Код:
begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
QuarantineFile('C:\Program Files\Reimage\Reimage','');
QuarantineFile('C:\Program Files\Diqepy\jedpy.exe','');
QuarantineFile('C:\ProgramData\RenewalService\Renewal.exe','');
QuarantineFile('C:\ProgramData\service.exe','');
QuarantineFile('C:\Program Files\DPower\ZFATRE7492.exe','');
QuarantineFile('C:\Program Files\mpck\wincom_B4F.exe','');
QuarantineFile('C:\Program Files\sunnyday\wincom_H8V.exe','');
QuarantineFile('C:\Program Files\sunnyday\wincom_OFG.exe','');
QuarantineFile('C:\Program Files\sunnyday\wincom_PY7.exe','');
QuarantineFile('C:\Program Files\sunnyday\wincom_R30.exe','');
QuarantineFile('C:\Program Files\sunnyday\wincom_SSW.exe','');
QuarantineFile('C:\Program Files\sunnyday\wincom_SYZ.exe','');
QuarantineFile('C:\Program Files\sunnyday\wincom_XFL.exe','');
QuarantineFile('C:\Program Files\win_en_77\win_en_77.exe','');
QuarantineFile('C:\Program Files\DPower\92YLP80K2I.exe','');
QuarantineFile('C:\Users\user\AppData\Roaming\Betcat\WebCakeDesktop.exe','');
QuarantineFile('C:\Program Files\SunnyDay21\SunnyDay.exe','');
QuarantineFile('C:\Program Files\DPower\XMK9BH600E.exe','');
QuarantineFile('C:\Program Files\DPower\DiskPower.exe','');
SetServiceStart('MaohaWifiNetPro', 4);
DeleteService('MaohaWifiNetPro');
DeleteService('ФотоAlcoholvBuildRetailMlRus');
QuarantineFile('D:\Фото\ФотоAlcoholvBuildRetailMlRus.exe','');
DeleteService('WebCakeFinalWireLtd');
DeleteService('Windowsbcccecfcecc');
DeleteService('Windowsdedaf');
DeleteService('WindowsDefenderVKMusic');
DeleteService('WindowsДокументи');
DeleteService('WindowsФото');
DeleteService('Відеоbcccecfcecc');
DeleteService('ДокументиМузика');
DeleteService('МузикаAlcoholvBuildRetailMlRus');
QuarantineFile('D:\Музика\МузикаAlcoholvBuildRetailMlRus.exe','');
QuarantineFile('D:\Документи\ДокументиМузика.exe','');
QuarantineFile('D:\Відео\Відеоbcccecfcecc.exe','');
QuarantineFile('D:\Windows\WindowsФото.exe','');
QuarantineFile('D:\Документи\WindowsДокументи.exe','');
QuarantineFile('C:\Program Files\VKMusic 4\WindowsDefenderVKMusic.exe','');
QuarantineFile('D:\Windows\Windowsdedaf.exe','');
QuarantineFile('D:\Windows\Windowsbcccecfcecc.exe','');
QuarantineFile('C:\Program Files\Web Cake\WebCakeFinalWireLtd.exe','');
DeleteService('SubwaySurfersCounterStrike');
DeleteService('TheKMPlayerFinalWireLtd');
DeleteService('TotalCommanderCounterStrike');
QuarantineFile('C:\Program Files\Total Commander\TotalCommanderCounterStrike.exe','');
QuarantineFile('C:\Program Files\The KMPlayer\TheKMPlayerFinalWireLtd.exe','');
QuarantineFile('C:\Program Files\Subway Surfers\SubwaySurfersCounterStrike.exe','');
DeleteService('savesenselivem');
DeleteService('savesenselive');
QuarantineFile('C:\Program Files\SaveSenseLive\Update\SaveSenseLive.exe','');
DeleteService('MyPCBackupZip');
DeleteService('OperaWindowsMediaPlayer');
DeleteService('PCPerformerunZIPExpress');
QuarantineFile('C:\Program Files\unZIPExpress\PCPerformerunZIPExpress.exe','');
QuarantineFile('C:\Program Files\Windows Media Player\OperaWindowsMediaPlayer.exe','');
QuarantineFile('C:\Program Files\7-Zip\MyPCBackupZip.exe','');
DeleteService('CHNGTSvc');
QuarantineFile('c:\exervice.exe','');
DeleteService('CiscounZIPExpress');
DeleteService('ddcdcdababcccecfcecc');
