Код:
begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
QuarantineFile('G:\autorun.inf','');
QuarantineFile('G:\31\g201a.js','');
QuarantineFile('C:\Program Files (x86)\Super Radio\dc0f8d26-f3e8-43e4-bd4a-68ffeca68922-7.exe','');
QuarantineFile('C:\Program Files (x86)\Super Radio\dc0f8d26-f3e8-43e4-bd4a-68ffeca68922-6.exe','');
QuarantineFile('C:\Program Files (x86)\Super Radio\dc0f8d26-f3e8-43e4-bd4a-68ffeca68922-5.exe','');
QuarantineFile('C:\Program Files (x86)\Super Radio\dc0f8d26-f3e8-43e4-bd4a-68ffeca68922-2.exe','');
QuarantineFile('C:\Program Files (x86)\Super Radio\dc0f8d26-f3e8-43e4-bd4a-68ffeca68922-11.exe','');
QuarantineFile('C:\Users\Администратор\AppData\Roaming\310e\271.js','');
QuarantineFile('C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\7f7.js','');
QuarantineFile('C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\7e.js','');
QuarantineFile('C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\7d7d7.js','');
QuarantineFile('C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\7c7c7.js','');
QuarantineFile('C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\7b7b.js','');
QuarantineFile('C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\7a7a.js','');
QuarantineFile('C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\7979.js','');
QuarantineFile('C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\787.js','');
QuarantineFile('C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\775a7.js','');
QuarantineFile('C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\765a7.js','');
QuarantineFile('C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\73737.js','');
QuarantineFile('C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\735a.js','');
QuarantineFile('C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\7272.js','');
QuarantineFile('C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\725.js','');
QuarantineFile('C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\71597.js','');
QuarantineFile('C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\715.js','');
QuarantineFile('C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\705.js','');
QuarantineFile('C:\Program Files\2e06\2f.js','');
QuarantineFile('c:\program files (x86)\baidu\spark\sparkservice.exe','');
TerminateProcessByName('c:\program files (x86)\super radio\dc0f8d26-f3e8-43e4-bd4a-68ffeca68922-6.exe');
QuarantineFile('c:\program files (x86)\super radio\dc0f8d26-f3e8-43e4-bd4a-68ffeca68922-6.exe','');
DeleteFile('c:\program files (x86)\super radio\dc0f8d26-f3e8-43e4-bd4a-68ffeca68922-6.exe','32');
DeleteFile('C:\Program Files\2e06\2f.js','32');
DeleteFile('C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\705.js','32');
DeleteFile('C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\715.js','32');
DeleteFile('C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\71597.js','32');
DeleteFile('C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\725.js','32');
DeleteFile('C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\7272.js','32');
DeleteFile('C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\735a.js','32');
DeleteFile('C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\73737.js','32');
DeleteFile('C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\765a7.js','32');
DeleteFile('C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\775a7.js','32');
DeleteFile('C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\787.js','32');
DeleteFile('C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\7979.js','32');
DeleteFile('C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\7a7a.js','32');
DeleteFile('C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\7b7b.js','32');
DeleteFile('C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\7c7c7.js','32');
DeleteFile('C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\7d7d7.js','32');
DeleteFile('C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\7e.js','32');
DeleteFile('C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\7f7.js','32');
DeleteFile('C:\Users\Администратор\AppData\Roaming\310e\271.js','32');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','271');
DeleteFile('C:\Windows\Tasks\dc0f8d26-f3e8-43e4-bd4a-68ffeca68922-1.job','64');
DeleteFile('C:\Program Files (x86)\Super Radio\dc0f8d26-f3e8-43e4-bd4a-68ffeca68922-11.exe','32');
DeleteFile('C:\Windows\Tasks\dc0f8d26-f3e8-43e4-bd4a-68ffeca68922-11.job','64');
DeleteFile('C:\Windows\Tasks\dc0f8d26-f3e8-43e4-bd4a-68ffeca68922-2.job','64');
DeleteFile('C:\Program Files (x86)\Super Radio\dc0f8d26-f3e8-43e4-bd4a-68ffeca68922-2.exe','32');
DeleteFile('C:\Program Files (x86)\Super Radio\dc0f8d26-f3e8-43e4-bd4a-68ffeca68922-5.exe','32');
DeleteFile('C:\Windows\Tasks\dc0f8d26-f3e8-43e4-bd4a-68ffeca68922-5.job','64');
DeleteFile('C:\Windows\Tasks\dc0f8d26-f3e8-43e4-bd4a-68ffeca68922-5_user.job','64');
DeleteFile('C:\Program Files (x86)\Super Radio\dc0f8d26-f3e8-43e4-bd4a-68ffeca68922-6.exe','32');
DeleteFile('C:\Windows\Tasks\dc0f8d26-f3e8-43e4-bd4a-68ffeca68922-6.job','64');
DeleteFile('C:\Windows\Tasks\dc0f8d26-f3e8-43e4-bd4a-68ffeca68922-7.job','64');
DeleteFile('C:\Program Files (x86)\Super Radio\dc0f8d26-f3e8-43e4-bd4a-68ffeca68922-7.exe','32');
DeleteFile('C:\Windows\system32\Tasks\dc0f8d26-f3e8-43e4-bd4a-68ffeca68922-1','64');
DeleteFile('C:\Windows\system32\Tasks\dc0f8d26-f3e8-43e4-bd4a-68ffeca68922-11','64');
DeleteFile('C:\Windows\system32\Tasks\dc0f8d26-f3e8-43e4-bd4a-68ffeca68922-2','64');
DeleteFile('C:\Windows\system32\Tasks\dc0f8d26-f3e8-43e4-bd4a-68ffeca68922-5','64');
DeleteFile('C:\Windows\system32\Tasks\dc0f8d26-f3e8-43e4-bd4a-68ffeca68922-6','64');
DeleteFile('C:\Windows\system32\Tasks\dc0f8d26-f3e8-43e4-bd4a-68ffeca68922-7','64');
DeleteFile('G:\31\g201a.js','32');
DeleteFile('G:\autorun.inf','32');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(false);
end.
Компьютер перезагрузится.