Код:
begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
QuarantineFile('C:\Program Files\xtab\browerwatchff.dll','');
QuarantineFile('C:\Program Files\xtab\browerwatchch.dll','');
QuarantineFile('C:\Users\user\appdata\roaming\aspackage\aspackage.exe','');
QuarantineFile('C:\Program Files\Torrent Search\P9qQBHj.exe','');
QuarantineFile('C:\Users\user\AppData\Roaming\OqRq3URwggaAnrmlj7yV.exe','');
QuarantineFile('C:\Program Files\globalUpdate\Update\globalupdate.exe','');
QuarantineFile('C:\Program Files\Crossbrowse\Crossbrowse\Application\utility.exe','');
QuarantineFile('C:\Program Files\CinemaPlus-3.2cV21.05\aab72157-141a-4b3a-9bef-b0a5112fd240-7.exe','');
QuarantineFile('C:\Program Files\CinemaPlus-3.2cV21.05\aab72157-141a-4b3a-9bef-b0a5112fd240-6.exe','');
QuarantineFile('C:\Program Files\CinemaPlus-3.2cV21.05\aab72157-141a-4b3a-9bef-b0a5112fd240-5.exe','');
QuarantineFile('C:\Program Files\CinemaPlus-3.2cV21.05\aab72157-141a-4b3a-9bef-b0a5112fd240-3.exe','');
QuarantineFile('C:\Program Files\CinemaPlus-3.2cV21.05\aab72157-141a-4b3a-9bef-b0a5112fd240-10.exe','');
QuarantineFile('C:\Program Files\CinemaPlus-3.2cV21.05\aab72157-141a-4b3a-9bef-b0a5112fd240-1-7.exe','');
QuarantineFile('C:\Program Files\CinemaPlus-3.2cV21.05\aab72157-141a-4b3a-9bef-b0a5112fd240-1-6.exe','');
DelBHO('{6E727987-C8EA-44DA-8749-310C0FBE3C3E}');
DelBHO('{03AE1B7B-A9E7-4D5A-9D34-89999C31B659}');
QuarantineFile('C:\Program Files\Tencent\QQPCMgr\10.9.16349.225\QMUdisk.sys','');
DeleteService('QMUdisk');
SetServiceStart('gerugefu', 4);
DeleteService('gerugefu');
QuarantineFile('C:\Program Files\Torrent Search\IEEF\Interfaces32.dll','');
QuarantineFile('C:\Program Files\Torrent Search\IEEF\4BhGVQRcD6.dll','');
QuarantineFile('C:\Program Files\Crossbrowse\Crossbrowse\Application\39.6.2171.95\chrome_elf.dll','');
QuarantineFile('C:\Program Files\Crossbrowse\Crossbrowse\Application\39.6.2171.95\chrome.dll','');
QuarantineFile('C:\Program Files\CinemaPlus-3.2cV21.05\eb96a415-4fcc-468a-a4f1-5eec85cfb29f.dll','');
TerminateProcessByName('c:\program files\torrent search\ieef\kfmdhhz_st.exe');
QuarantineFile('c:\program files\torrent search\ieef\kfmdhhz_st.exe','');
TerminateProcessByName('c:\program files\crossbrowse\crossbrowse\application\crossbrowse.exe');
QuarantineFile('c:\program files\crossbrowse\crossbrowse\application\crossbrowse.exe','');
TerminateProcessByName('c:\users\user\appdata\local\74f2417f-1432221934-df11-9135-1c75087163b9\cnsxc2d7.tmp');
QuarantineFile('c:\users\user\appdata\local\74f2417f-1432221934-df11-9135-1c75087163b9\cnsxc2d7.tmp','');
TerminateProcessByName('c:\users\user\appdata\local\74f2417f-1432221934-df11-9135-1c75087163b9\ansxc0b4.exe');
QuarantineFile('c:\users\user\appdata\local\74f2417f-1432221934-df11-9135-1c75087163b9\ansxc0b4.exe','');
TerminateProcessByName('c:\program files\cinemaplus-3.2cv21.05\aab72157-141a-4b3a-9bef-b0a5112fd240-6.exe');
QuarantineFile('c:\program files\cinemaplus-3.2cv21.05\aab72157-141a-4b3a-9bef-b0a5112fd240-6.exe','');
TerminateProcessByName('c:\program files\cinemaplus-3.2cv21.05\aab72157-141a-4b3a-9bef-b0a5112fd240-1-6.exe');
QuarantineFile('c:\program files\cinemaplus-3.2cv21.05\aab72157-141a-4b3a-9bef-b0a5112fd240-1-6.exe','');
DeleteFile('c:\program files\cinemaplus-3.2cv21.05\aab72157-141a-4b3a-9bef-b0a5112fd240-1-6.exe','32');
DeleteFile('c:\program files\cinemaplus-3.2cv21.05\aab72157-141a-4b3a-9bef-b0a5112fd240-6.exe','32');
DeleteFile('c:\users\user\appdata\local\74f2417f-1432221934-df11-9135-1c75087163b9\ansxc0b4.exe','32');
DeleteFile('c:\users\user\appdata\local\74f2417f-1432221934-df11-9135-1c75087163b9\cnsxc2d7.tmp','32');
DeleteFile('c:\program files\crossbrowse\crossbrowse\application\crossbrowse.exe','32');
DeleteFile('c:\program files\torrent search\ieef\kfmdhhz_st.exe','32');
DeleteFile('C:\Program Files\CinemaPlus-3.2cV21.05\eb96a415-4fcc-468a-a4f1-5eec85cfb29f.dll','32');
DeleteFile('C:\Program Files\Crossbrowse\Crossbrowse\Application\39.6.2171.95\chrome.dll','32');
