Код:
begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
QuarantineFile('C:\Documents and Settings\Application Data\WUTHPZ.exe','');
QuarantineFile('C:\Documents and Settings\Application Data\RMJPES.exe','');
QuarantineFile('C:\Program Files\Cinema Plus Pro 3.2cV29.03\ddfbb344-2123-4a91-b89a-28f72e069b86-7.exe','');
QuarantineFile('C:\Program Files\Cinema Plus Pro 3.2cV29.03\ddfbb344-2123-4a91-b89a-28f72e069b86-6.exe','');
QuarantineFile('C:\Program Files\Cinema Plus Pro 3.2cV29.03\ddfbb344-2123-4a91-b89a-28f72e069b86-5.exe','');
QuarantineFile('C:\Program Files\Cinema Plus Pro 3.2cV29.03\ddfbb344-2123-4a91-b89a-28f72e069b86-3.exe','');
QuarantineFile('C:\Program Files\Cinema Plus Pro 3.2cV29.03\ddfbb344-2123-4a91-b89a-28f72e069b86-11.exe','');
QuarantineFile('C:\Program Files\Cinema Plus Pro 3.2cV29.03\ddfbb344-2123-4a91-b89a-28f72e069b86-1-6.exe','');
QuarantineFile('C:\Program Files\Cinema Plus Pro 3.2cV29.03\ddfbb344-2123-4a91-b89a-28f72e069b86-1-7.exe','');
QuarantineFile('C:\Program Files\Cinema Plus Pro 3.2cV29.03\ddfbb344-2123-4a91-b89a-28f72e069b86-10.exe','');
QuarantineFile('C:\Program Files\ver5BlockAndSurf\R0BlockAndSurfQ33.exe','');
QuarantineFile('C:\Program Files\Cinema Plus Pro 3.2cV24.03\6a1342ee-b38d-4d50-a2aa-31d99af81a13-7.exe','');
QuarantineFile('C:\Program Files\Cinema Plus Pro 3.2cV24.03\6a1342ee-b38d-4d50-a2aa-31d99af81a13-6.exe','');
QuarantineFile('C:\Program Files\Cinema Plus Pro 3.2cV24.03\6a1342ee-b38d-4d50-a2aa-31d99af81a13-5.exe','');
QuarantineFile('C:\Program Files\Cinema Plus Pro 3.2cV24.03\6a1342ee-b38d-4d50-a2aa-31d99af81a13-3.exe','');
QuarantineFile('C:\Program Files\Cinema Plus Pro 3.2cV24.03\6a1342ee-b38d-4d50-a2aa-31d99af81a13-11.exe','');
QuarantineFile('C:\Program Files\Cinema Plus Pro 3.2cV24.03\6a1342ee-b38d-4d50-a2aa-31d99af81a13-10.exe','');
QuarantineFile('C:\Program Files\Cinema Plus Pro 3.2cV24.03\6a1342ee-b38d-4d50-a2aa-31d99af81a13-1-7.exe','');
QuarantineFile('C:\Program Files\Cinema Plus Pro 3.2cV24.03\6a1342ee-b38d-4d50-a2aa-31d99af81a13-1-6.exe','');
QuarantineFile('C:\Documents and Settings\Эльдар\Local Settings\Application Data\SmartWeb\SmartWebHelper.exe','');
QuarantineFile('c:\docume~1\alluse~1\applic~1\browse~1\25976~1.107\{c16c1~1\mngr.dll','');
QuarantineFile('C:\Documents and Settings\Эльдар\Local Settings\Application Data\Hostinstaller\2022912930_installcube.exe','');
DeleteService('qrnfd_1_10_0_9');
QuarantineFile('C:\windows\system32\drivers\qrnfd_1_10_0_9.sys','');
DeleteService('globalUpdate');
DeleteService('globalUpdatem');
DeleteService('qrsvc_1.10.0.9');
QuarantineFile('C:\Program Files\QuickRef_1.10.0.9\Service\qrsvc.exe','');
QuarantineFile('C:\Program Files\globalUpdate\Update\GoogleUpdate.exe','');
QuarantineFile('C:\Documents and Settings\All Users\Application Data\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe','');
