Код:
begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
QuarantineFile('C:\Users\User\appdata\local\fupdate\fupdate.exe','');
QuarantineFile('c:\users\user\appdata\local\kometa\application\kometa.exe','');
QuarantineFile('C:\Users\User\AppData\Local\SearchGo\searchgo.exe','');
QuarantineFile('C:\Users\User\AppData\Local\svshost\svshost.exe','');
QuarantineFile('C:\Users\User\AppData\Local\Temp\R.vbs','');
QuarantineFile('C:\ProgramData\UpService\UpService.exe','');
QuarantineFile('C:\Users\User\AppData\Local\fupdate\fupdate.exe','');
QuarantineFile('C:\Program Files (x86)\CiPlus-4.5vV16.10\aedca078-77f9-4ef1-a564-d8b197ab2139-1-7.exe','');
QuarantineFile('C:\Program Files (x86)\CiPlus-4.5vV16.10\aedca078-77f9-4ef1-a564-d8b197ab2139-1-6.exe','');
QuarantineFile('C:\Users\User\AppData\Roaming\567377707A_1036\ghZ62GGUrV.exe','');
QuarantineFile('C:\Program Files (x86)\CiPlus-4.5vV17.10\11bc23be-3a35-4dd0-b42e-584cb5da6d33-5.exe','');
DelBHO('{2BC46CFA-4B00-4193-A7BD-6AD1D0BCB5BC}');
QuarantineFile('C:\Users\User\AppData\LocalLow\SearchGo\searchgo.dll','');
QuarantineFile('C:\Users\User\AppData\Roaming\BitTorrent\BitTorrent.exe','');
DeleteService('TsDefenseBt');
DeleteService('tsnethlpx64');
DeleteService('wwfd_vt_1_10_0_24');
QuarantineFile('C:\Windows\system32\drivers\wwfd_vt_1_10_0_24.sys','');
QuarantineFile('C:\Windows\system32\drivers\swsedrvr_vt_1_10_0_25.sys','');
DeleteService('swsedrvr_vt_1_10_0_25');
DeleteService('softaal');
DeleteService('SRepairDrv');
DeleteService('1622f5e188d38e28ff9318d27172c516');
DeleteService('QMUdisk');
QuarantineFile('C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\QMUdisk64.sys','');
QuarantineFile('C:\Windows\system32\DRIVERS\1622f5e188d38e28ff9318d27172c516.sys','');
DeleteService('sosurero');
QuarantineFile('C:\Program Files (x86)\03000200-1445010180-0500-0006-000700080009\jnsu3211.tmp','');
DeleteService('QQPCRTP');
DeleteService('kuxiwewi');
QuarantineFile('C:\Program Files (x86)\03000200-1445010180-0500-0006-000700080009\knsk1307.tmpfs','');
DeleteService('abee82e40cb56adb315e9ec31150b53b');
DeleteService('dijojyvi');
DeleteService('globalUpdatem');
QuarantineFile('C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe','');
QuarantineFile('C:\Program Files (x86)\03000200-1445010180-0500-0006-000700080009\hnsf4C86.tmp','');
QuarantineFile('c:\program files\3072316b52f035cd62486a62f2bf80d4\71cded09fb048f8ef6f011f44640b594.exe','');
DeleteFile('c:\program files\3072316b52f035cd62486a62f2bf80d4\71cded09fb048f8ef6f011f44640b594.exe','32');
DeleteFile('C:\Program Files (x86)\03000200-1445010180-0500-0006-000700080009\hnsf4C86.tmp','32');
DeleteFile('C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe','32');
DeleteFile('C:\Program Files (x86)\03000200-1445010180-0500-0006-000700080009\knsk1307.tmpfs','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\QQPCRtp.exe','32');
DeleteFile('C:\Program Files (x86)\03000200-1445010180-0500-0006-000700080009\jnsu3211.tmp','32');
