windows\system32\Tasks\newSI_2149','32');
DeleteFile('C:\Windows\system32\Tasks\newSI_4196','32');
DeleteFile('C:\Windows\system32\Tasks\Optimizer Pro Schedule','32');
DeleteFile('C:\Windows\system32\Tasks\Safebrowser','32');
DeleteFile('C:\Program Files\Optimizer Pro\OptProLauncher.exe','32');
DeleteFile('C:\Users\ноутбук\AppData\Local\Microsoft\Extensions\safebrowser.exe','32');
DeleteFile('C:\Program Files\ShopperPro\ShopperPro.exe','32');
DeleteFile('C:\Program Files\ShopperPro\updater.exe','32');
DeleteFile('C:\Windows\system32\Tasks\ShopperPro','32');
DeleteFile('C:\Windows\system32\Tasks\ShopperProJSUpd','32');
DeleteFile('C:\Windows\system32\Tasks\SPBIW_UpdateTask_Time_333536363038363836352d374a55414134502a576c4a5a','32');
DeleteFile('C:\Windows\system32\Tasks\SPDriver','32');
DeleteFile('C:\Program Files\ShopperPro\JSDriver\1.37.0.1365\jsdrv.exe','32');
DeleteFile('C:\ProgramData\ShopperPro\spbihe.js','32');
DeleteFile('C:\Windows\system32\Tasks\UNELEVATE_17800','32');
DeleteFile('C:\Windows\system32\Tasks\YTAHelper','32');
DeleteFile('C:\Windows\system32\Tasks\YTAUpdate','32');
DeleteFile('C:\Windows\system32\Tasks\YTAUpdate_logon','32');
DeleteFile('C:\Program Files\YTAHelper\YTAHelper.exe','32');
DeleteFile('C:\PROGRA~1\YOUTUB~1\Updater.exe','32');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
ExecuteREpair(9);
RebootWindows(false);
end.
Компьютер перезагрузится.