Код:
begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
QuarantineFile('C:\Users\ййй\AppData\Local\ScheduleCD\ScheduleCD.exe','');
DelBHO('{2e32cfe5-df92-4ae5-b0be-609ed0df74a6}');
DelBHO('{4a63d2ad-2742-45ec-bf96-f1f4cb1da0ba}');
DelBHO('{d76cf2de-a452-479b-9a8c-acdeea985b9b}');
DelBHO('{ff564a0b-2671-4f7f-ad6a-4b4684578627}');
QuarantineFile('C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release458\ie\RichMediaViewV1release458.dll','');
QuarantineFile('C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode736\ie\MediaBuzzV1mode736.dll','');
QuarantineFile('C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home510\ie\MediaWatchV1home510.dll','');
QuarantineFile('C:\Program Files (x86)\SaveSense\SaveSenseIE.dll','');
QuarantineFile('C:\Users\ййй\AppData\Roaming\064AD828\bin.exe','');
QuarantineFile('C:\Users\ййй\AppData\Local\Schedule\Schedule.exe','');
QuarantineFile('C:\Program Files\Zaxar\ZaxarLoader.exe','');
QuarantineFile('C:\windows\system32\drivers\aafseucv.sys','');
QuarantineFile('C:\windows\system32\drivers\bekyinxe.sys','');
QuarantineFile('C:\windows\system32\drivers\cvybcgni.sys','');
QuarantineFile('C:\windows\system32\drivers\dcwpjfyn.sys','');
QuarantineFile('C:\windows\system32\drivers\fcesrdyu.sys','');
QuarantineFile('C:\windows\system32\drivers\jrnfhlzf.sys','');
QuarantineFile('C:\windows\system32\drivers\lhrgbckl.sys','');
QuarantineFile('C:\windows\system32\drivers\lsckcvvx.sys','');
QuarantineFile('C:\windows\system32\drivers\nnppyswt.sys','');
QuarantineFile('C:\windows\system32\drivers\nugtriyv.sys','');
QuarantineFile('C:\windows\system32\drivers\oinaumen.sys','');
QuarantineFile('C:\windows\system32\drivers\qcfnvhzi.sys','');
QuarantineFile('C:\windows\system32\drivers\rrzucqjf.sys','');
QuarantineFile('C:\windows\system32\Drivers\utqwotiz.sys','');
QuarantineFile('C:\windows\system32\drivers\wgpydhgb.sys','');
DeleteService('wgpydhgb');
DeleteService('utqwotiz');
DeleteService('rrzucqjf');
DeleteService('qcfnvhzi');
DeleteService('oinaumen');
DeleteService('nugtriyv');
DeleteService('nnppyswt');
DeleteService('lsckcvvx');
DeleteService('lhrgbckl');
DeleteService('jrnfhlzf');
DeleteService('fcesrdyu');
DeleteService('dcwpjfyn');
DeleteService('cvybcgni');
DeleteService('bekyinxe');
DeleteService('aafseucv');
TerminateProcessByName('c:\programdata\windows\csrss.exe');
QuarantineFile('c:\programdata\windows\csrss.exe','');
DeleteFile('c:\programdata\windows\csrss.exe','32');
DeleteFile('C:\windows\system32\drivers\wgpydhgb.sys','32');
DeleteFile('C:\windows\system32\Drivers\utqwotiz.sys','32');
DeleteFile('C:\windows\system32\drivers\rrzucqjf.sys','32');
DeleteFile('C:\windows\system32\drivers\qcfnvhzi.sys','32');
DeleteFile('C:\windows\system32\drivers\oinaumen.sys','32');
DeleteFile('C:\windows\system32\drivers\nugtriyv.sys','32');
DeleteFile('C:\windows\system32\drivers\nnppyswt.sys','32');
DeleteFile('C:\windows\system32\drivers\lsckcvvx.sys','32');
DeleteFile('C:\windows\system32\drivers\lhrgbckl.sys','32');
DeleteFile('C:\windows\system32\drivers\jrnfhlzf.sys','32');
DeleteFile('C:\windows\system32\drivers\fcesrdyu.sys','32');
DeleteFile('C:\windows\system32\drivers\dcwpjfyn.sys','32');
DeleteFile('C:\windows\system32\drivers\cvybcgni.sys','32');
DeleteFile('C:\windows\system32\drivers\bekyinxe.sys','32');
DeleteFile('C:\windows\system32\drivers\aafseucv.sys','32');
DeleteFile('C:\Program Files\Zaxar\ZaxarLoader.exe','32');
DeleteFile('C:\Users\ййй\AppData\Local\Schedule\Schedule.exe','32');
DeleteFile('C:\Users\ййй\AppData\Roaming\064AD828\bin.exe','32');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','064AD828');
DeleteFile('C:\Program Files (x86)\SaveSense\SaveSenseIE.dll','32');
DeleteFile('C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home510\ie\MediaWatchV1home510.dll','32');
DeleteFile('C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode736\ie\MediaBuzzV1mode736.dll','32');
DeleteFile('C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release458\ie\RichMediaViewV1release458.dll','32');
DeleteFile('C:\Users\ййй\AppData\Local\ScheduleCD\ScheduleCD.exe','32');
DeleteFile('C:\windows\system32\Tasks\Daily Trigger ScheduleCD','64');
DeleteFile('C:\windows\system32\Tasks\LaunchSignup','64');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(false);
end.
Компьютер перезагрузится.