Код:
begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
QuarantineFile('C:\Users\alex\appdata\roaming\daemon2.exe','');
QuarantineFile('C:\Users\alex\appdata\local\birds\cassowary.dll','');
QuarantineFile('C:\Users\алекс\AppData\Local\Hostinstaller\4026540551_installcube.exe','');
QuarantineFile('C:\PROGRA~1\GROOVE~1\Minjia.bat','');
QuarantineFile('C:\ProgramData\UpService\UpService.exe','');
QuarantineFile('C:\Program Files (x86)\Common Files\F81842BE-2D0D-46E1-927D-BE8411234BD1\551B51DA-8CE3-4B9A-8052-8E0B31DAF637.exe','');
QuarantineFile('C:\Users\алекс\AppData\Local\Birds\birds365.exe','');
QuarantineFile('C:\Users\алекс\AppData\Roaming\MyDesktop\qweeeCL.exe','');
QuarantineFile('C:\Program Files (x86)\Zaxar\ZaxarLoader.exe','');
QuarantineFile('C:\Program Files (x86)\Zaxar\ZaxarGameBrowser.exe','');
QuarantineFile('C:\Program Files (x86)\Kinoroom Browser\krbrowser.exe','');
SetServiceStart('cherimoya', 4);
DeleteService('swsedrvr_vt_1_10_0_25');
DeleteService('cherimoya');
QuarantineFile('C:\Windows\system32\drivers\cherimoya.sys','');
QuarantineFile('C:\Windows\system32\drivers\swsedrvr_vt_1_10_0_25.sys','');
DeleteService('rowugoqo');
QuarantineFile('C:\Users\алекс\AppData\Local\7E558E81-1455291232-11CB-9D12-EC923079047C\snsc56E.tmp','');
DeleteService('LiveUpdateSvc');
DeleteService('bihotyli');
DeleteService('bytonyqo');
QuarantineFile('C:\Program Files (x86)\7E558E81-1447622662-11CB-9D12-EC923079047C\jnse47D6.tmp','');
QuarantineFile('C:\Program Files (x86)\7E558E81-1447622662-11CB-9D12-EC923079047C\hnse5F00.tmp','');
DeleteFile('C:\Program Files (x86)\7E558E81-1447622662-11CB-9D12-EC923079047C\hnse5F00.tmp','32');
DeleteFile('C:\Program Files (x86)\7E558E81-1447622662-11CB-9D12-EC923079047C\jnse47D6.tmp','32');
DeleteFile('C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe','32');
DeleteFile('C:\Users\алекс\AppData\Local\7E558E81-1455291232-11CB-9D12-EC923079047C\snsc56E.tmp','32');
DeleteFile('C:\Windows\system32\drivers\swsedrvr_vt_1_10_0_25.sys','32');
DeleteFile('C:\Windows\system32\drivers\cherimoya.sys','32');
DeleteFile('C:\Program Files (x86)\Kinoroom Browser\krbrowser.exe','32');
DeleteFile('C:\Program Files (x86)\Zaxar\ZaxarGameBrowser.exe','32');
DeleteFile('C:\Program Files (x86)\Zaxar\ZaxarLoader.exe','32');
DeleteFile('C:\Program Files (x86)\ppt\Uninst.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','pcmgr');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','ZaxarLoader');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','ZaxarGameBrowser');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','Kinoroom Browser');
DeleteFile('C:\Users\алекс\AppData\Roaming\MyDesktop\qweeeCL.exe','32');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','MyDesktop');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','GenieFloater');
DeleteFile('C:\Users\alex\AppData\Local\MediaGet2\mediaget.exe','32');
DeleteFile('C:\Program Files (x86)\ppt\ppt.exe','32');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','apphide');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','MediaGet2');
DeleteFile('C:\Users\алекс\AppData\Local\Birds\birds365.exe','32');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','Birds');
DeleteFile('C:\Program Files (x86)\Common Files\F81842BE-2D0D-46E1-927D-BE8411234BD1\551B51DA-8CE3-4B9A-8052-8E0B31DAF637.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run','AppDownloads');
DeleteFile('C:\Windows\Tasks\BMszFdGAFqPWdjFiOQQd.job','32');
DeleteFile('C:\Windows\Tasks\PIMRfyXJTisMuCRH271oeip.job','32');
DeleteFile('C:\ProgramData\UpService\UpService.exe','32');
DeleteFile('C:\PROGRA~1\GROOVE~1\Minjia.bat','32');
DeleteFile('C:\Users\алекс\AppData\Local\Hostinstaller\4026540551_installcube.exe','32');
DeleteFile('C:\Users\алекс\AppData\Local\PPTAssist\utility\uninst.exe','32');
DeleteFile('C:\Windows\system32\Tasks\Microsoft\Windows\551B51DA-8CE3-4B9A-8052-8E0B31DAF637','64');
DeleteFile('C:\Windows\system32\Tasks\Microsoft\Windows\A551B51DA-8CE3-4B9A-8052-8E0B31DAF637','64');
DeleteFile('C:\Windows\system32\Tasks\Obafv','64');
DeleteFile('C:\Windows\system32\Tasks\Soft installer','64');
DeleteFile('C:\Windows\system32\Tasks\{0547DFA8-32A6-4793-B616-1041C1887854}','64');
DeleteFile('C:\Windows\system32\Tasks\{529D642D-3859-4274-9CDC-80462A4E1EFF}','64');
DeleteFile('C:\Users\alex\appdata\local\birds\cassowary.dll','32');
DeleteFile('C:\Users\alex\appdata\roaming\daemon2.exe','32');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(false);
end.
Будет выполнена перезагрузка компьютера.