Код:
begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
QuarantineFile('c:\program files\miuitab\cmdshell.exe','');
TerminateProcessByName('c:\program files\miuitab\cmdshell.exe');
TerminateProcessByName('c:\program files\miuitab\hpnotify.exe');
QuarantineFile('c:\program files\miuitab\hpnotify.exe','');
TerminateProcessByName('c:\users\smart servis\appdata\roaming\00000000-1431450319-0000-0000-001a4d5c572c\jnsidbb.tmp');
QuarantineFile('c:\users\smart servis\appdata\roaming\00000000-1431450319-0000-0000-001a4d5c572c\jnsidbb.tmp','');
QuarantineFile('c:\users\smart servis\appdata\roaming\00000000-1431450319-0000-0000-001a4d5c572c\knsefd9d.tmp','');
TerminateProcessByName('c:\users\smart servis\appdata\roaming\00000000-1431450319-0000-0000-001a4d5c572c\knsefd9d.tmp');
TerminateProcessByName('c:\users\smart servis\appdata\local\kometa\kometaup.exe');
QuarantineFile('c:\users\smart servis\appdata\local\kometa\kometaup.exe','');
TerminateProcessByName('c:\program files\miuitab\protectservice.exe');
QuarantineFile('c:\program files\miuitab\protectservice.exe','');
QuarantineFile('c:\program files\reimage\reimage protector\reiguard.exe','');
QuarantineFile('c:\program files\reimage\reimage protector\reisystem.exe','');
TerminateProcessByName('c:\program files\reimage\reimage protector\reisystem.exe');
TerminateProcessByName('c:\users\smart servis\appdata\local\smartweb\smartwebapp.exe');
TerminateProcessByName('c:\users\smart servis\appdata\local\smartweb\smartwebhelper.exe');
QuarantineFile('C:\Program Files\MiuiTab\BrowerWatchCH.dll','');
QuarantineFile('C:\Program Files\MiuiTab\BrowerWatchFF.dll','');
QuarantineFile('C:\Program Files\MiuiTab\IeWatchDog.dll','');
QuarantineFile('C:\Users\Smart Servis\AppData\Local\SmartWeb\swhk.dll','');
QuarantineFile('C:\Program Files\MiuiTab\ProtectService.exe','');
QuarantineFile('C:\Users\Smart Servis\AppData\Roaming\00000000-1431450319-0000-0000-001A4D5C572C\jnsiDBB.tmp','');
QuarantineFile('C:\Users\Smart Servis\AppData\Roaming\00000000-1431450319-0000-0000-001A4D5C572C\knseFD9D.tmp','');
SetServiceStart('widimisi', 4);
DeleteService('widimisi');
DeleteService('ReimageRealTimeProtector');
SetServiceStart('qozyzuwu', 4);
SetServiceStart('IHProtect Service', 4);
DeleteService('IHProtect Service');
SetServiceStart('{58aaf827-6246-4d80-8213-f02005f6345c}w', 4);
DeleteService('{58aaf827-6246-4d80-8213-f02005f6345c}w');
QuarantineFile('C:\Windows\system32\drivers\{58aaf827-6246-4d80-8213-f02005f6345c}w.sys','');
QuarantineFile('C:\Windows\system32\drivers\innfd_1_10_0_14.sys','');
DeleteService('innfd_1_10_0_14');
QuarantineFile('C:\Program Files\YTDownloader\YTDownloader.exe','');
QuarantineFile('C:\Users\Smart Servis\AppData\Local\SmartWeb\SmartWebHelper.exe','');
QuarantineFile('C:\Users\Smart Servis\AppData\Local\Yandex\browser.bat','');
QuarantineFile('C:\Users\Smart Servis\AppData\Roaming\BabSolution\Shared\enhancedNT.dll','');
QuarantineFile('C:\iexplore.bat','');
DelBHO('{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}');
QuarantineFile('C:\Users\Smart Servis\AppData\Roaming\A55kZSqtMO0m1iE.exe','');
QuarantineFile('C:\Users\SMARTS~1\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe','');
QuarantineFile('C:\Users\SMARTS~1\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE','');
QuarantineFile('C:\Users\Smart Servis\AppData\Roaming\OXWholh4gl6j6KTXvJ48lIkK1yM.exe','');
QuarantineFile('C:\Program Files\RegTask\RegTask.exe','');
QuarantineFile('C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe','');
QuarantineFile('C:\Users\Smart Servis\AppData\Local\ShdUpdate\shupd.exe','');
