Код:
begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
QuarantineFile('C:\WINDOWS\system32\CCL.dll','');
QuarantineFile('C:\Users\user\AppData\Roaming\MDRLDAGA.exe','');
QuarantineFile('C:\Program Files (x86)\CinemaPlus-3.2cV08.04\96bc3de7-123b-47c0-a3a0-ffadf969bb28-7.exe','');
QuarantineFile('C:\Program Files (x86)\CinemaPlus-3.2cV08.04\96bc3de7-123b-47c0-a3a0-ffadf969bb28-3.exe','');
QuarantineFile('C:\Program Files (x86)\CinemaPlus-3.2cV08.04\96bc3de7-123b-47c0-a3a0-ffadf969bb28-11.exe','');
QuarantineFile('C:\Program Files (x86)\CinemaPlus-3.2cV08.04\96bc3de7-123b-47c0-a3a0-ffadf969bb28-10.exe','');
QuarantineFile('C:\Users\user\AppData\Local\SmartWeb\SmartWebHelper.exe','');
QuarantineFile('C:\Program Files (x86)\gmsd_ru_198\gmsd_ru_198.exe','');
DeleteService('globalUpdatem');
DeleteService('globalUpdate');
TerminateProcessByName('c:\program files (x86)\jads\jads\versionupdaterservice.exe');
TerminateProcessByName('c:\users\user\appdata\local\6676aa07-1428580116-e311-8450-208984f6aa09\jnskb09d.exe');
QuarantineFile('c:\users\user\appdata\local\6676aa07-1428580116-e311-8450-208984f6aa09\jnskb09d.exe','');
TerminateProcessByName('c:\users\user\appdata\local\6676aa07-1428580116-e311-8450-208984f6aa09\insxd04a.tmp');
QuarantineFile('c:\users\user\appdata\local\6676aa07-1428580116-e311-8450-208984f6aa09\insxd04a.tmp','');
TerminateProcessByName('c:\program files (x86)\jads\jads\injectorserviceproject.exe');
TerminateProcessByName('C:\Program Files (x86)\Jads\Jads\Injector.exe');
TerminateProcessByName('c:\program files (x86)\igs\ccl.exe');
QuarantineFile('c:\program files (x86)\igs\ccl.exe','');
DeleteFile('c:\program files (x86)\igs\ccl.exe','32');
DeleteFile('C:\Program Files (x86)\Jads\Jads\Injector.exe','32');
DeleteFile('c:\program files (x86)\jads\jads\injectorserviceproject.exe','32');
DeleteFile('c:\users\user\appdata\local\6676aa07-1428580116-e311-8450-208984f6aa09\insxd04a.tmp','32');
DeleteFile('c:\users\user\appdata\local\6676aa07-1428580116-e311-8450-208984f6aa09\jnskb09d.exe','32');
DeleteFile('c:\program files (x86)\jads\jads\versionupdaterservice.exe','32');
DeleteFile('C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe','32');
DeleteFile('C:\Program Files (x86)\Mobogenie\DaemonProcess.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','mobilegeni daemon');
DeleteFile('C:\Program Files (x86)\gmsd_ru_198\gmsd_ru_198.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','gmsd_ru_198');
DeleteFile('C:\Users\user\AppData\Local\SmartWeb\SmartWebHelper.exe','32');
DeleteFile('C:\Program Files (x86)\CinemaPlus-3.2cV08.04\96bc3de7-123b-47c0-a3a0-ffadf969bb28-10.exe','32');
DeleteFile('C:\WINDOWS\Tasks\96bc3de7-123b-47c0-a3a0-ffadf969bb28-10_user.job','64');
DeleteFile('C:\WINDOWS\Tasks\96bc3de7-123b-47c0-a3a0-ffadf969bb28-11.job','64');
DeleteFile('C:\Program Files (x86)\CinemaPlus-3.2cV08.04\96bc3de7-123b-47c0-a3a0-ffadf969bb28-11.exe','32');
DeleteFile('C:\Program Files (x86)\CinemaPlus-3.2cV08.04\96bc3de7-123b-47c0-a3a0-ffadf969bb28-3.exe','32');
DeleteFile('C:\WINDOWS\Tasks\96bc3de7-123b-47c0-a3a0-ffadf969bb28-3.job','64');
DeleteFile('C:\Program Files (x86)\CinemaPlus-3.2cV08.04\96bc3de7-123b-47c0-a3a0-ffadf969bb28-7.exe','32');
DeleteFile('C:\WINDOWS\Tasks\96bc3de7-123b-47c0-a3a0-ffadf969bb28-7.job','64');
DeleteFile('C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe','32');
DeleteFile('C:\WINDOWS\Tasks\APSnotifierPP1.job','64');
DeleteFile('C:\WINDOWS\Tasks\APSnotifierPP2.job','64');
DeleteFile('C:\WINDOWS\Tasks\APSnotifierPP3.job','64');
DeleteFile('C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job','64');
DeleteFile('C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job','64');
DeleteFile('C:\WINDOWS\Tasks\MDRLDAGA.job','64');
DeleteFile('C:\Users\user\AppData\Roaming\MDRLDAGA.exe','32');
DeleteFile('C:\WINDOWS\system32\Tasks\96bc3de7-123b-47c0-a3a0-ffadf969bb28-10_user','64');
DeleteFile('C:\WINDOWS\system32\Tasks\96bc3de7-123b-47c0-a3a0-ffadf969bb28-11','64');
DeleteFile('C:\WINDOWS\system32\Tasks\96bc3de7-123b-47c0-a3a0-ffadf969bb28-3','64');
DeleteFile('C:\WINDOWS\system32\Tasks\APSnotifierPP1','64');
DeleteFile('C:\WINDOWS\system32\Tasks\APSnotifierPP2','64');
DeleteFile('C:\WINDOWS\system32\Tasks\APSnotifierPP3','64');
DeleteFile('C:\WINDOWS\system32\Tasks\globalUpdateUpdateTaskMachineUA','64');
DeleteFile('C:\WINDOWS\system32\Tasks\globalUpdateUpdateTaskMachineCore','64');
DeleteFile('C:\WINDOWS\system32\Tasks\MDRLDAGA','64');
DeleteFile('C:\WINDOWS\system32\CCL.dll','32');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
ExecuteREpair(15);
RebootWindows(false);
end.
Компьютер перезагрузится.