Код:
begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1804', 1);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '2201', 3);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1004', 3);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1001', 1);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1201', 3);
QuarantineFile('C:\Program Files\UCBrowser\Application\update_task.exe','');
QuarantineFile('C:\Documents and Settings\Администратор\Local Settings\Application Data\Logo Browser\{2F00B8C2-0F28-DB7F-A725-9568E01A23A1}\LogoBrowser.dll','');
QuarantineFile('C:\Documents and Settings\Администратор\Local Settings\Application Data\Logo Browser\{2F00B8C2-0F28-DB7F-A725-9568E01A23A1}\yvw.dll','');
SetServiceStart('UCGuard', 4);
DeleteService('UCGuard');
QuarantineFile('C:\WINDOWS\system32\DRIVERS\ucguard.sys','');
QuarantineFile('C:\Program Files\UCBrowser\Application\UCService.exe','');
DeleteService('UCBrowserSvc');
SetServiceStart('zicobovezbt', 4);
DeleteService('zicobovezbt');
SetServiceStart('xywomirizbt', 4);
DeleteService('xywomirizbt');
SetServiceStart('wemetovozbt', 4);
DeleteService('wemetovozbt');
SetServiceStart('sunysihyzbt', 4);
DeleteService('sunysihyzbt');
SetServiceStart('bobulikozbt', 4);
SetServiceStart('bydixykyzbt', 4);
SetServiceStart('covyteqezbt', 4);
SetServiceStart('cykisudozbt', 4);
SetServiceStart('dexydenu', 4);
SetServiceStart('dyxetejizbt', 4);
SetServiceStart('gigylonyzbt', 4);
SetServiceStart('jejomivyzbt', 4);
SetServiceStart('koxuqyle', 4);
SetServiceStart('jezopipezbt', 4);
SetServiceStart('lobylicuzbt', 4);
SetServiceStart('mopusoze', 4);
SetServiceStart('mrupdsrv', 4);
SetServiceStart('nebynugyzbt', 4);
SetServiceStart('nijuzuzi', 4);
DeleteService('qycuzepuzbt');
SetServiceStart('nytuqelezbt', 4);
SetServiceStart('pufywemezbt', 4);
SetServiceStart('qycuzepuzbt', 4);
SetServiceStart('roqepobyzbt', 4);
DeleteService('roqepobyzbt');
DeleteService('nytuqelezbt');
DeleteService('nijuzuzi');
DeleteService('nebynugyzbt');
DeleteService('mrupdsrv');
DeleteService('mopusoze');
DeleteService('koxuqyle');
DeleteService('jezopipezbt');
DeleteService('jejomivyzbt');
DeleteService('gigylonyzbt');
DeleteService('dyxetejizbt');
DeleteService('dexydenu');
DeleteService('cykisudozbt');
DeleteService('covyteqezbt');
DeleteService('bydixykyzbt');
DeleteService('bobulikozbt');
TerminateProcessByName('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\vnsm1e96.tmp');
TerminateProcessByName('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knsq1eab.tmp');
TerminateProcessByName('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knss1207.tmp');
TerminateProcessByName('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knst35ad.tmp');
TerminateProcessByName('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knst7b6.tmp');
TerminateProcessByName('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knstf30.tmp');
TerminateProcessByName('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knsv88f.tmp');
TerminateProcessByName('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knsx14cd.tmp');
QuarantineFile('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knsv88f.tmp','');
QuarantineFile('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knstf30.tmp','');
QuarantineFile('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knst7b6.tmp','');
QuarantineFile('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knst35ad.tmp','');
QuarantineFile('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knss1207.tmp','');
QuarantineFile('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knsq1eab.tmp','');
TerminateProcessByName('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knsd17cf.tmp');
TerminateProcessByName('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knse2d9f.tmp');
TerminateProcessByName('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knse4c0a.tmp');
TerminateProcessByName('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knsf13a6.tmp');
TerminateProcessByName('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knsgdc2.tmp');
TerminateProcessByName('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knsha91.tmp');
TerminateProcessByName('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knsi17db.tmp');
TerminateProcessByName('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knsi8ca.tmp');
TerminateProcessByName('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knsk7b0.tmp');
TerminateProcessByName('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knsla42.tmp');
TerminateProcessByName('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knsm1664.tmp');
TerminateProcessByName('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knsmaee.tmp');
TerminateProcessByName('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knsn1969.tmp');
TerminateProcessByName('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knso1c1f.tmp');