QuarantineFile('C:\PROGRA~2\COMMON~1\System\SysMenu.dll','');
QuarantineFile('C:\Users\Smart Servis\AppData\Local\Host installer\2627005702_monster.exe','');
QuarantineFile('C:\Users\Smart Servis\AppData\Roaming\StPrsSW\stprss.exe','');
QuarantineFile('c:\users\smart servis\appdata\roaming\babsolution\shared\enhancednt.dll','');
QuarantineFile('C:\Users\Smart Servis\appdata\local\kometa\kometaup.exe','');
QuarantineFile('C:\Users\Smart Servis\appdata\local\microsoft\start menu\вoйти в интeрнeт.exe','');
QuarantineFile('C:\Users\Smart Servis\appdata\local\smartweb\smartwebapp.exe','');
QuarantineFile('C:\Users\Smart Servis\appdata\local\smartweb\smartwebhelper.exe','');
QuarantineFile('C:\Users\Smart Servis\appdata\local\smartweb\swhk.dll','');
QuarantineFile('C:\Users\Smart Servis\appdata\local\smartweb\__u.exe','');
QuarantineFile('C:\Program Files\anyprotectex\anyprotect.exe','');
QuarantineFile('C:\Program Files\miuitab\browerwatchch.dll','');
QuarantineFile('C:\Program Files\miuitab\cmdshell.exe','');
QuarantineFile('C:\Program Files\miuitab\hpnotify.exe','');
QuarantineFile('C:\Program Files\miuitab\iewatchdog.dll','');
QuarantineFile('C:\Program Files\miuitab\protectservice.exe','');
QuarantineFile('C:\Program Files\miuitab\suptab.dll','');
QuarantineFile('C:\Users\Smart Servis\AppData\Local\Kometa\kometaup.exe','');
QuarantineFile('C:\ProgramData\Program status\scheck.exe','');
DeleteFile('C:\Users\Smart Servis\AppData\Local\SmartWeb\SmartWebHelper.exe','32');
DeleteFile('C:\ProgramData\Program status\scheck.exe','32');
DeleteFile('C:\Users\Smart Servis\AppData\Local\Kometa\kometaup.exe','32');
DeleteFile('C:\Program Files\miuitab\suptab.dll','32');
DeleteFile('C:\Program Files\miuitab\protectservice.exe','32');
DeleteFile('C:\Program Files\miuitab\iewatchdog.dll','32');
DeleteFile('C:\Program Files\miuitab\hpnotify.exe','32');
DeleteFile('C:\Program Files\miuitab\cmdshell.exe','32');
DeleteFile('C:\Program Files\miuitab\browerwatchch.dll','32');
DeleteFile('C:\Program Files\anyprotectex\anyprotect.exe','32');
DeleteFile('C:\Users\Smart Servis\appdata\local\smartweb\__u.exe','32');
DeleteFile('C:\Users\Smart Servis\appdata\local\smartweb\swhk.dll','32');
DeleteFile('C:\Users\Smart Servis\appdata\local\smartweb\smartwebhelper.exe','32');
DeleteFile('C:\Users\Smart Servis\appdata\local\smartweb\smartwebapp.exe','32');
DeleteFile('C:\Users\Smart Servis\appdata\local\microsoft\start menu\вoйти в интeрнeт.exe','32');
DeleteFile('C:\Users\Smart Servis\appdata\local\kometa\kometaup.exe','32');
DeleteFile('c:\users\smart servis\appdata\roaming\babsolution\shared\enhancednt.dll','32');
DeleteFile('C:\Users\Smart Servis\AppData\Roaming\istartsurf\UninstallManager.exe','32');
DeleteFile('C:\Windows\system32\Tasks\{C832EE1E-DED2-4431-881C-E67B46CE2064}','32');
DeleteFile('C:\Users\Smart Servis\AppData\Roaming\mystartsearch\UninstallManager.exe','32');
DeleteFile('C:\Users\Smart Servis\AppData\Roaming\oursurfing\UninstallManager.exe','32');
DeleteFile('C:\Windows\system32\Tasks\{AAF56B71-52A2-4E70-B012-8F523BF5BD32}','32');
DeleteFile('C:\Windows\system32\Tasks\{AEEEB12E-53C8-4E96-A083-CD897AF12E0E}','32');
DeleteFile('C:\Users\Smart Servis\AppData\Local\Host installer\2627005702_monster.exe','32');
DeleteFile('C:\Windows\system32\Tasks\Soft installer','32');
DeleteFile('C:\Windows\system32\Tasks\SMupdate1','32');
DeleteFile('C:\PROGRA~2\COMMON~1\System\SysMenu.dll','32');
DeleteFile('C:\Windows\system32\Tasks\SmartWeb Upgrade Trigger Task','32');
DeleteFile('C:\Windows\system32\Tasks\ReimageUpdater','32');
DeleteFile('C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe','32');