DeleteFile('C:\Program Files\Crossbrowse\Crossbrowse\Application\39.6.2171.95\chrome_elf.dll','32');
DeleteFile('C:\Program Files\Torrent Search\IEEF\4BhGVQRcD6.dll','32');
DeleteFile('C:\Program Files\Torrent Search\IEEF\Interfaces32.dll','32');
DeleteFile('C:\Program Files\Tencent\QQPCMgr\10.9.16349.225\QMUdisk.sys','32');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','GoogleChromeAutoLaunch_100535F106431A9BDA15E8895BE69FFB');
DeleteFile('C:\Program Files\CinemaPlus-3.2cV21.05\aab72157-141a-4b3a-9bef-b0a5112fd240-1-6.exe','32');
DeleteFile('C:\Windows\Tasks\aab72157-141a-4b3a-9bef-b0a5112fd240-1-6.job','32');
DeleteFile('C:\Windows\Tasks\aab72157-141a-4b3a-9bef-b0a5112fd240-1-7.job','32');
DeleteFile('C:\Program Files\CinemaPlus-3.2cV21.05\aab72157-141a-4b3a-9bef-b0a5112fd240-1-7.exe','32');
DeleteFile('C:\Program Files\CinemaPlus-3.2cV21.05\aab72157-141a-4b3a-9bef-b0a5112fd240-10.exe','32');
DeleteFile('C:\Windows\Tasks\aab72157-141a-4b3a-9bef-b0a5112fd240-10_user.job','32');
DeleteFile('C:\Program Files\CinemaPlus-3.2cV21.05\aab72157-141a-4b3a-9bef-b0a5112fd240-3.exe','32');
DeleteFile('C:\Program Files\CinemaPlus-3.2cV21.05\aab72157-141a-4b3a-9bef-b0a5112fd240-5.exe','32');
DeleteFile('C:\Windows\Tasks\aab72157-141a-4b3a-9bef-b0a5112fd240-3.job','32');
DeleteFile('C:\Windows\Tasks\aab72157-141a-4b3a-9bef-b0a5112fd240-5.job','32');
DeleteFile('C:\Windows\Tasks\aab72157-141a-4b3a-9bef-b0a5112fd240-5_user.job','32');
DeleteFile('C:\Program Files\CinemaPlus-3.2cV21.05\aab72157-141a-4b3a-9bef-b0a5112fd240-6.exe','32');
DeleteFile('C:\Program Files\CinemaPlus-3.2cV21.05\aab72157-141a-4b3a-9bef-b0a5112fd240-7.exe','32');
DeleteFile('C:\Windows\Tasks\aab72157-141a-4b3a-9bef-b0a5112fd240-7.job','32');
DeleteFile('C:\Windows\Tasks\aab72157-141a-4b3a-9bef-b0a5112fd240-6.job','32');
DeleteFile('C:\Program Files\Crossbrowse\Crossbrowse\Application\utility.exe','32');
DeleteFile('C:\Windows\Tasks\Crossbrowse.job','32');
DeleteFile('C:\Program Files\globalUpdate\Update\globalupdate.exe','32');
DeleteFile('C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job','32');
DeleteFile('C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job','32');
DeleteFile('C:\Windows\Tasks\OqRq3URwggaAnrmlj7yV.job','32');
DeleteFile('C:\Users\user\AppData\Roaming\OqRq3URwggaAnrmlj7yV.exe','32');
DeleteFile('C:\Program Files\Torrent Search\P9qQBHj.exe','32');
DeleteFile('C:\Windows\Tasks\Update Service for Torrent Search.job','32');
DeleteFile('C:\Windows\Tasks\Update Service for Torrent Search2.job','32');
DeleteFile('C:\Windows\system32\Tasks\aab72157-141a-4b3a-9bef-b0a5112fd240-1-6','32');
DeleteFile('C:\Windows\system32\Tasks\aab72157-141a-4b3a-9bef-b0a5112fd240-1-7','32');
DeleteFile('C:\Windows\system32\Tasks\aab72157-141a-4b3a-9bef-b0a5112fd240-10_user','32');
DeleteFile('C:\Windows\system32\Tasks\aab72157-141a-4b3a-9bef-b0a5112fd240-3','32');
DeleteFile('C:\Windows\system32\Tasks\aab72157-141a-4b3a-9bef-b0a5112fd240-5','32');
DeleteFile('C:\Windows\system32\Tasks\aab72157-141a-4b3a-9bef-b0a5112fd240-5_user','32');
DeleteFile('C:\Windows\system32\Tasks\aab72157-141a-4b3a-9bef-b0a5112fd240-6','32');
DeleteFile('C:\Windows\system32\Tasks\aab72157-141a-4b3a-9bef-b0a5112fd240-7','32');
DeleteFile('C:\Windows\system32\Tasks\Crossbrowse','32');
DeleteFile('C:\Windows\system32\Tasks\globalUpdateUpdateTaskMachineCore','32');
DeleteFile('C:\Windows\system32\Tasks\globalUpdateUpdateTaskMachineUA','32');
DeleteFile('C:\Windows\system32\Tasks\OqRq3URwggaAnrmlj7yV','32');
DeleteFile('C:\Windows\system32\Tasks\Update Service for Torrent Search','32');
DeleteFile('C:\Windows\system32\Tasks\Update Service for Torrent Search2','32');
DeleteFile('C:\Users\user\appdata\roaming\aspackage\aspackage.exe','32');
DeleteFile('C:\Program Files\xtab\browerwatchch.dll','32');
DeleteFile('C:\Program Files\xtab\browerwatchff.dll','32');
DeleteFile('C:\Users\user\AppData\Local\Temp\nsxD7E8.tmp\blowfish.dll','32');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(false);
end.
Компьютер перезагрузится.