DeleteService('DebuggingToolsforWindowsxDVDMaker');
DeleteService('dedafdedaf');
DeleteService('dedafWindows');
DeleteService('hostMicrosoftOffice');
DeleteService('IntelBluetoothSuite');
DeleteService('MicrosoftOfficeEnterpriseSPAlcoholvBuildRetailMlRus');
DeleteService('MicrosoftSilverlightMediaViewV');
QuarantineFile('C:\Program Files\MediaViewV1\MicrosoftSilverlightMediaViewV.exe','');
QuarantineFile('D:\Alcohol 120% v2.0.3 Build 6850 Retail Ml_Rus\MicrosoftOfficeEnterpriseSPAlcoholvBuildRetailMlRus.exe','');
QuarantineFile('C:\Program Files\Bluetooth Suite\IntelBluetoothSuite.exe','');
QuarantineFile('C:\Program Files\unZIPExpress\CiscounZIPExpress.exe','');
QuarantineFile('C:\Program Files\Microsoft Office\hostMicrosoftOffice.exe','');
QuarantineFile('D:\407d94ed8991a4f325\dedafWindows.exe','');
QuarantineFile('D:\407d94ed8991a4f325\dedafdedaf.exe','');
QuarantineFile('C:\Program Files\Debugging Tools for Windows (x86)\DebuggingToolsforWindowsxDVDMaker.exe','');
QuarantineFile('D:\bc26c7c47ec75f8c2e03273cc4\ddcdcdababcccecfcecc.exe','');
QuarantineFile('C:\Program Files\GreatMaker\MaohaWiFi\MaoHaWiFiNet.sys','');
TerminateProcessByName('c:\program files\greatmaker\maohawifi\maohawifisvr.exe');
QuarantineFile('c:\program files\greatmaker\maohawifi\maohawifisvr.exe','');
DeleteFile('c:\program files\greatmaker\maohawifi\maohawifisvr.exe','32');
DeleteFile('C:\Program Files\GreatMaker\MaohaWiFi\CrRpt.dll','32');
DeleteFile('C:\Program Files\GreatMaker\MaohaWiFi\maohasubstat.dll','32');
DeleteFile('C:\Program Files\GreatMaker\MaohaWiFi\tipsdll.dll','32');
DeleteFile('C:\Program Files\GreatMaker\MaohaWiFi\Updater\CheckUpdate.dll','32');
DeleteFile('C:\Program Files\GreatMaker\MaohaWiFi\MaoHaWiFiNet.sys','32');
DeleteFile('D:\bc26c7c47ec75f8c2e03273cc4\ddcdcdababcccecfcecc.exe','32');
DeleteFile('D:\407d94ed8991a4f325\dedafdedaf.exe','32');
DeleteFile('D:\407d94ed8991a4f325\dedafWindows.exe','32');
DeleteFile('C:\Program Files\Microsoft Office\hostMicrosoftOffice.exe','32');
DeleteFile('C:\Program Files\Debugging Tools for Windows (x86)\DebuggingToolsforWindowsxDVDMaker.exe','32');
DeleteFile('C:\Program Files\unZIPExpress\CiscounZIPExpress.exe','32');
DeleteFile('C:\Program Files\Bluetooth Suite\IntelBluetoothSuite.exe','32');
DeleteFile('D:\Alcohol 120% v2.0.3 Build 6850 Retail Ml_Rus\MicrosoftOfficeEnterpriseSPAlcoholvBuildRetailMlRus.exe','32');
DeleteFile('C:\Program Files\MediaViewV1\MicrosoftSilverlightMediaViewV.exe','32');
DeleteFile('c:\exervice.exe','32');
DeleteFile('C:\Program Files\7-Zip\MyPCBackupZip.exe','32');
DeleteFile('C:\Program Files\Windows Media Player\OperaWindowsMediaPlayer.exe','32');
DeleteFile('C:\Program Files\unZIPExpress\PCPerformerunZIPExpress.exe','32');
DeleteFile('C:\Program Files\SaveSenseLive\Update\SaveSenseLive.exe','32');
DeleteFile('C:\Program Files\Subway Surfers\SubwaySurfersCounterStrike.exe','32');
DeleteFile('C:\Program Files\The KMPlayer\TheKMPlayerFinalWireLtd.exe','32');
DeleteFile('C:\Program Files\Total Commander\TotalCommanderCounterStrike.exe','32');
DeleteFile('C:\Program Files\Web Cake\WebCakeFinalWireLtd.exe','32');
DeleteFile('D:\Windows\Windowsbcccecfcecc.exe','32');
DeleteFile('D:\Windows\Windowsdedaf.exe','32');
DeleteFile('C:\Program Files\VKMusic 4\WindowsDefenderVKMusic.exe','32');
