Код:
begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '2201', 3);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1001', 1);
QuarantineFile('C:\Users\ALDL\AppData\Roaming\oursurfing\UninstallManager.exe','');
QuarantineFile('C:\PROGRA~1\COMMON~1\System\SysMenu.dll','');
QuarantineFile('C:\Users\ALDL\AppData\Roaming\UPQxKWyh3NFoLqyzvTysDOA.exe','');
QuarantineFile('C:\Users\ALDL\AppData\Roaming\ZHeRK12DeJxXIsmhbFeHbol.exe','');
QuarantineFile('C:\Users\ALDL\AppData\Local\Temp\3fd8c.exe','');
QuarantineFile('C:\Users\ALDL\AppData\Roaming\GNOK.exe','');
QuarantineFile('C:\Users\ALDL\AppData\Roaming\EdKR2MUFVfBGU0pIF.exe','');
QuarantineFile('C:\Users\ALDL\AppData\Roaming\BYAIAMUF.exe','');
QuarantineFile('C:\Users\ALDL\AppData\Roaming\66UdiJbtUoJbvTVF.exe','');
QuarantineFile('C:\Users\ALDL\AppData\Roaming\9veaxrwwB62qlwr6.exe','');
QuarantineFile('C:\Users\ALDL\AppData\Roaming\0tkQzeCKM85Bn.exe','');
QuarantineFile('c:\progra~2\dxpwayomo.exe','');
QuarantineFile('C:\Program Files\ShopperPro\JSDriver\1.42.1.1870\jsdrv.exe','');
SetServiceStart('{848705a5-8a27-403e-9b59-732d0608bcbc}Gw', 4);
DeleteService('{848705a5-8a27-403e-9b59-732d0608bcbc}Gw');
DeleteService('Update Air Globe');
DeleteService('mufivoce');
DeleteService('gykoruqo');
DeleteService('globalUpdatem');
DeleteService('globalUpdate');
SetServiceStart('lozycegu', 4);
DeleteService('lozycegu');
QuarantineFile('C:\Users\ALDL\AppData\Roaming\8158FD20-1432238029-CB11-A0FC-B045899FB0FF\nspA696.tmp','');
QuarantineFile('C:\Program Files\Air Globe\updateAirGlobe.exe','');
QuarantineFile('C:\Users\ALDL\AppData\Roaming\8158FD20-1432238029-CB11-A0FC-B045899FB0FF\jnsjD04C.tmp','');
QuarantineFile('C:\Users\ALDL\AppData\Roaming\8158FD20-1432238029-CB11-A0FC-B045899FB0FF\hnskE729.tmp','');
QuarantineFile('C:\Program Files\globalUpdate\Update\globalupdate.exe','');
QuarantineFile('C:\Windows\system32\drivers\{848705a5-8a27-403e-9b59-732d0608bcbc}Gw.sys','');
TerminateProcessByName('c:\users\aldl\appdata\roaming\8158fd20-1432238029-cb11-a0fc-b045899fb0ff\nspa696.tmp');
QuarantineFile('c:\users\aldl\appdata\roaming\8158fd20-1432238029-cb11-a0fc-b045899fb0ff\nspa696.tmp','');
DeleteFile('c:\users\aldl\appdata\roaming\8158fd20-1432238029-cb11-a0fc-b045899fb0ff\nspa696.tmp','32');
DeleteFile('C:\Windows\system32\drivers\{848705a5-8a27-403e-9b59-732d0608bcbc}Gw.sys','32');
DeleteFile('C:\Program Files\globalUpdate\Update\globalupdate.exe','32');
DeleteFile('C:\Users\ALDL\AppData\Roaming\8158FD20-1432238029-CB11-A0FC-B045899FB0FF\hnskE729.tmp','32');
DeleteFile('C:\Users\ALDL\AppData\Roaming\8158FD20-1432238029-CB11-A0FC-B045899FB0FF\jnsjD04C.tmp','32');
DeleteFile('C:\Program Files\Air Globe\updateAirGlobe.exe','32');
DeleteFile('C:\Users\ALDL\AppData\Roaming\8158FD20-1432238029-CB11-A0FC-B045899FB0FF\nspA696.tmp','32');