DeleteFile('C:\Windows\system32\DRIVERS\1622f5e188d38e28ff9318d27172c516.sys','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\QMUdisk64.sys','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\softaal64.sys','32');
DeleteFile('C:\Windows\GJFix\SRepairDrv','32');
DeleteFile('C:\Windows\system32\drivers\swsedrvr_vt_1_10_0_25.sys','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\TsDefenseBT64.sys','32');
DeleteFile('C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\TsNetHlpX64.sys','32');
DeleteFile('C:\Windows\system32\drivers\wwfd_vt_1_10_0_24.sys','32');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','C');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','BitTorrent');
DeleteFile('C:\Users\User\AppData\Roaming\BitTorrent\BitTorrent.exe','32');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','klxbkrkpsu');
DeleteFile('C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\VAULT.hta','32');
DeleteFile('C:\Users\User\AppData\LocalLow\SearchGo\searchgo.dll','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV17.10\11bc23be-3a35-4dd0-b42e-584cb5da6d33-1-6.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV17.10\11bc23be-3a35-4dd0-b42e-584cb5da6d33-1-7.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV17.10\11bc23be-3a35-4dd0-b42e-584cb5da6d33-10.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV17.10\11bc23be-3a35-4dd0-b42e-584cb5da6d33-11.exe','32');
DeleteFile('C:\Windows\Tasks\11bc23be-3a35-4dd0-b42e-584cb5da6d33-11.job','32');
DeleteFile('C:\Windows\Tasks\11bc23be-3a35-4dd0-b42e-584cb5da6d33-10_user.job','32');
DeleteFile('C:\Windows\Tasks\11bc23be-3a35-4dd0-b42e-584cb5da6d33-1-7.job','32');
DeleteFile('C:\Windows\Tasks\11bc23be-3a35-4dd0-b42e-584cb5da6d33-1-6.job','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV17.10\11bc23be-3a35-4dd0-b42e-584cb5da6d33-5.exe','32');
DeleteFile('C:\Windows\Tasks\11bc23be-3a35-4dd0-b42e-584cb5da6d33-5.job','32');
DeleteFile('C:\Windows\Tasks\11bc23be-3a35-4dd0-b42e-584cb5da6d33-5_user.job','32');
DeleteFile('C:\Windows\Tasks\567377707A_1036.job','32');
DeleteFile('C:\Users\User\AppData\Roaming\567377707A_1036\ghZ62GGUrV.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV16.10\aedca078-77f9-4ef1-a564-d8b197ab2139-1-6.exe','32');
DeleteFile('C:\Windows\Tasks\aedca078-77f9-4ef1-a564-d8b197ab2139-1-6.job','32');
DeleteFile('C:\Windows\Tasks\aedca078-77f9-4ef1-a564-d8b197ab2139-1-7.job','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV16.10\aedca078-77f9-4ef1-a564-d8b197ab2139-1-7.exe','32');
DeleteFile('C:\Windows\Tasks\aedca078-77f9-4ef1-a564-d8b197ab2139-10_user.job','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV16.10\aedca078-77f9-4ef1-a564-d8b197ab2139-10.exe','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV16.10\aedca078-77f9-4ef1-a564-d8b197ab2139-11.exe','32');
DeleteFile('C:\Windows\Tasks\aedca078-77f9-4ef1-a564-d8b197ab2139-11.job','32');
DeleteFile('C:\Windows\Tasks\aedca078-77f9-4ef1-a564-d8b197ab2139-5.job','32');
