Код:
begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
QuarantineFile('C:\Windows\core.exe','');
QuarantineFile('C:\Windows\cpu.exe','');
QuarantineFile('C:\Windows\cuda.exe','');
QuarantineFile('C:\Windows\proxy.exe','');
QuarantineFile('C:\Users\Леша\AppData\Local\Microsoft\Windows\toolbar.exe','');
QuarantineFile('C:\Users\D10F~1\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE','');
QuarantineFile('C:\Program Files\Microsoft Data\InstallAddons.exe','');
DelBHO('{11263C8C-874C-47DB-A43A-827EC5C325FB}');
DelBHO('{17177FAA-3830-43D3-A70B-FDE532676B1E}');
DelBHO('{1FE48F08-A2AC-44AC-A21C-0556D91C50DA}');
DelBHO('{6CB99040-7828-4C37-AC01-F15758F43E4D}');
DelBHO('{92780B25-18CC-41C8-B9BE-3C9C571A8263}');
DelBHO('{7CE987D5-11B3-44FC-9C3D-03069360D462}');
QuarantineFile('C:\Program Files\TermTutor\IE\TermTutorClientIE.dll','');
QuarantineFile('C:\Program Files\advPlugin\Toolbar32.dll','');
QuarantineFile('C:\Program Files\tooldev342\Weatherbar\TracersToolbarBHO_x86.dll','');
QuarantineFile('C:\Program Files\Аудио и видео скачивание\IE\x86\Downloader.dll','');
QuarantineFile('C:\Program Files\Zaxar\ZaxarLoader.exe','');
QuarantineFile('C:\ProgramData\TimeTasks\TimeTasksSetup.exe','');
QuarantineFile('C:\Users\Леша\AppData\Local\WinnerDM\wdm.exe','');
QuarantineFile('C:\Users\Леша\AppData\Roaming\eTranslator\eTranslator.exe','');
QuarantineFile('C:\Windows\system32\drivers\ttnfd.sys','');
DeleteService('ttnfd');
QuarantineFile('C:\Program Files\Media Saver\Basement\ExtensionUpdaterService.exe','');
QuarantineFile('C:\Program Files\advPlugin\Basement\ExtensionUpdaterService.exe','');
QuarantineFile('C:\Users\D10F~1\AppData\Local\Temp\advPlugin_restartonfail\InstallAfterRebootService0.exe','');
QuarantineFile('C:\Program Files\Media Saver\Basement\MSLSService.exe','');
DeleteService('Update Service for Media Saver');
DeleteService('Update Service for advPlugin');
DeleteService('Rerun service for advPlugin');
DeleteService('MSLSService');
SetServiceStart('ttsvc', 4);
DeleteService('ttsvc');
SetServiceStart('ReimageRealTimeProtector', 4);
DeleteService('ReimageRealTimeProtector');
TerminateProcessByName('c:\program files\termtutor\service\ttsvc.exe');
QuarantineFile('c:\program files\termtutor\service\ttsvc.exe','');
TerminateProcessByName('c:\program files\reimage\reimage protector\reisystem.exe');
QuarantineFile('c:\program files\reimage\reimage protector\reisystem.exe','');
TerminateProcessByName('c:\program files\reimage\reimage protector\reiguard.exe');
QuarantineFile('c:\program files\reimage\reimage protector\reiguard.exe','');
TerminateProcessByName('c:\windows\proxy.exe');
QuarantineFile('c:\windows\proxy.exe','');
TerminateProcessByName('c:\windows\core.exe');
QuarantineFile('c:\windows\core.exe','');
DeleteFile('c:\windows\core.exe','32');
DeleteFile('c:\windows\proxy.exe','32');
DeleteFile('c:\program files\reimage\reimage protector\reiguard.exe','32');
DeleteFile('c:\program files\reimage\reimage protector\reisystem.exe','32');
DeleteFile('c:\program files\termtutor\service\ttsvc.exe','32');
DeleteFile('C:\Program Files\Media Saver\Basement\MSLSService.exe','32');
DeleteFile('C:\Users\D10F~1\AppData\Local\Temp\advPlugin_restartonfail\InstallAfterRebootService0.exe','32');
DeleteFile('C:\Program Files\advPlugin\Basement\ExtensionUpdaterService.exe','32');
DeleteFile('C:\Program Files\Media Saver\Basement\ExtensionUpdaterService.exe','32');
DeleteFile('C:\Windows\system32\drivers\ttnfd.sys','32');
DeleteFile('C:\Users\Леша\AppData\Roaming\eTranslator\eTranslator.exe','32');
DeleteFile('C:\Users\Леша\AppData\Local\WinnerDM\wdm.exe','32');
DeleteFile('C:\ProgramData\TimeTasks\TimeTasksSetup.exe','32');
DeleteFile('C:\Program Files\Zaxar\ZaxarLoader.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HFALoader','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ZaxarLoader','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Timestasks','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WinnerDM','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\eTranslator Update','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ydjpwdpedb','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\voguqylvdp','command');
DeleteFile('C:\Program Files\Аудио и видео скачивание\IE\x86\Downloader.dll','32');
DeleteFile('C:\Program Files\tooldev342\Weatherbar\TracersToolbarBHO_x86.dll','32');
DeleteFile('C:\Program Files\advPlugin\Toolbar32.dll','32');
DeleteFile('C:\Program Files\TermTutor\IE\TermTutorClientIE.dll','32');
DeleteFile('C:\Program Files\Microsoft Data\InstallAddons.exe','32');
DeleteFile('C:\Windows\system32\Tasks\chrome5','32');
DeleteFile('C:\Windows\Tasks\Digital Sites.job','32');
DeleteFile('C:\Users\D10F~1\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE','32');
DeleteFile('C:\Windows\system32\Tasks\chrome5_logon','32');
DeleteFile('C:\Windows\system32\Tasks\Reimage Reminder','32');
DeleteFile('C:\Windows\system32\Tasks\ReimageUpdater','32');
DeleteFile('C:\Windows\system32\Tasks\SystemScript','32');
DeleteFile('C:\Users\Леша\AppData\Local\Microsoft\Windows\toolbar.exe','32');
DeleteFile('C:\Windows\system32\Tasks\UpCH','32');
DeleteFile('C:\Windows\proxy.exe','32');
DeleteFile('C:\Windows\cuda.exe','32');
DeleteFile('C:\Windows\core.exe','32');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(false);
end.
Компьютер перезагрузится.