DeleteFile('C:\Program Files\ShopperPro\JSDriver\1.42.1.1870\jsdrv.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','SPDriver');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','SPDriver');
DeleteFile('c:\progra~2\dxpwayomo.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run','60217');
DeleteFile('C:\Users\ALDL\AppData\Roaming\0tkQzeCKM85Bn.exe','32');
DeleteFile('C:\Windows\Tasks\0tkQzeCKM85Bn.job','32');
DeleteFile('C:\Windows\Tasks\66UdiJbtUoJbvTVF.job','32');
DeleteFile('C:\Windows\Tasks\9veaxrwwB62qlwr6.job','32');
DeleteFile('C:\Users\ALDL\AppData\Roaming\9veaxrwwB62qlwr6.exe','32');
DeleteFile('C:\Users\ALDL\AppData\Roaming\66UdiJbtUoJbvTVF.exe','32');
DeleteFile('C:\Windows\Tasks\APSnotifierPP1.job','32');
DeleteFile('C:\Windows\Tasks\APSnotifierPP2.job','32');
DeleteFile('C:\Windows\Tasks\APSnotifierPP3.job','32');
DeleteFile('C:\Program Files\AnyProtectEx\AnyProtect.exe','32');
DeleteFile('C:\Windows\Tasks\BYAIAMUF.job','32');
DeleteFile('C:\Windows\Tasks\EdKR2MUFVfBGU0pIF.job','32');
DeleteFile('C:\Users\ALDL\AppData\Roaming\BYAIAMUF.exe','32');
DeleteFile('C:\Users\ALDL\AppData\Roaming\EdKR2MUFVfBGU0pIF.exe','32');
DeleteFile('C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job','32');
DeleteFile('C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job','32');
DeleteFile('C:\Windows\Tasks\GNOK.job','32');
DeleteFile('C:\Users\ALDL\AppData\Roaming\GNOK.exe','32');
DeleteFile('C:\Windows\Tasks\sw2upj2en.job','32');
DeleteFile('C:\Users\ALDL\AppData\Local\Temp\3fd8c.exe','32');
DeleteFile('C:\Windows\Tasks\UPQxKWyh3NFoLqyzvTysDOA.job','32');
DeleteFile('C:\Windows\Tasks\ZHeRK12DeJxXIsmhbFeHbol.job','32');
DeleteFile('C:\Users\ALDL\AppData\Roaming\ZHeRK12DeJxXIsmhbFeHbol.exe','32');
DeleteFile('C:\Users\ALDL\AppData\Roaming\UPQxKWyh3NFoLqyzvTysDOA.exe','32');
DeleteFile('C:\Windows\system32\Tasks\APSnotifierPP1','32');
DeleteFile('C:\Windows\system32\Tasks\APSnotifierPP2','32');
DeleteFile('C:\Windows\system32\Tasks\APSnotifierPP3','32');
DeleteFile('C:\Windows\system32\Tasks\globalUpdateUpdateTaskMachineCore','32');
DeleteFile('C:\Windows\system32\Tasks\globalUpdateUpdateTaskMachineUA','32');
DeleteFile('C:\Windows\system32\Tasks\Microsoft\Windows\Maintenance\SMupdate2','32');
DeleteFile('C:\PROGRA~1\COMMON~1\System\SysMenu.dll','32');
DeleteFile('C:\Windows\system32\Tasks\Microsoft\Windows\Multimedia\SMupdate3','32');
DeleteFile('C:\Windows\system32\Tasks\SMupdate1','32');
DeleteFile('C:\Windows\system32\Tasks\SPDriver','32');
DeleteFile('C:\Windows\system32\Tasks\sw2upj2en','32');
DeleteFile('C:\Windows\system32\Tasks\{3E30E63C-BEE7-4358-A3AD-8C586DCD0D6B}','32');
DeleteFile('C:\Users\ALDL\AppData\Roaming\oursurfing\UninstallManager.exe','32');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(false);
end.
Компьютер перезагрузится.