Код:
begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
QuarantineFile('C:\Users\пк\AppData\Roaming\sweet-page\UninstallManager.exe','');
QuarantineFile('C:\Users\пк\AppData\Roaming\DVOUUW.exe','');
QuarantineFile('C:\Users\7349~1\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE','');
QuarantineFile('C:\Program Files\HD Cinema Plus 1.7V18.03\cc8a6558-d476-402a-8829-4daf1a75bd83-7.exe','');
QuarantineFile('C:\Program Files\HD Cinema Plus 1.7V18.03\cc8a6558-d476-402a-8829-4daf1a75bd83-6.exe','');
QuarantineFile('C:\Program Files\HD Cinema Plus 1.7V18.03\cc8a6558-d476-402a-8829-4daf1a75bd83-5.exe','');
QuarantineFile('C:\Program Files\HD Cinema Plus 1.7V18.03\cc8a6558-d476-402a-8829-4daf1a75bd83-3.exe','');
QuarantineFile('C:\Program Files\HD Cinema Plus 1.7V18.03\cc8a6558-d476-402a-8829-4daf1a75bd83-10.exe','');
QuarantineFile('C:\Program Files\HD Cinema Plus 1.7V18.03\cc8a6558-d476-402a-8829-4daf1a75bd83-1-7.exe','');
QuarantineFile('C:\Program Files\HD Cinema Plus 1.7V18.03\cc8a6558-d476-402a-8829-4daf1a75bd83-1-6.exe','');
DelBHO('{C2E457DF-8763-E594-F971-6AC8F5FC0F8D}');
QuarantineFile('C:\Program Files\ver3BlockAndSurf\190.dll','');
QuarantineFile('C:\Users\пк\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\directxwebpack.exe','');
QuarantineFile('C:\Users\пк\AppData\Roaming\Browsers\exe.erolpxei.bat','');
QuarantineFile('C:\Users\пк\AppData\Roaming\Browsers\exe.emorhc.bat','');
QuarantineFile('C:\Users\пк\AppData\Local\QuickScriptWinsock\RgFltX86.sys','');
QuarantineFile('C:\Users\пк\AppData\Local\ClipboardNetTooltip\RegFltrX86.sys','');
DeleteService('RgFltX86');
SetServiceStart('RegFltrX86', 4);
DeleteService('RegFltrX86');
SetServiceStart('{b40efc75-ad36-4607-9465-eb41963e9c42}w', 4);
DeleteService('{b40efc75-ad36-4607-9465-eb41963e9c42}w');
SetServiceStart('webTinstMKTN', 4);
DeleteService('webTinstMKTN');
QuarantineFile('C:\Users\пк\AppData\Local\4B435451-1425919804-3031-4631-14DAE9651559\insj8806.tmp','');
QuarantineFile('C:\Users\пк\AppData\Local\SyntaxThumbnailTrash\SyntaxThumbnailTrash.exe','');
QuarantineFile('C:\Users\пк\AppData\Local\RawRuntimeScript\RawRuntimeScript.exe','');
QuarantineFile('C:\Users\пк\AppData\Local\QuickScriptWinsock\QuickScriptWinsock.exe','');
QuarantineFile('C:\Users\пк\AppData\Local\PirritSuggestor\PirritService.exe','');
DeleteService('telivebo');
DeleteService('SyntaxThumbnailTrash.exe');
DeleteService('RawRuntimeScript.exe');
DeleteService('QuickScriptWinsock.exe');
DeleteService('PirritDesktop');
QuarantineFile('C:\Users\пк\AppData\Local\4B435451-1425917512-3031-4631-14DAE9651559\cnsk2A8C.tmp','');
DeleteService('gibotiti');
QuarantineFile('C:\Users\пк\AppData\Local\cfee4aefa763bf39136cb5d44702914a\12239be39a2330d.exe','');
QuarantineFile('C:\Users\пк\AppData\Local\535c924df3f17ea1267bf57b496421d7\4e0c98bfd416af5.exe','');
QuarantineFile('C:\Users\пк\AppData\Local\899c1c8a781f99a484216fa7c9addd7f\a787850733ed11b.exe','');
QuarantineFile('C:\Users\пк\AppData\Local\ContextualDesktopOCR\ContextualDesktopOCR.exe','');
QuarantineFile('C:\Users\пк\AppData\Local\encondingmcx2filter_86\encondingmcx2filter_86.exe','');
DeleteService('encondingmcx2filter_86.exe');
DeleteService('ContextualDesktopOCR.exe');
DeleteService('a787850733ed11b.exe');
DeleteService('4e0c98bfd416af5.exe');
DeleteService('12239be39a2330d.exe');
SetServiceStart('wauctla Service', 4);
