Код:
begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
QuarantineFile('C:\Users\user\appdata\roaming\aspackage\uninstall.exe','');
QuarantineFile('C:\Users\user\appdata\roaming\aspackage\aspackage.exe','');
QuarantineFile('C:\Users\user\appdata\local\microsoft\windows\toolbar.exe','');
QuarantineFile('C:\Users\user\AppData\Roaming\FreeVPN\FreeVPN.exe','');
QuarantineFile('C:\Program Files\Microsoft Data\InstallAddons.exe','');
QuarantineFile('C:\Users\user\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE','');
QuarantineFile('C:\Users\user\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE','');
DelBHO('{7CE987D5-11B3-44FC-9C3D-03069360D462}');
DelBHO('{1FE48F08-A2AC-44AC-A21C-0556D91C50DA}');
QuarantineFile('C:\Program Files\advPlugin\Toolbar32.dll','');
QuarantineFile('C:\Program Files\Zaxar\ZaxarLoader.exe','');
QuarantineFile('C:\ProgramData\TimeTasks\TimeTasksSetup.exe','');
QuarantineFile('C:\ProgramData\Program status\scheck.exe','');
QuarantineFile('C:\ProgramData\Schedule\timetasks.exe','');
QuarantineFile('C:\Program Files\SpaceSoundPro\idscservice.exe','');
QuarantineFile('C:\Users\user\AppData\Local\gmsd_re_005010244\upgmsd_re_005010244.exe','');
QuarantineFile('C:\Program Files\rec_ua_204\rec_ua_204.exe','');
DeleteService('TSSK');
DeleteService('TS888');
DeleteService('QMUdisk');
DeleteService('zigipyro');
QuarantineFile('C:\Users\user\AppData\Local\7079E8C0-1456069945-11B2-8000-98831708183A\qnsj75DD.tmp','');
QuarantineFile('C:\Program Files\7079E8C0-1456061427-11B2-8000-98831708183A\hnsaDECC.tmp','');
QuarantineFile('C:\Program Files\Dolphin Deals\updateDolphinDeals.exe','');
QuarantineFile('C:\Program Files\7079E8C0-1456061427-11B2-8000-98831708183A\knsq9B7E.tmpfs','');
DeleteService('Update Dolphin Deals');
DeleteService('tohohylyzbt');
DeleteService('SSFK');
QuarantineFile('C:\Program Files\SFK\SSFK.exe','');
QuarantineFile('C:\Users\user\AppData\Local\7079E8C0-1456068947-11B2-8000-98831708183A\snsx3C9.tmp','');
DeleteService('rowugoqo');
DeleteService('LiveUpdateSvc');
QuarantineFile('C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe','');
QuarantineFile('C:\Program Files\SpaceSoundPro\SpaceSoundPro.dll','');
TerminateProcessByName('c:\program files\rec_ua_204\rec_ua_204.exe');
TerminateProcessByName('c:\users\user\appdata\local\gmsd_re_005010244\upgmsd_re_005010244.exe');
QuarantineFile('c:\users\user\appdata\local\gmsd_re_005010244\upgmsd_re_005010244.exe','');
QuarantineFile('c:\program files\rec_ua_204\rec_ua_204.exe','');
DeleteFile('c:\program files\rec_ua_204\rec_ua_204.exe','32');
DeleteFile('c:\users\user\appdata\local\gmsd_re_005010244\upgmsd_re_005010244.exe','32');
DeleteFile('C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe','32');
DeleteFile('C:\Users\user\AppData\Local\7079E8C0-1456068947-11B2-8000-98831708183A\snsx3C9.tmp','32');
DeleteFile('C:\Program Files\SFK\SSFK.exe','32');
DeleteFile('C:\Program Files\7079E8C0-1456061427-11B2-8000-98831708183A\knsq9B7E.tmpfs','32');
DeleteFile('C:\Program Files\Dolphin Deals\updateDolphinDeals.exe','32');
DeleteFile('C:\Program Files\7079E8C0-1456061427-11B2-8000-98831708183A\hnsaDECC.tmp','32');
DeleteFile('C:\Users\user\AppData\Local\7079E8C0-1456069945-11B2-8000-98831708183A\qnsj75DD.tmp','32');