DeleteFile('C:\Windows\system32\Tasks\OXWholh4gl6j6KTXvJ48lIkK1yM','32');
DeleteFile('C:\Users\Smart Servis\AppData\Roaming\OXWholh4gl6j6KTXvJ48lIkK1yM.exe','32');
DeleteFile('C:\Windows\system32\Tasks\Microsoft\Windows\Multimedia\SMupdate3','32');
DeleteFile('C:\Windows\system32\Tasks\Microsoft\Windows\Maintenance\SMupdate2','32');
DeleteFile('C:\Windows\system32\Tasks\EPUpdater','32');
DeleteFile('C:\Windows\system32\Tasks\DSite','32');
DeleteFile('C:\Users\SMARTS~1\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE','32');
DeleteFile('C:\Users\SMARTS~1\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe','32');
DeleteFile('C:\Windows\system32\Tasks\APSnotifierPP3','32');
DeleteFile('C:\Program Files\AnyProtectEx\AnyProtect.exe','32');
DeleteFile('C:\Windows\system32\Tasks\APSnotifierPP2','32');
DeleteFile('C:\Windows\system32\Tasks\APSnotifierPP1','32');
DeleteFile('C:\Windows\system32\Tasks\A55kZSqtMO0m1iE','32');
DeleteFile('C:\Users\Smart Servis\AppData\Roaming\A55kZSqtMO0m1iE.exe','32');
DeleteFile('C:\Windows\Tasks\OXWholh4gl6j6KTXvJ48lIkK1yM.job','32');
DeleteFile('C:\Windows\Tasks\APSnotifierPP3.job','32');
DeleteFile('C:\Windows\Tasks\APSnotifierPP2.job','32');
DeleteFile('C:\Windows\Tasks\APSnotifierPP1.job','32');
DeleteFile('C:\Windows\Tasks\A55kZSqtMO0m1iE.job','32');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','hemdauvpnr');
DeleteFile('C:\iexplore.bat','32');
DeleteFile('C:\Users\Smart Servis\AppData\Roaming\BabSolution\Shared\enhancedNT.dll','32');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','NTRedirect');
DeleteFile('C:\Users\Smart Servis\AppData\Local\Yandex\browser.bat','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','SmartWeb');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','MediaGet2');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','MailRuUpdater');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','kometaup');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','sCloudStatusCheck');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','YTDownloader');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','YTDownloader');
DeleteFile('C:\Program Files\YTDownloader\YTDownloader.exe','32');
DeleteFile('C:\Windows\system32\drivers\innfd_1_10_0_14.sys','32');
DeleteFile('C:\Windows\system32\drivers\{58aaf827-6246-4d80-8213-f02005f6345c}w.sys','32');
DeleteFile('C:\Users\Smart Servis\AppData\Roaming\00000000-1431450319-0000-0000-001A4D5C572C\knseFD9D.tmp','32');
DeleteFile('C:\Users\Smart Servis\AppData\Roaming\00000000-1431450319-0000-0000-001A4D5C572C\jnsiDBB.tmp','32');
DeleteFile('C:\Program Files\MiuiTab\ProtectService.exe','32');
DeleteFile('C:\Users\Smart Servis\AppData\Local\SmartWeb\swhk.dll','32');
DeleteFile('C:\Program Files\MiuiTab\IeWatchDog.dll','32');
DeleteFile('C:\Program Files\MiuiTab\BrowerWatchFF.dll','32');
DeleteFile('C:\Program Files\MiuiTab\BrowerWatchCH.dll','32');
DeleteFile('c:\program files\reimage\reimage protector\reisystem.exe','32');
DeleteFile('c:\program files\reimage\reimage protector\reiguard.exe','32');
DeleteFile('c:\program files\miuitab\protectservice.exe','32');
DeleteFile('c:\users\smart servis\appdata\local\kometa\kometaup.exe','32');
DeleteFile('c:\users\smart servis\appdata\roaming\00000000-1431450319-0000-0000-001a4d5c572c\knsefd9d.tmp','32');
DeleteFile('c:\users\smart servis\appdata\roaming\00000000-1431450319-0000-0000-001a4d5c572c\jnsidbb.tmp','32');
DeleteFile('c:\program files\miuitab\hpnotify.exe','32');
DeleteFile('c:\program files\miuitab\cmdshell.exe','32');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(false);
end.
Компьютер перезагрузится.