Код:
begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
QuarantineFile('C:\Users\USER\AppData\Roaming\mystartsearch\UninstallManager.exe','');
QuarantineFile('C:\Users\USER\AppData\Roaming\Steam\Reversed\steam.exe','');
QuarantineFile('C:\Users\USER\AppData\Roaming\Microsoft\googleupd.exe','');
QuarantineFile('C:\Users\USER\AppData\Local\avayvaxvaa\avayvaxvaa.exe','');
QuarantineFile('C:\Users\USER\AppData\Roaming\VAmvO\QGMK.exe','');
QuarantineFile('C:\Users\USER\AppData\Roaming\PoGAP\8uy6.exe','');
QuarantineFile('C:\Users\USER\AppData\Roaming\MSJfl\7TuH.exe','');
QuarantineFile('C:\Users\USER\AppData\Roaming\GkuBA\IpjU.exe','');
QuarantineFile('C:\Users\USER\AppData\Roaming\D6474BDA\bin.exe','');
QuarantineFile('C:\Users\USER\AppData\Roaming\Browsers\exe.resworb.bat','');
QuarantineFile('C:\Users\USER\AppData\Roaming\Browsers\exe.erolpxei.bat','');
QuarantineFile('C:\Users\USER\AppData\Local\SmartWeb\SmartWebHelper.exe','');
QuarantineFile('C:\Program Files (x86)\gmsd_ru_148\gmsd_ru_148.exe','');
QuarantineFile('C:\PROGRA~3\msklwb.exe','');
QuarantineFile('C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll','');
QuarantineFile('C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll','');
DeleteFile('C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll','32');
DeleteFile('C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll','32');
DeleteFile('C:\PROGRA~3\msklwb.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run','2218609802');
DeleteFile('C:\Program Files (x86)\gmsd_ru_148\gmsd_ru_148.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\gmsd_ru_148','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SmartWeb','command');
DeleteFile('C:\Users\USER\AppData\Local\SmartWeb\SmartWebHelper.exe','32');
DeleteFile('C:\Users\USER\AppData\Roaming\Browsers\exe.erolpxei.bat','32');
DeleteFile('C:\Users\USER\AppData\Roaming\Browsers\exe.resworb.bat','32');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','D6474BDA');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Ij0','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\7ug','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\8yZ','command');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QMm','command');
DeleteFile('C:\Users\USER\AppData\Roaming\D6474BDA\bin.exe','32');
DeleteFile('C:\Users\USER\AppData\Roaming\GkuBA\IpjU.exe','32');
DeleteFile('C:\Users\USER\AppData\Roaming\MSJfl\7TuH.exe','32');
DeleteFile('C:\Users\USER\AppData\Roaming\PoGAP\8uy6.exe','32');
DeleteFile('C:\Users\USER\AppData\Roaming\VAmvO\QGMK.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Desktop Service','command');
DeleteFile('C:\Windows\system32\config\SYSTEM~1\AppData\Roaming\Microsoft\winMicrosoft.exe','32');
RegKeyParamDel('HKEY_USERS','.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run','2218609802');
RegKeyParamDel('HKEY_USERS','S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run','2218609802');
DeleteFile('C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe','32');
DeleteFile('C:\Windows\Tasks\APSnotifierPP1.job','64');
DeleteFile('C:\Windows\Tasks\APSnotifierPP2.job','64');
DeleteFile('C:\Windows\Tasks\APSnotifierPP3.job','64');
DeleteFile('C:\Windows\system32\Tasks\APSnotifierPP1','64');
DeleteFile('C:\Windows\system32\Tasks\APSnotifierPP2','64');
DeleteFile('C:\Windows\system32\Tasks\APSnotifierPP3','64');
DeleteFile('C:\Users\USER\AppData\Local\avayvaxvaa\avayvaxvaa.exe','32');
DeleteFile('C:\Windows\system32\Tasks\avayvaxvaa','64');
DeleteFile('C:\Users\USER\AppData\Roaming\Microsoft\googleupd.exe','32');
DeleteFile('C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-1970835742GUI','64');
DeleteFile('C:\Windows\system32\Tasks\SmartWeb Upgrade Trigger Task','64');
DeleteFile('C:\Windows\system32\Tasks\Steam-S-1-8-22-9865GUI','64');
DeleteFile('C:\Users\USER\AppData\Roaming\Steam\Reversed\steam.exe','32');
DeleteFile('C:\Windows\system32\Tasks\{E12D340B-FFCD-4DFE-B09F-C818F07EF883}','64');
DeleteFile('C:\Users\USER\AppData\Roaming\mystartsearch\UninstallManager.exe','32');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
ExecuteREpair(15);
RebootWindows(false);
end.
Компьютер перезагрузится.