DeleteService('wauctla Service');
SetServiceStart('vyfesyzy', 4);
DeleteService('vyfesyzy');
SetServiceStart('Task Manager Pro', 4);
DeleteService('Task Manager Pro');
SetServiceStart('kernelosx86.exe', 4);
DeleteService('kernelosx86.exe');
SetServiceStart('jidybopi', 4);
DeleteService('jidybopi');
SetServiceStart('interpretermshtmlx86', 4);
DeleteService('interpretermshtmlx86');
SetServiceStart('iexplore', 4);
DeleteService('iexplore');
SetServiceStart('IePluginService', 4);
DeleteService('IePluginService');
SetServiceStart('GamesRS', 4);
DeleteService('GamesRS');
QuarantineFile('C:\Program Files\IGS\BasementDuster.exe','');
SetServiceStart('BasementDuster', 4);
DeleteService('BasementDuster');
QuarantineFile('C:\Windows\system32\drivers\{b40efc75-ad36-4607-9465-eb41963e9c42}w.sys','');
QuarantineFile('C:\Windows\system32\Drivers\webTinstMKTN.sys','');
QuarantineFile('C:\Program Files\IGS\BasementDusterCert.dll','');
TerminateProcessByName('c:\windows\wauctla.exe');
QuarantineFile('c:\windows\wauctla.exe','');
TerminateProcessByName('c:\users\пк\appdata\local\gmsd_ru_157\upgmsd_ru_157.exe');
QuarantineFile('c:\users\пк\appdata\local\gmsd_ru_157\upgmsd_ru_157.exe','');
TerminateProcessByName('c:\windows\taskmgr.exe');
QuarantineFile('c:\windows\taskmgr.exe','');
TerminateProcessByName('c:\users\пк\appdata\local\4b435451-1425917526-3031-4631-14dae9651559\snsa62f8.tmp');
QuarantineFile('c:\users\пк\appdata\local\4b435451-1425917526-3031-4631-14dae9651559\snsa62f8.tmp','');
TerminateProcessByName('c:\users\пк\appdata\local\smartweb\smartwebapp.exe');
QuarantineFile('c:\users\пк\appdata\local\smartweb\smartwebapp.exe','');
TerminateProcessByName('c:\programdata\iepluginservice\pluginservice.exe');
QuarantineFile('c:\programdata\iepluginservice\pluginservice.exe','');
TerminateProcessByName('c:\users\пк\appdata\roaming\4b435451-1425902836-3031-4631-14dae9651559\nsd399e.tmpfs');
QuarantineFile('c:\users\пк\appdata\roaming\4b435451-1425902836-3031-4631-14dae9651559\nsd399e.tmpfs','');
TerminateProcessByName('c:\users\пк\appdata\local\kernelosx86\kernelosx86.exe');
QuarantineFile('c:\users\пк\appdata\local\kernelosx86\kernelosx86.exe','');
QuarantineFile('c:\program files\jokerads\jokerads_updater_service.exe','');
QuarantineFile('c:\program files\jokerads\jokerads.exe','');
TerminateProcessByName('c:\users\пк\appdata\roaming\4b435451-1425902836-3031-4631-14dae9651559\jnsd72ec.tmp');
QuarantineFile('c:\users\пк\appdata\roaming\4b435451-1425902836-3031-4631-14dae9651559\jnsd72ec.tmp','');
TerminateProcessByName('c:\windows\system32\interpretermshtmlx86\interpretermshtmlx86.exe');
QuarantineFile('c:\windows\system32\interpretermshtmlx86\interpretermshtmlx86.exe','');
TerminateProcessByName('c:\windows\system32\iexplore\iexplore.exe');
QuarantineFile('c:\windows\system32\iexplore\iexplore.exe','');
TerminateProcessByName('c:\program files\gamesrs\gupdater.exe');
QuarantineFile('c:\program files\gamesrs\gupdater.exe','');
TerminateProcessByName('c:\program files\gmsd_ru_157\gmsd_ru_157.exe');
QuarantineFile('c:\program files\gmsd_ru_157\gmsd_ru_157.exe','');
TerminateProcessByName('c:\users\пк\appdata\local\kernelosx86\firmwaremysqlapi.exe');
QuarantineFile('c:\users\пк\appdata\local\kernelosx86\firmwaremysqlapi.exe','');
TerminateProcessByName('c:\program files\edealspop\edealspop.exe');
QuarantineFile('c:\program files\edealspop\edealspop.exe','');