SetServiceStart('Browser Manager', 4);
DeleteService('Browser Manager');
SetServiceStart('WindowsMangerProtect', 4);
DeleteService('WindowsMangerProtect');
SetServiceStart('BasementDuster', 4);
QuarantineFile('C:\Program Files\IGS\BasementDuster.exe','');
DeleteService('BasementDuster');
QuarantineFile('c:\documents and settings\all users\application data\tmp0x0x\protectwindowsmanager.exe','');
DeleteFile('c:\documents and settings\all users\application data\tmp0x0x\protectwindowsmanager.exe','32');
DeleteFile('C:\Documents and Settings\Эльдар\Local Settings\Application Data\Mail.Ru\Sputnik\IESearchPlugin.dll','32');
DeleteFile('C:\Program Files\IGS\BasementDuster.exe','32');
DeleteFile('C:\Documents and Settings\All Users\Application Data\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe','32');
DeleteFile('C:\Program Files\globalUpdate\Update\GoogleUpdate.exe','32');
DeleteFile('C:\Program Files\QuickRef_1.10.0.9\Service\qrsvc.exe','32');
DeleteFile('C:\windows\system32\drivers\qrnfd_1_10_0_9.sys','32');
DeleteFile('C:\Documents and Settings\Эльдар\Local Settings\Application Data\Hostinstaller\2022912930_installcube.exe','32');
DeleteFile('c:\docume~1\alluse~1\applic~1\browse~1\25976~1.107\{c16c1~1\mngr.dll','32');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','Soft installer');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','mobilegeni daemon');
DeleteFile('C:\Documents and Settings\Эльдар\Local Settings\Application Data\SmartWeb\SmartWebHelper.exe','32');
DeleteFile('C:\Program Files\Cinema Plus Pro 3.2cV24.03\6a1342ee-b38d-4d50-a2aa-31d99af81a13-1-6.exe','32');
DeleteFile('C:\Program Files\Cinema Plus Pro 3.2cV24.03\6a1342ee-b38d-4d50-a2aa-31d99af81a13-1-7.exe','32');
DeleteFile('C:\Program Files\Cinema Plus Pro 3.2cV24.03\6a1342ee-b38d-4d50-a2aa-31d99af81a13-10.exe','32');
DeleteFile('C:\Program Files\Cinema Plus Pro 3.2cV24.03\6a1342ee-b38d-4d50-a2aa-31d99af81a13-11.exe','32');
DeleteFile('C:\Program Files\Cinema Plus Pro 3.2cV24.03\6a1342ee-b38d-4d50-a2aa-31d99af81a13-3.exe','32');
DeleteFile('C:\Program Files\Cinema Plus Pro 3.2cV24.03\6a1342ee-b38d-4d50-a2aa-31d99af81a13-5.exe','32');
DeleteFile('C:\Program Files\Cinema Plus Pro 3.2cV24.03\6a1342ee-b38d-4d50-a2aa-31d99af81a13-6.exe','32');
DeleteFile('C:\Program Files\Cinema Plus Pro 3.2cV24.03\6a1342ee-b38d-4d50-a2aa-31d99af81a13-7.exe','32');
DeleteFile('C:\windows\Tasks\6a1342ee-b38d-4d50-a2aa-31d99af81a13-7.job','32');
DeleteFile('C:\windows\Tasks\6a1342ee-b38d-4d50-a2aa-31d99af81a13-6.job','32');
DeleteFile('C:\windows\Tasks\6a1342ee-b38d-4d50-a2aa-31d99af81a13-5.job','32');
DeleteFile('C:\windows\Tasks\6a1342ee-b38d-4d50-a2aa-31d99af81a13-3.job','32');
DeleteFile('C:\windows\Tasks\6a1342ee-b38d-4d50-a2aa-31d99af81a13-11.job','32');