DeleteFile('C:\Windows\Tasks\aedca078-77f9-4ef1-a564-d8b197ab2139-5_user.job','32');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV16.10\aedca078-77f9-4ef1-a564-d8b197ab2139-5.exe','32');
DeleteFile('C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job','32');
DeleteFile('C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job','32');
DeleteFile('C:\Windows\Tasks\MyBrowser.job','32');
DeleteFile('C:\Program Files (x86)\MyBrowser\MyBrowser\Application\utility.exe','32');
DeleteFile('C:\Windows\system32\Tasks\11bc23be-3a35-4dd0-b42e-584cb5da6d33-1-6','64');
DeleteFile('C:\Windows\system32\Tasks\11bc23be-3a35-4dd0-b42e-584cb5da6d33-1-7','64');
DeleteFile('C:\Windows\system32\Tasks\11bc23be-3a35-4dd0-b42e-584cb5da6d33-11','64');
DeleteFile('C:\Windows\system32\Tasks\11bc23be-3a35-4dd0-b42e-584cb5da6d33-5','64');
DeleteFile('C:\Windows\system32\Tasks\11bc23be-3a35-4dd0-b42e-584cb5da6d33-5_user','64');
DeleteFile('C:\Windows\system32\Tasks\aedca078-77f9-4ef1-a564-d8b197ab2139-1-6','64');
DeleteFile('C:\Windows\system32\Tasks\aedca078-77f9-4ef1-a564-d8b197ab2139-1-7','64');
DeleteFile('C:\Windows\system32\Tasks\aedca078-77f9-4ef1-a564-d8b197ab2139-11','64');
DeleteFile('C:\Windows\system32\Tasks\aedca078-77f9-4ef1-a564-d8b197ab2139-5','64');
DeleteFile('C:\Windows\system32\Tasks\aedca078-77f9-4ef1-a564-d8b197ab2139-5_user','64');
DeleteFile('C:\Users\User\AppData\Local\fupdate\fupdate.exe','32');
DeleteFile('C:\Windows\system32\Tasks\fupdate','64');
DeleteFile('C:\Windows\system32\Tasks\globalUpdateUpdateTaskMachineCore','64');
DeleteFile('C:\Windows\system32\Tasks\globalUpdateUpdateTaskMachineUA','64');
DeleteFile('C:\ProgramData\UpService\UpService.exe','32');
DeleteFile('C:\Windows\system32\Tasks\Microsoft\Windows\Apps\UpService','64');
DeleteFile('C:\Windows\system32\Tasks\MyBrowser','64');
DeleteFile('C:\Windows\system32\Tasks\RestoreSearch','64');
DeleteFile('C:\Users\User\AppData\Local\Temp\R.vbs','32');
DeleteFile('C:\Windows\system32\Tasks\SearchGo Task','64');
DeleteFile('C:\Windows\system32\Tasks\svshost','64');
DeleteFile('C:\Users\User\AppData\Local\svshost\svshost.exe','32');
DeleteFile('C:\Users\User\AppData\Local\SearchGo\searchgo.exe','32');
DeleteFile('c:\users\user\appdata\local\kometa\application\kometa.exe','32');
DeleteFile('C:\Windows\system32\Tasks\{052AA1DB-B75F-4DEB-942E-DEA0A094165F}','64');
DeleteFile('C:\Windows\system32\Tasks\{78AF503B-1104-4591-9EBA-2DAF9DA6B08C}','64');
DeleteFile('C:\Windows\system32\Tasks\{85ABC18D-195A-43B1-A4A8-34B985F063C5}','64');
DeleteFile('C:\Windows\system32\Tasks\{87B2B9E9-4A2F-4EDD-8EC2-2702E80A86B2}','64');
DeleteFile('C:\Windows\system32\Tasks\{C10E8E38-A0FF-4C14-8512-81A5B99346BB}','64');
DeleteFile('C:\Windows\system32\Tasks\{D065CA55-8D72-48B2-BF87-5CD47476FC1B}','64');
DeleteFile('C:\Windows\system32\Tasks\{E527F0E6-6CFA-43CE-96EE-B66CFBD726CF}','64');
DeleteFile('C:\Users\User\appdata\local\fupdate\fupdate.exe','32');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(false);
end.
Будет выполнена перезагрузка компьютера.