Код:
begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
QuarantineFile('C:\Users\0000\appdata\local\smartweb\__u.exe','');
QuarantineFile('C:\Users\0000\AppData\Roaming\mystartsearch\UninstallManager.exe','');
QuarantineFile('C:\Users\0000\AppData\Roaming\istartsurf\UninstallManager.exe','');
QuarantineFile('C:\ProgramData\LolliScan\LolliScan.exe','');
QuarantineFile('C:\ProgramData\Service7609\Service7609.exe','');
QuarantineFile('C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe','');
QuarantineFile('C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe','');
QuarantineFile('C:\Program Files (x86)\SavePass 1.1\86304286-06c7-4a2a-bd48-ae12ceef6bae-1-6.exe','');
QuarantineFile('C:\Program Files (x86)\SavePass 1.1\86304286-06c7-4a2a-bd48-ae12ceef6bae-1-7.exe','');
QuarantineFile('C:\Program Files (x86)\SavePass 1.1\86304286-06c7-4a2a-bd48-ae12ceef6bae-11.exe','');
QuarantineFile('C:\Program Files (x86)\SavePass 1.1\86304286-06c7-4a2a-bd48-ae12ceef6bae-5.exe','');
QuarantineFile('C:\Program Files (x86)\CiPlus-4.5vV11.08\24e7b09e-a8fa-4fa2-8c3b-115a2b2d784d-5.exe','');
QuarantineFile('C:\Program Files (x86)\CiPlus-4.5vV11.08\24e7b09e-a8fa-4fa2-8c3b-115a2b2d784d-4.exe','');
QuarantineFile('C:\Program Files (x86)\CiPlus-4.5vV11.08\24e7b09e-a8fa-4fa2-8c3b-115a2b2d784d-11.exe','');
QuarantineFile('C:\Program Files (x86)\CiPlus-4.5vV11.08\24e7b09e-a8fa-4fa2-8c3b-115a2b2d784d-10.exe','');
QuarantineFile('C:\Program Files (x86)\CiPlus-4.5vV11.08\24e7b09e-a8fa-4fa2-8c3b-115a2b2d784d-1-7.exe','');
QuarantineFile('C:\Program Files (x86)\CiPlus-4.5vV11.08\24e7b09e-a8fa-4fa2-8c3b-115a2b2d784d-1-6.exe','');
QuarantineFile('C:\Users\0000\AppData\Roaming\Browsers\exe.arepo.bat','');
QuarantineFile('C:\Users\0000\AppData\Roaming\Browsers\exe.resworb.bat','');
DeleteService('ppfd_vw_1_10_0_21');
DeleteService('ppfd_vw_1_10_0_24');
DeleteService('QMUdisk');
DeleteService('TS888x64');
DeleteService('wsafd_1_10_0_19');
DeleteService('wwfd_vw_1_10_0_24');
QuarantineFile('C:\WINDOWS\system32\drivers\wwfd_vw_1_10_0_24.sys','');
QuarantineFile('C:\WINDOWS\system32\drivers\wsafd_1_10_0_19.sys','');
QuarantineFile('C:\WINDOWS\system32\drivers\ppfd_vw_1_10_0_21.sys','');
QuarantineFile('C:\WINDOWS\system32\drivers\ppfd_vw_1_10_0_24.sys','');
DeleteService('mewunimo');
DeleteService('hyverumu');
DeleteService('gopibeko');
DeleteService('globalUpdate');
DeleteService('comyninu');
QuarantineFile('C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe','');
TerminateProcessByName('c:\program files (x86)\savepass 1.1\86304286-06c7-4a2a-bd48-ae12ceef6bae-1-6.exe');
