Код:
begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.'+#13#10+'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(true);
end;
ClearQuarantine;
TerminateProcessByName('c:\program files (x86)\termtutor\service\ttsvc.exe');
TerminateProcessByName('c:\users\ДенискА\appdata\roaming\ssleas.exe');
TerminateProcessByName('c:\windows\eoqzkylnnw.exe');
TerminateProcessByName('c:\programdata\windows\csrss.exe');
TerminateProcessByName('c:\users\ДенискА\appdata\roaming\cppredistx86.exe');
TerminateProcessByName('C:\Users\ДенискА\AppData\Roaming\Microsoft\Windows\IEUpdate\at.exe');
SetServiceStart('{facdc9f6-60e8-45b2-8807-bf1a7548ccda}w64', 4);
SetServiceStart('{9edd0ea8-2819-47c2-8320-b007d5996f8a}w64', 4);
SetServiceStart('{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64', 4);
SetServiceStart('{55685567-4840-4a91-962b-49a412e9485a}w64', 4);
SetServiceStart('ttnfd', 4);
SetServiceStart('WindowsMangerProtect', 4);
SetServiceStart('ttsvc', 4);
SetServiceStart('IePluginServices', 4);
SetServiceStart('eoqzkylnnw', 4);
StopService('{facdc9f6-60e8-45b2-8807-bf1a7548ccda}w64');
StopService('{9edd0ea8-2819-47c2-8320-b007d5996f8a}w64');
StopService('{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64');
StopService('{55685567-4840-4a91-962b-49a412e9485a}w64');
StopService('ttnfd');
StopService('WindowsMangerProtect');
StopService('ttsvc');
StopService('IePluginServices');
StopService('eoqzkylnnw');
QuarantineFile('C:\systemhost\24FC2AE3A0C.exe','');
QuarantineFile('C:\PROGRA~2\SupTab\SEARCH~2.DLL','');
QuarantineFile('C:\PROGRA~2\SupTab\SEARCH~1.DLL','');
QuarantineFile('C:\Windows\system32\drivers\ttnfd.sys','');
QuarantineFile('C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe','');
QuarantineFile('C:\ProgramData\IePluginServices\PluginService.exe','');
QuarantineFile('C:\Windows\system32\drivers\{fef7f75c-f985-4250-96f9-8183cd04238b}w64.sys','');
QuarantineFile('C:\Windows\system32\drivers\{facdc9f6-60e8-45b2-8807-bf1a7548ccda}w64.sys','');
QuarantineFile('C:\Windows\system32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}w64.sys','');
QuarantineFile('C:\Windows\system32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys','');
QuarantineFile('C:\Windows\system32\drivers\{55685567-4840-4a91-962b-49a412e9485a}w64.sys','');
QuarantineFile('c:\program files (x86)\termtutor\service\ttsvc.exe','');
QuarantineFile('c:\users\ДенискА\appdata\roaming\ssleas.exe','');
QuarantineFile('c:\windows\eoqzkylnnw.exe','');
QuarantineFile('c:\programdata\windows\csrss.exe','');
QuarantineFile('c:\users\ДенискА\appdata\roaming\cppredistx86.exe','');
QuarantineFile('C:\Users\ДенискА\AppData\Roaming\Microsoft\Windows\IEUpdate\at.exe','');
DeleteFile('C:\Users\ДенискА\AppData\Roaming\Microsoft\Windows\IEUpdate\at.exe','32');
DeleteFile('c:\windows\eoqzkylnnw.exe','32');
DeleteFile('c:\users\ДенискА\appdata\roaming\ssleas.exe','32');
DeleteFile('C:\Windows\system32\drivers\{55685567-4840-4a91-962b-49a412e9485a}w64.sys','32');
DeleteFile('C:\Windows\system32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys','32');
DeleteFile('C:\Windows\system32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}w64.sys','32');
DeleteFile('C:\Windows\system32\drivers\{facdc9f6-60e8-45b2-8807-bf1a7548ccda}w64.sys','32');
DeleteFile('C:\Windows\system32\drivers\{fef7f75c-f985-4250-96f9-8183cd04238b}w64.sys','32');
DeleteFile('C:\ProgramData\IePluginServices\PluginService.exe','32');
DeleteFile('C:\Program Files (x86)\TermTutor\Service\ttsvc.exe','32');
DeleteFile('C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe','32');
DeleteFile('C:\Windows\system32\drivers\ttnfd.sys','32');
DeleteFile('C:\PROGRA~2\SupTab\SEARCH~1.DLL','32');
DeleteFile('C:\PROGRA~2\SupTab\SEARCH~2.DLL','32');
DeleteFile('C:\ProgramData\Windows\csrss.exe','32');
DeleteFile('C:\Users\ДенискА\AppData\Roaming\cppredistx86.exe','32');
DeleteFile('C:\Windows\Tasks\PC SpeedUp Service Deactivator.job','64');
DeleteFile('C:\Windows\Tasks\UpdaterEX.job','64');
DeleteFile('C:\Windows\system32\Tasks\PC SpeedUp Service Deactivator','64');
DeleteFile('C:\Windows\system32\Tasks\UpdaterEX','64');
DeleteFile('C:\Windows\system32\Tasks\Yahoo! Search','64');
DeleteFile('C:\Windows\system32\Tasks\Yahoo! Search Udpater','64');
DeleteFile('C:\systemhost\24FC2AE3A0C.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','mobilegeni daemon');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','Client Server Runtime Subsystem');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','MailRuUpdater');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','Yahoo! Search');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','at');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\RunOnce','at');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Command Processor','AutoRun');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Command Processor\','Autorun');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Policies\Explorer','Run');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','Microsoft Visual C++ 2010');
DeleteService('{facdc9f6-60e8-45b2-8807-bf1a7548ccda}w64');
DeleteService('{9edd0ea8-2819-47c2-8320-b007d5996f8a}w64');
DeleteService('{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64');
DeleteService('{55685567-4840-4a91-962b-49a412e9485a}w64');
DeleteService('ttnfd');
DeleteService('WindowsMangerProtect');
DeleteService('ttsvc');
DeleteService('IePluginServices');
DeleteService('eoqzkylnnw');
DeleteFileMask('C:\systemhost', '*', true, ' ');
DeleteDirectory('C:\systemhost');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(false);
end.