DeleteFile('D:\Документи\WindowsДокументи.exe','32');
DeleteFile('D:\Windows\WindowsФото.exe','32');
DeleteFile('D:\Відео\Відеоbcccecfcecc.exe','32');
DeleteFile('D:\Документи\ДокументиМузика.exe','32');
DeleteFile('D:\Музика\МузикаAlcoholvBuildRetailMlRus.exe','32');
DeleteFile('D:\Фото\ФотоAlcoholvBuildRetailMlRus.exe','32');
DeleteFile('C:\Users\user\AppData\Local\Amigo\Application\amigo.exe','32');
DeleteFile('C:\Program Files\sbqh\uc.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\app','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\amigo','command');
DeleteFile('C:\Program Files\DPower\DiskPower.exe','32');
DeleteFile('C:\Program Files\DPower\XMK9BH600E.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DiskPower','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\D6YA6J8C79','command');
DeleteFile('C:\Program Files\SunnyDay21\SunnyDay.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\svchost0','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\sun21','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WebCake Desktop','command');
DeleteFile('C:\Users\user\AppData\Roaming\Betcat\WebCakeDesktop.exe','32');
DeleteFile('C:\Program Files\DPower\92YLP80K2I.exe','32');
DeleteFile('C:\Program Files\win_en_77\win_en_77.exe','32');
DeleteFile('C:\Program Files\sunnyday\wincom_XFL.exe','32');
DeleteFile('C:\Program Files\sunnyday\wincom_SYZ.exe','32');
DeleteFile('C:\Program Files\sunnyday\wincom_SSW.exe','32');
DeleteFile('C:\Program Files\sunnyday\wincom_R30.exe','32');
DeleteFile('C:\Program Files\sunnyday\wincom_PY7.exe','32');
DeleteFile('C:\Program Files\sunnyday\wincom_OFG.exe','32');
DeleteFile('C:\Program Files\sunnyday\wincom_H8V.exe','32');
DeleteFile('C:\Program Files\mpck\wincom_B4F.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WGXD7KFLAP','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WINCOMB4F','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WINCOMH8V','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WINCOMOFG','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WINCOMPY7','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WINCOMR30','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WINCOMSSW','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WINCOMSYZ','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WINCOMXFL','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\win_en_77','command');
DeleteFile('C:\Program Files\DPower\ZFATRE7492.exe','32');
DeleteFile('C:\ProgramData\service.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Z2JMDDLP28','command');
DeleteFile('C:\ProgramData\RenewalService\Renewal.exe','32');
DeleteFile('C:\Windows\system32\Tasks\Microsoft\Windows\Application Experience\RenewalService','32');
DeleteFile('C:\Windows\system32\Tasks\Plozetherbigudom Host','32');
DeleteFile('C:\Program Files\Diqepy\jedpy.exe','32');
DeleteFile('C:\Windows\system32\Tasks\RegClean Pro','32');
DeleteFile('C:\Windows\system32\Tasks\ReimageUpdater','32');
DeleteFile('C:\Program Files\Reimage\Reimage','32');
DeleteFile('C:\Windows\system32\Tasks\savesenseliveupdatetaskmachinecore','32');
DeleteFile('C:\Windows\system32\Tasks\savesenseliveupdatetaskmachineua','32');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(false);
end.
Будет выполнена перезагрузка компьютера.