QuarantineFile('c:\program files (x86)\savepass 1.1\86304286-06c7-4a2a-bd48-ae12ceef6bae-1-6.exe','');
DeleteFile('c:\program files (x86)\savepass 1.1\86304286-06c7-4a2a-bd48-ae12ceef6bae-1-6.exe','32');
DeleteFile('C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe','32');
DeleteFile('comyninu.sys','32');
DeleteFile('mewunimo.sys','32');
DeleteFile('hyverumu.sys','32');
DeleteFile('gopibeko.sys','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\TS888x64.sys','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QMUdisk64.sys','32');
DeleteFile('C:\WINDOWS\system32\drivers\ppfd_vw_1_10_0_24.sys','32');
DeleteFile('C:\WINDOWS\system32\drivers\ppfd_vw_1_10_0_21.sys','32');
DeleteFile('C:\WINDOWS\system32\drivers\wsafd_1_10_0_19.sys','32');
DeleteFile('C:\WINDOWS\system32\drivers\wwfd_vw_1_10_0_24.sys','32');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\RunOnce','Application Restart #2');
DeleteFile('C:\Users\0000\AppData\Roaming\Browsers\exe.resworb.bat','32');
DeleteFile('C:\Users\0000\AppData\Roaming\Browsers\exe.arepo.bat','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV11.08\24e7b09e-a8fa-4fa2-8c3b-115a2b2d784d-1-6.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV11.08\24e7b09e-a8fa-4fa2-8c3b-115a2b2d784d-1-7.exe','32');
DeleteFile('C:\WINDOWS\Tasks\24e7b09e-a8fa-4fa2-8c3b-115a2b2d784d-1-7.job','32');
DeleteFile('C:\WINDOWS\Tasks\24e7b09e-a8fa-4fa2-8c3b-115a2b2d784d-1-6.job','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV11.08\24e7b09e-a8fa-4fa2-8c3b-115a2b2d784d-10.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV11.08\24e7b09e-a8fa-4fa2-8c3b-115a2b2d784d-11.exe','32');
DeleteFile('C:\WINDOWS\Tasks\24e7b09e-a8fa-4fa2-8c3b-115a2b2d784d-11.job','32');
DeleteFile('C:\WINDOWS\Tasks\24e7b09e-a8fa-4fa2-8c3b-115a2b2d784d-10_user.job','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV11.08\24e7b09e-a8fa-4fa2-8c3b-115a2b2d784d-4.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV11.08\24e7b09e-a8fa-4fa2-8c3b-115a2b2d784d-5.exe','32');
DeleteFile('C:\WINDOWS\Tasks\24e7b09e-a8fa-4fa2-8c3b-115a2b2d784d-5.job','32');
DeleteFile('C:\WINDOWS\Tasks\24e7b09e-a8fa-4fa2-8c3b-115a2b2d784d-4.job','32');
DeleteFile('C:\WINDOWS\Tasks\24e7b09e-a8fa-4fa2-8c3b-115a2b2d784d-5_user.job','32');
DeleteFile('C:\WINDOWS\Tasks\86304286-06c7-4a2a-bd48-ae12ceef6bae-1-6.job','32');
DeleteFile('C:\WINDOWS\Tasks\86304286-06c7-4a2a-bd48-ae12ceef6bae-1-7.job','32');
DeleteFile('C:\WINDOWS\Tasks\86304286-06c7-4a2a-bd48-ae12ceef6bae-11.job','32');
DeleteFile('C:\WINDOWS\Tasks\86304286-06c7-4a2a-bd48-ae12ceef6bae-5.job','32');