TerminateProcessByName('c:\program files\edealpop\edealpop.exe');
QuarantineFile('c:\program files\edealpop\edealpop.exe','');
TerminateProcessByName('c:\program files\hd cinema plus 1.7v18.03\cc8a6558-d476-402a-8829-4daf1a75bd83-6.exe');
QuarantineFile('c:\program files\hd cinema plus 1.7v18.03\cc8a6558-d476-402a-8829-4daf1a75bd83-6.exe','');
TerminateProcessByName('c:\program files\hd cinema plus 1.7v18.03\cc8a6558-d476-402a-8829-4daf1a75bd83-1-6.exe');
QuarantineFile('c:\program files\hd cinema plus 1.7v18.03\cc8a6558-d476-402a-8829-4daf1a75bd83-1-6.exe','');
TerminateProcessByName('c:\program files\igs\basementduster.exe');
QuarantineFile('c:\program files\igs\basementduster.exe','');
DeleteFile('c:\program files\igs\basementduster.exe','32');
DeleteFile('c:\program files\hd cinema plus 1.7v18.03\cc8a6558-d476-402a-8829-4daf1a75bd83-1-6.exe','32');
DeleteFile('c:\program files\hd cinema plus 1.7v18.03\cc8a6558-d476-402a-8829-4daf1a75bd83-6.exe','32');
DeleteFile('c:\program files\edealpop\edealpop.exe','32');
DeleteFile('c:\program files\edealspop\edealspop.exe','32');
DeleteFile('c:\users\пк\appdata\local\kernelosx86\firmwaremysqlapi.exe','32');
DeleteFile('c:\program files\gmsd_ru_157\gmsd_ru_157.exe','32');
DeleteFile('c:\program files\gamesrs\gupdater.exe','32');
DeleteFile('c:\windows\system32\iexplore\iexplore.exe','32');
DeleteFile('c:\windows\system32\interpretermshtmlx86\interpretermshtmlx86.exe','32');
DeleteFile('c:\users\пк\appdata\roaming\4b435451-1425902836-3031-4631-14dae9651559\jnsd72ec.tmp','32');
DeleteFile('c:\users\пк\appdata\local\kernelosx86\kernelosx86.exe','32');
DeleteFile('c:\users\пк\appdata\roaming\4b435451-1425902836-3031-4631-14dae9651559\nsd399e.tmpfs','32');
DeleteFile('c:\programdata\iepluginservice\pluginservice.exe','32');
DeleteFile('c:\users\пк\appdata\local\smartweb\smartwebapp.exe','32');
DeleteFile('c:\users\пк\appdata\local\4b435451-1425917526-3031-4631-14dae9651559\snsa62f8.tmp','32');
DeleteFile('c:\windows\taskmgr.exe','32');
DeleteFile('c:\users\пк\appdata\local\gmsd_ru_157\upgmsd_ru_157.exe','32');
DeleteFile('c:\windows\wauctla.exe','32');
DeleteFile('C:\Program Files\IGS\BasementDusterCert.dll','32');
DeleteFile('C:\Windows\system32\Drivers\webTinstMKTN.sys','32');
DeleteFile('C:\Windows\system32\drivers\{b40efc75-ad36-4607-9465-eb41963e9c42}w.sys','32');
DeleteFile('C:\Program Files\IGS\BasementDuster.exe','32');
DeleteFile('C:\Users\пк\AppData\Local\encondingmcx2filter_86\encondingmcx2filter_86.exe','32');
DeleteFile('C:\Users\пк\AppData\Local\ContextualDesktopOCR\ContextualDesktopOCR.exe','32');
DeleteFile('C:\Users\пк\AppData\Local\899c1c8a781f99a484216fa7c9addd7f\a787850733ed11b.exe','32');
DeleteFile('C:\Users\пк\AppData\Local\535c924df3f17ea1267bf57b496421d7\4e0c98bfd416af5.exe','32');
DeleteFile('C:\Users\пк\AppData\Local\cfee4aefa763bf39136cb5d44702914a\12239be39a2330d.exe','32');
DeleteFile('C:\Users\пк\AppData\Local\4B435451-1425917512-3031-4631-14DAE9651559\cnsk2A8C.tmp','32');
DeleteFile('C:\Users\пк\AppData\Local\PirritSuggestor\PirritService.exe','32');
DeleteFile('C:\Users\пк\AppData\Local\QuickScriptWinsock\QuickScriptWinsock.exe','32');
DeleteFile('C:\Users\пк\AppData\Local\RawRuntimeScript\RawRuntimeScript.exe','32');
DeleteFile('C:\Users\пк\AppData\Local\SyntaxThumbnailTrash\SyntaxThumbnailTrash.exe','32');