TerminateProcessByName('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knso24a6.tmp');
TerminateProcessByName('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knspa03.tmp');
QuarantineFile('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knspa03.tmp','');
QuarantineFile('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knso24a6.tmp','');
QuarantineFile('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knso1c1f.tmp','');
QuarantineFile('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knsn1969.tmp','');
QuarantineFile('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knsmaee.tmp','');
QuarantineFile('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knsm1664.tmp','');
QuarantineFile('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knsla42.tmp','');
QuarantineFile('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knsk7b0.tmp','');
QuarantineFile('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knsi8ca.tmp','');
QuarantineFile('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knsi17db.tmp','');
QuarantineFile('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knsha91.tmp','');
QuarantineFile('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knsgdc2.tmp','');
QuarantineFile('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knse4c0a.tmp','');
QuarantineFile('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knse2d9f.tmp','');
QuarantineFile('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knsd17cf.tmp','');
DeleteFile('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knsd17cf.tmp','32');
DeleteFile('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knse2d9f.tmp','32');
DeleteFile('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knse4c0a.tmp','32');
DeleteFile('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knsf13a6.tmp','32');
DeleteFile('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knsgdc2.tmp','32');
DeleteFile('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knsha91.tmp','32');
DeleteFile('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knsi17db.tmp','32');
DeleteFile('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knsi8ca.tmp','32');
DeleteFile('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knsk7b0.tmp','32');
DeleteFile('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knsla42.tmp','32');
DeleteFile('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knsm1664.tmp','32');
DeleteFile('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knsmaee.tmp','32');
DeleteFile('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knsn1969.tmp','32');
DeleteFile('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knso1c1f.tmp','32');
DeleteFile('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knso24a6.tmp','32');
DeleteFile('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knspa03.tmp','32');
DeleteFile('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knsq1eab.tmp','32');
DeleteFile('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knss1207.tmp','32');
DeleteFile('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knst35ad.tmp','32');
DeleteFile('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knst7b6.tmp','32');
DeleteFile('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knstf30.tmp','32');
DeleteFile('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knsv88f.tmp','32');
DeleteFile('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\knsx14cd.tmp','32');
DeleteFile('c:\program files\29616429-1450535877-11e0-8c56-48c05f06e0d6\vnsm1e96.tmp','32');
DeleteFile('C:\Program Files\UCBrowser\Application\UCService.exe','32');
DeleteFile('C:\WINDOWS\system32\DRIVERS\ucguard.sys','32');
DeleteFile('C:\WINDOWS\Tasks\Logo Browser.job','32');
DeleteFile('C:\WINDOWS\Tasks\Logo Browser2.job','32');
DeleteFile('C:\Documents and Settings\Администратор\Local Settings\Application Data\Logo Browser\{2F00B8C2-0F28-DB7F-A725-9568E01A23A1}\yvw.dll','32');
DeleteFile('C:\Documents and Settings\Администратор\Local Settings\Application Data\Logo Browser\{2F00B8C2-0F28-DB7F-A725-9568E01A23A1}\LogoBrowser.dll','32');
DeleteFile('C:\WINDOWS\Tasks\PPTAssistantNotifyTask_Администратор.job','32');
DeleteFile('C:\WINDOWS\Tasks\PPTAssistantUpdateTask_Администратор.job','32');
DeleteFile('C:\WINDOWS\Tasks\UCBrowserUpdater.job','32');
DeleteFile('C:\Program Files\UCBrowser\Application\update_task.exe','32');
DeleteFile('C:\Documents and Settings\Администратор\Local Settings\Application Data\PPTAssist\assistupdate.exe','32');
DeleteFile('C:\Documents and Settings\Администратор\Local Settings\Application Data\PPTAssist\notify.exe','32');
DeleteFile('C:\Documents and Settings\Администратор\Local Settings\Temp\nsmAA0.tmp\blowfish.dll','32');
DeleteFile('C:\Documents and Settings\Администратор\Local Settings\Temp\nszF77.tmp\blowfish.dll','32');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
ExecuteREpair(9);
RebootWindows(false);
end.
Будет выполнена перезагрузка компьютера.