DeleteFile('C:\Program Files (x86)\SavePass 1.1\86304286-06c7-4a2a-bd48-ae12ceef6bae-5.exe','32');
DeleteFile('C:\Program Files (x86)\SavePass 1.1\86304286-06c7-4a2a-bd48-ae12ceef6bae-11.exe','32');
DeleteFile('C:\Program Files (x86)\SavePass 1.1\86304286-06c7-4a2a-bd48-ae12ceef6bae-1-7.exe','32');
DeleteFile('C:\Program Files (x86)\SavePass 1.1\86304286-06c7-4a2a-bd48-ae12ceef6bae-1-6.exe','32');
DeleteFile('C:\WINDOWS\Tasks\APSnotifierPP1.job','32');
DeleteFile('C:\WINDOWS\Tasks\APSnotifierPP2.job','32');
DeleteFile('C:\WINDOWS\Tasks\APSnotifierPP3.job','32');
DeleteFile('C:\WINDOWS\Tasks\Crossbrowse.job','32');
DeleteFile('C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe','32');
DeleteFile('C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe','32');
DeleteFile('C:\WINDOWS\Tasks\de0f221e-d517-4e6b-aeb0-c1706c1b599f-1-6.job','32');
DeleteFile('C:\WINDOWS\Tasks\de0f221e-d517-4e6b-aeb0-c1706c1b599f-1-7.job','32');
DeleteFile('C:\WINDOWS\Tasks\de0f221e-d517-4e6b-aeb0-c1706c1b599f-10_user.job','32');
DeleteFile('C:\WINDOWS\Tasks\de0f221e-d517-4e6b-aeb0-c1706c1b599f-11.job','32');
DeleteFile('C:\WINDOWS\Tasks\de0f221e-d517-4e6b-aeb0-c1706c1b599f-5.job','32');
DeleteFile('C:\WINDOWS\Tasks\de0f221e-d517-4e6b-aeb0-c1706c1b599f-5_user.job','32');
DeleteFile('C:\WINDOWS\Tasks\e462d306-a9f1-40c3-b8a7-43607c337d34-1-6.job','32');
DeleteFile('C:\WINDOWS\Tasks\e462d306-a9f1-40c3-b8a7-43607c337d34-1-7.job','32');
DeleteFile('C:\WINDOWS\Tasks\e462d306-a9f1-40c3-b8a7-43607c337d34-10_user.job','32');
DeleteFile('C:\WINDOWS\Tasks\e462d306-a9f1-40c3-b8a7-43607c337d34-11.job','32');
DeleteFile('C:\WINDOWS\Tasks\e462d306-a9f1-40c3-b8a7-43607c337d34-4.job','32');
DeleteFile('C:\WINDOWS\Tasks\e462d306-a9f1-40c3-b8a7-43607c337d34-5.job','32');
DeleteFile('C:\WINDOWS\Tasks\e462d306-a9f1-40c3-b8a7-43607c337d34-5_user.job','32');
DeleteFile('C:\ProgramData\Service7609\Service7609.exe','32');
DeleteFile('C:\WINDOWS\Tasks\GHMAIEQAHIXHIFPO.job','32');
DeleteFile('C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job','32');
DeleteFile('C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job','32');
DeleteFile('C:\WINDOWS\Tasks\VOGLR1.job','32');
DeleteFile('C:\WINDOWS\system32\Tasks\24e7b09e-a8fa-4fa2-8c3b-115a2b2d784d-1-6','64');
DeleteFile('C:\WINDOWS\system32\Tasks\24e7b09e-a8fa-4fa2-8c3b-115a2b2d784d-1-7','64');
DeleteFile('C:\WINDOWS\system32\Tasks\24e7b09e-a8fa-4fa2-8c3b-115a2b2d784d-10_user','64');
DeleteFile('C:\WINDOWS\system32\Tasks\24e7b09e-a8fa-4fa2-8c3b-115a2b2d784d-11','64');
DeleteFile('C:\WINDOWS\system32\Tasks\24e7b09e-a8fa-4fa2-8c3b-115a2b2d784d-4','64');