DeleteFile('C:\Users\пк\AppData\Local\4B435451-1425919804-3031-4631-14DAE9651559\insj8806.tmp','32');
DeleteFile('C:\Users\пк\AppData\Local\ClipboardNetTooltip\RegFltrX86.sys','32');
DeleteFile('C:\Users\пк\AppData\Local\QuickScriptWinsock\RgFltX86.sys','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','gmsd_ru_157');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','eDealsPop');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','eDealPop');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\RunOnce','upgmsd_ru_157.exe');
DeleteFile('C:\Users\пк\AppData\Roaming\Browsers\exe.emorhc.bat','32');
DeleteFile('C:\Users\пк\AppData\Roaming\Browsers\exe.erolpxei.bat','32');
DeleteFile('C:\Users\пк\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\directxwebpack.exe','32');
DeleteFile('C:\Program Files\ver3BlockAndSurf\190.dll','32');
DeleteFile('C:\Program Files\HD Cinema Plus 1.7V18.03\cc8a6558-d476-402a-8829-4daf1a75bd83-1-6.exe','32');
DeleteFile('C:\Windows\Tasks\cc8a6558-d476-402a-8829-4daf1a75bd83-1-6.job','32');
DeleteFile('C:\Program Files\HD Cinema Plus 1.7V18.03\cc8a6558-d476-402a-8829-4daf1a75bd83-1-7.exe','32');
DeleteFile('C:\Windows\Tasks\cc8a6558-d476-402a-8829-4daf1a75bd83-1-7.job','32');
DeleteFile('C:\Windows\Tasks\cc8a6558-d476-402a-8829-4daf1a75bd83-10_user.job','32');
DeleteFile('C:\Program Files\HD Cinema Plus 1.7V18.03\cc8a6558-d476-402a-8829-4daf1a75bd83-10.exe','32');
DeleteFile('C:\Program Files\HD Cinema Plus 1.7V18.03\cc8a6558-d476-402a-8829-4daf1a75bd83-3.exe','32');
DeleteFile('C:\Windows\Tasks\cc8a6558-d476-402a-8829-4daf1a75bd83-3.job','32');
DeleteFile('C:\Windows\Tasks\cc8a6558-d476-402a-8829-4daf1a75bd83-5.job','32');
DeleteFile('C:\Program Files\HD Cinema Plus 1.7V18.03\cc8a6558-d476-402a-8829-4daf1a75bd83-5.exe','32');
DeleteFile('C:\Windows\Tasks\cc8a6558-d476-402a-8829-4daf1a75bd83-5_user.job','32');
DeleteFile('C:\Windows\Tasks\cc8a6558-d476-402a-8829-4daf1a75bd83-6.job','32');
DeleteFile('C:\Program Files\HD Cinema Plus 1.7V18.03\cc8a6558-d476-402a-8829-4daf1a75bd83-6.exe','32');
DeleteFile('C:\Program Files\HD Cinema Plus 1.7V18.03\cc8a6558-d476-402a-8829-4daf1a75bd83-7.exe','32');
DeleteFile('C:\Windows\Tasks\cc8a6558-d476-402a-8829-4daf1a75bd83-7.job','32');
DeleteFile('C:\Windows\Tasks\Digital Sites.job','32');
DeleteFile('C:\Users\7349~1\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE','32');
DeleteFile('C:\Users\пк\AppData\Roaming\DVOUUW.exe','32');
DeleteFile('C:\Windows\Tasks\DVOUUW.job','32');
DeleteFile('C:\Windows\system32\Tasks\cc8a6558-d476-402a-8829-4daf1a75bd83-1-6','32');
DeleteFile('C:\Windows\system32\Tasks\cc8a6558-d476-402a-8829-4daf1a75bd83-1-7','32');
DeleteFile('C:\Windows\system32\Tasks\cc8a6558-d476-402a-8829-4daf1a75bd83-3','32');
DeleteFile('C:\Windows\system32\Tasks\cc8a6558-d476-402a-8829-4daf1a75bd83-5','32');
DeleteFile('C:\Windows\system32\Tasks\cc8a6558-d476-402a-8829-4daf1a75bd83-6','32');
DeleteFile('C:\Windows\system32\Tasks\cc8a6558-d476-402a-8829-4daf1a75bd83-7','32');
DeleteFile('C:\Windows\system32\Tasks\Digital Sites','32');
DeleteFile('C:\Users\пк\AppData\Roaming\sweet-page\UninstallManager.exe','32');
DeleteFile('C:\Windows\system32\Tasks\{5D31CF2D-F738-4A6D-A948-7C9C67689F61}','32');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
ExecuteREpair(13);
RebootWindows(false);
end.
Компьютер перезагрузится.