DeleteFile('C:\windows\system32\tssk.sys','32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\10.8.16208.227\TS888.sys','32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\10.8.16208.227\QMUdisk.sys','32');
DeleteFile('C:\Program Files\rec_ua_204\rec_ua_204.exe','32');
DeleteFile('C:\Users\user\AppData\Local\gmsd_re_005010244\upgmsd_re_005010244.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\RunOnce','upgmsd_re_005010244.exe');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','rec_ua_204');
DeleteFile('C:\Program Files\SpaceSoundPro\idscservice.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IDSCPRODUCT','command');
DeleteFile('C:\Users\user\AppData\Local\Temp\qq-app-helper.exe','32');
DeleteFile('C:\ProgramData\Schedule\timetasks.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Schedule','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\qq-app-helper','command');
DeleteFile('C:\ProgramData\Program status\scheck.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\sCloudStatusCheck','command');
DeleteFile('C:\ProgramData\TimeTasks\TimeTasksSetup.exe','32');
DeleteFile('C:\Program Files\Zaxar\ZaxarLoader.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ziqjrxxjss','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ZaxarLoader','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\tirclguhku','command');
DeleteFile('C:\Program Files\Twilight Tech\Pretty Search\dummyDlg.exe','32');
DeleteFile('C:\Program Files\advPlugin\Toolbar32.dll','32');
DeleteFile('C:\Users\user\AppData\Local\9359\a11027.exe','32');
DeleteFile('C:\windows\Tasks\AmiUpdXp.job','32');
DeleteFile('C:\Users\user\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE','32');
DeleteFile('C:\windows\Tasks\Digital Sites.job','32');
DeleteFile('C:\windows\Tasks\DSite.job','32');
DeleteFile('C:\Users\user\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE','32');
DeleteFile('C:\windows\system32\Tasks\AmiUpdXp','32');
DeleteFile('C:\windows\system32\Tasks\chrome5','32');
DeleteFile('C:\windows\system32\Tasks\chrome5_logon','32');
DeleteFile('C:\Program Files\Microsoft Data\InstallAddons.exe','32');
DeleteFile('C:\windows\system32\Tasks\Digital Sites','32');
DeleteFile('C:\windows\system32\Tasks\DSite','32');
DeleteFile('C:\Users\user\AppData\Roaming\FreeVPN\FreeVPN.exe','32');
DeleteFile('C:\windows\system32\Tasks\Microsoft\Windows\SystemRestore\FreeVPN','32');
DeleteFile('C:\PROGRAM FILES\RISING\RAV\rsdelaylauncher.exe','32');
DeleteFile('C:\windows\system32\Tasks\RsDelayLauncher_{8A34248E-7D35-4832-8378-7659E0B0A380}','32');
DeleteFile('C:\windows\system32\Tasks\{A832C042-0017-4EE9-909C-69F2A481AB1E}','32');
DeleteFile('C:\Users\user\Downloads\amigo_adsetup_nwnautoflashbloc26ch.exe','32');
DeleteFile('C:\Users\user\appdata\everything\sfkex64.exe','32');
DeleteFile('C:\Users\user\appdata\local\microsoft\start menu\вoйти в интeрнeт.exe','32');
DeleteFile('C:\Users\user\appdata\local\microsoft\windows\toolbar.exe','32');
DeleteFile('C:\Users\user\appdata\roaming\aspackage\aspackage.exe','32');
DeleteFile('C:\Users\user\appdata\roaming\aspackage\uninstall.exe','32');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(false);
end.
Будет выполнена перезагрузка компьютера.