DeleteFile('C:\WINDOWS\system32\Tasks\24e7b09e-a8fa-4fa2-8c3b-115a2b2d784d-5','64');
DeleteFile('C:\WINDOWS\system32\Tasks\24e7b09e-a8fa-4fa2-8c3b-115a2b2d784d-5_user','64');
DeleteFile('C:\WINDOWS\system32\Tasks\86304286-06c7-4a2a-bd48-ae12ceef6bae-1-6','64');
DeleteFile('C:\WINDOWS\system32\Tasks\86304286-06c7-4a2a-bd48-ae12ceef6bae-1-7','64');
DeleteFile('C:\WINDOWS\system32\Tasks\86304286-06c7-4a2a-bd48-ae12ceef6bae-11','64');
DeleteFile('C:\WINDOWS\system32\Tasks\86304286-06c7-4a2a-bd48-ae12ceef6bae-5','64');
DeleteFile('C:\WINDOWS\system32\Tasks\Crossbrowse','64');
DeleteFile('C:\WINDOWS\system32\Tasks\de0f221e-d517-4e6b-aeb0-c1706c1b599f-1-6','64');
DeleteFile('C:\WINDOWS\system32\Tasks\de0f221e-d517-4e6b-aeb0-c1706c1b599f-1-7','64');
DeleteFile('C:\WINDOWS\system32\Tasks\de0f221e-d517-4e6b-aeb0-c1706c1b599f-10_user','64');
DeleteFile('C:\WINDOWS\system32\Tasks\de0f221e-d517-4e6b-aeb0-c1706c1b599f-11','64');
DeleteFile('C:\WINDOWS\system32\Tasks\de0f221e-d517-4e6b-aeb0-c1706c1b599f-5','64');
DeleteFile('C:\WINDOWS\system32\Tasks\e462d306-a9f1-40c3-b8a7-43607c337d34-1-6','64');
DeleteFile('C:\WINDOWS\system32\Tasks\de0f221e-d517-4e6b-aeb0-c1706c1b599f-5_user','64');
DeleteFile('C:\WINDOWS\system32\Tasks\e462d306-a9f1-40c3-b8a7-43607c337d34-1-7','64');
DeleteFile('C:\WINDOWS\system32\Tasks\e462d306-a9f1-40c3-b8a7-43607c337d34-10_user','64');
DeleteFile('C:\WINDOWS\system32\Tasks\e462d306-a9f1-40c3-b8a7-43607c337d34-11','64');
DeleteFile('C:\WINDOWS\system32\Tasks\e462d306-a9f1-40c3-b8a7-43607c337d34-4','64');
DeleteFile('C:\WINDOWS\system32\Tasks\e462d306-a9f1-40c3-b8a7-43607c337d34-5','64');
DeleteFile('C:\WINDOWS\system32\Tasks\e462d306-a9f1-40c3-b8a7-43607c337d34-5_user','64');
DeleteFile('C:\WINDOWS\system32\Tasks\GHMAIEQAHIXHIFPO','64');
DeleteFile('C:\WINDOWS\system32\Tasks\globalUpdateUpdateTaskMachineCore','64');
DeleteFile('C:\WINDOWS\system32\Tasks\globalUpdateUpdateTaskMachineUA','64');
DeleteFile('C:\WINDOWS\system32\Tasks\LaunchPreSignup','64');
DeleteFile('C:\WINDOWS\system32\Tasks\Soft installer','64');
DeleteFile('C:\WINDOWS\system32\Tasks\VOGLR1','64');
DeleteFile('C:\Users\0000\AppData\Roaming\istartsurf\UninstallManager.exe','32');
DeleteFile('C:\Users\0000\AppData\Roaming\mystartsearch\UninstallManager.exe','32');
DeleteFile('C:\WINDOWS\system32\Tasks\{E4A475C8-AC24-40BE-A1E2-92F323687212}','64');
DeleteFile('C:\WINDOWS\system32\Tasks\{D2372A5B-20B1-4036-A32B-4F2193B60F0E}','64');
DeleteFile('C:\Users\0000\appdata\local\smartweb\__u.exe','32');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(false);
end.
Будет выполнена перезагрузка компьютера.