DeleteFile('C:\windows\Tasks\6a1342ee-b38d-4d50-a2aa-31d99af81a13-10_user.job','32');
DeleteFile('C:\windows\Tasks\6a1342ee-b38d-4d50-a2aa-31d99af81a13-1-7.job','32');
DeleteFile('C:\windows\Tasks\6a1342ee-b38d-4d50-a2aa-31d99af81a13-1-6.job','32');
DeleteFile('C:\Program Files\ver5BlockAndSurf\R0BlockAndSurfQ33.exe','32');
DeleteFile('C:\windows\Tasks\BlockAndSurf Update.job','32');
DeleteFile('C:\windows\Tasks\ddfbb344-2123-4a91-b89a-28f72e069b86-1-6.job','32');
DeleteFile('C:\windows\Tasks\ddfbb344-2123-4a91-b89a-28f72e069b86-1-7.job','32');
DeleteFile('C:\windows\Tasks\ddfbb344-2123-4a91-b89a-28f72e069b86-10_user.job','32');
DeleteFile('C:\Program Files\Cinema Plus Pro 3.2cV29.03\ddfbb344-2123-4a91-b89a-28f72e069b86-10.exe','32');
DeleteFile('C:\Program Files\Cinema Plus Pro 3.2cV29.03\ddfbb344-2123-4a91-b89a-28f72e069b86-1-7.exe','32');
DeleteFile('C:\Program Files\Cinema Plus Pro 3.2cV29.03\ddfbb344-2123-4a91-b89a-28f72e069b86-1-6.exe','32');
DeleteFile('C:\Program Files\Cinema Plus Pro 3.2cV29.03\ddfbb344-2123-4a91-b89a-28f72e069b86-11.exe','32');
DeleteFile('C:\Program Files\Cinema Plus Pro 3.2cV29.03\ddfbb344-2123-4a91-b89a-28f72e069b86-3.exe','32');
DeleteFile('C:\Program Files\Cinema Plus Pro 3.2cV29.03\ddfbb344-2123-4a91-b89a-28f72e069b86-5.exe','32');
DeleteFile('C:\Program Files\Cinema Plus Pro 3.2cV29.03\ddfbb344-2123-4a91-b89a-28f72e069b86-6.exe','32');
DeleteFile('C:\Program Files\Cinema Plus Pro 3.2cV29.03\ddfbb344-2123-4a91-b89a-28f72e069b86-7.exe','32');
DeleteFile('C:\windows\Tasks\ddfbb344-2123-4a91-b89a-28f72e069b86-7.job','32');
DeleteFile('C:\windows\Tasks\ddfbb344-2123-4a91-b89a-28f72e069b86-6.job','32');
DeleteFile('C:\windows\Tasks\ddfbb344-2123-4a91-b89a-28f72e069b86-5.job','32');
DeleteFile('C:\windows\Tasks\ddfbb344-2123-4a91-b89a-28f72e069b86-11.job','32');
DeleteFile('C:\windows\Tasks\globalUpdateUpdateTaskMachineUA.job','32');
DeleteFile('C:\windows\Tasks\globalUpdateUpdateTaskMachineCore.job','32');
DeleteFile('C:\windows\Tasks\RMJPES.job','32');
DeleteFile('C:\Documents and Settings\Application Data\RMJPES.exe','32');
DeleteFile('C:\windows\Tasks\SmartWeb Upgrade Trigger Task.job','32');
DeleteFile('C:\windows\Tasks\SpeedUpMyPC Maintenance.job','32');
DeleteFile('C:\windows\Tasks\SpeedUpMyPC Startup.job','32');
DeleteFile('C:\windows\Tasks\WUTHPZ.job','32');
DeleteFile('C:\Documents and Settings\Application Data\WUTHPZ.exe','32');
DeleteFile('C:\Program Files\Uniblue\SpeedUpMyPC\speedupmypc.exe','32');
DeleteFile('C:\Documents and Settings\Эльдар\Local Settings\Temp\~DFBC6D.tmp','32');
DeleteFile('C:\Documents and Settings\Эльдар\Local Settings\Temp\nsb318.tmp\blowfish.dll','32');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(false);
end.
Будет выполнена перезагрузка компьютера.