Код:
begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
QuarantineFile('C:\Program Files (x86)\App Lid\db1b01cd-b900-40fa-bb72-21f478b51a76-5.exe','');
QuarantineFile('C:\Program Files (x86)\App Lid\db1b01cd-b900-40fa-bb72-21f478b51a76-4.exe','');
QuarantineFile('C:\Program Files (x86)\App Lid\db1b01cd-b900-40fa-bb72-21f478b51a76-11.exe','');
QuarantineFile('C:\Program Files (x86)\App Lid\db1b01cd-b900-40fa-bb72-21f478b51a76-10.exe','');
QuarantineFile('C:\Program Files (x86)\App Lid\db1b01cd-b900-40fa-bb72-21f478b51a76-1-7.exe','');
QuarantineFile('C:\Program Files (x86)\App Lid\db1b01cd-b900-40fa-bb72-21f478b51a76-1-6.exe','');
QuarantineFile('C:\Users\Genius\AppData\Roaming\Browsers\exe.erolpxei.bat','');
QuarantineFile('C:\Users\Genius\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe','');
QuarantineFile('C:\Users\Genius\AppData\Local\SmartWeb\SmartWebHelper.exe','');
QuarantineFile('C:\Users\Genius\AppData\Local\Kometa\Application\kometa.exe','');
QuarantineFile('C:\Users\Genius\AppData\Local\14DED605-1427928360-A807-95BB-AC9E170BBF0C\bnsxE350.exe','');
QuarantineFile('C:\Windows\system32\drivers\qrnfd_1_10_0_12.sys','');
DeleteService('qrnfd_1_10_0_12');
QuarantineFile('C:\Users\Genius\AppData\Local\14DED605-1427928498-A807-95BB-AC9E170BBF0C\cnsfFF5B.tmp','');
DeleteService('jujyguwy');
QuarantineFile('C:\Users\Genius\AppData\Local\14DED605-1427929107-A807-95BB-AC9E170BBF0C\insc4A23.tmp','');
QuarantineFile('C:\Users\Genius\AppData\Roaming\14DED605-1427913913-A807-95BB-AC9E170BBF0C\jnsg6C29.tmp','');
QuarantineFile('C:\Users\Genius\AppData\Roaming\14DED605-1427913913-A807-95BB-AC9E170BBF0C\nss3DDF.tmpfs','');
QuarantineFile('C:\Users\Genius\AppData\Local\14DED605-1427928512-A807-95BB-AC9E170BBF0C\snsb350F.tmp','');
QuarantineFile('C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe','');
DeleteService('WindowsMangerProtect');
DeleteService('vydojico');
DeleteService('sygydese');
DeleteService('sutyjipe');
DeleteService('puroquby');
DeleteFile('C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe','32');
DeleteFile('C:\Users\Genius\AppData\Local\14DED605-1427928512-A807-95BB-AC9E170BBF0C\snsb350F.tmp','32');
DeleteFile('C:\Users\Genius\AppData\Roaming\14DED605-1427913913-A807-95BB-AC9E170BBF0C\nss3DDF.tmpfs','32');
DeleteFile('C:\Users\Genius\AppData\Roaming\14DED605-1427913913-A807-95BB-AC9E170BBF0C\jnsg6C29.tmp','32');
DeleteFile('C:\Users\Genius\AppData\Local\14DED605-1427929107-A807-95BB-AC9E170BBF0C\insc4A23.tmp','32');
DeleteFile('C:\Users\Genius\AppData\Local\14DED605-1427928498-A807-95BB-AC9E170BBF0C\cnsfFF5B.tmp','32');
DeleteFile('C:\Windows\system32\drivers\qrnfd_1_10_0_12.sys','32');
DeleteFile('C:\Users\Genius\AppData\Local\14DED605-1427928360-A807-95BB-AC9E170BBF0C\bnsxE350.exe','32');
DeleteFile('C:\Users\Genius\AppData\Local\Kometa\Application\kometa.exe','32');
DeleteFile('C:\Users\Genius\AppData\Local\SmartWeb\SmartWebHelper.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','WinCheck');
DeleteFile('C:\Users\Genius\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe','32');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','AppsHat');
DeleteFile('C:\Users\Genius\AppData\Roaming\Browsers\exe.erolpxei.bat','32');
DeleteFile('C:\Program Files (x86)\App Lid\db1b01cd-b900-40fa-bb72-21f478b51a76-1-6.exe','32');
DeleteFile('C:\Windows\Tasks\db1b01cd-b900-40fa-bb72-21f478b51a76-1-6.job','64');
DeleteFile('C:\Windows\Tasks\db1b01cd-b900-40fa-bb72-21f478b51a76-1-7.job','64');
DeleteFile('C:\Program Files (x86)\App Lid\db1b01cd-b900-40fa-bb72-21f478b51a76-1-7.exe','32');
DeleteFile('C:\Program Files (x86)\App Lid\db1b01cd-b900-40fa-bb72-21f478b51a76-10.exe','32');
DeleteFile('C:\Windows\Tasks\db1b01cd-b900-40fa-bb72-21f478b51a76-10_user.job','64');
DeleteFile('C:\Program Files (x86)\App Lid\db1b01cd-b900-40fa-bb72-21f478b51a76-11.exe','32');
DeleteFile('C:\Windows\Tasks\db1b01cd-b900-40fa-bb72-21f478b51a76-11.job','64');
DeleteFile('C:\Windows\Tasks\db1b01cd-b900-40fa-bb72-21f478b51a76-4.job','64');
DeleteFile('C:\Program Files (x86)\App Lid\db1b01cd-b900-40fa-bb72-21f478b51a76-4.exe','32');
DeleteFile('C:\Windows\Tasks\db1b01cd-b900-40fa-bb72-21f478b51a76-5.job','64');
DeleteFile('C:\Windows\Tasks\db1b01cd-b900-40fa-bb72-21f478b51a76-5_user.job','64');
DeleteFile('C:\Program Files (x86)\App Lid\db1b01cd-b900-40fa-bb72-21f478b51a76-5.exe','32');
DeleteFile('C:\Windows\system32\Tasks\db1b01cd-b900-40fa-bb72-21f478b51a76-1-6','64');
DeleteFile('C:\Windows\system32\Tasks\db1b01cd-b900-40fa-bb72-21f478b51a76-1-7','64');
DeleteFile('C:\Windows\system32\Tasks\db1b01cd-b900-40fa-bb72-21f478b51a76-10_user','64');
DeleteFile('C:\Windows\system32\Tasks\db1b01cd-b900-40fa-bb72-21f478b51a76-11','64');
DeleteFile('C:\Windows\system32\Tasks\db1b01cd-b900-40fa-bb72-21f478b51a76-4','64');
DeleteFile('C:\Windows\system32\Tasks\db1b01cd-b900-40fa-bb72-21f478b51a76-5','64');
DeleteFile('C:\Windows\system32\Tasks\db1b01cd-b900-40fa-bb72-21f478b51a76-5_user','64');
DeleteFile('C:\Windows\system32\Tasks\SmartWeb Upgrade Trigger Task','64');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(false);
end.
Компьютер перезагрузится.