Код:
begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
QuarantineFile('C:\Program Files (x86)\XTab\SupTab.dll','');
QuarantineFile('C:\Users\Бусь\appdata\local\smartweb\swhk.dll','');
QuarantineFile('C:\Users\Бусь\AppData\Roaming\mystartsearch\UninstallManager.exe','');
QuarantineFile('C:\Program Files (x86)\YTDownloader\updater.exe','');
QuarantineFile('C:\PROGRA~1\COMMON~1\System\SysMenu.dll','');
QuarantineFile('C:\Users\Бусь\AppData\Roaming\Gameo\gameo.dat','');
QuarantineFile('C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe','');
DelBHO('{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}');
QuarantineFile('C:\Users\Бусь\AppData\Roaming\Browsers\exe.xoferif.bat','');
QuarantineFile('C:\Users\Бусь\AppData\Roaming\Browsers\exe.resworb.bat','');
QuarantineFile('C:\Users\Бусь\AppData\Roaming\Browsers\exe.erolpxei.bat','');
QuarantineFile('C:\Users\Бусь\AppData\Local\Kometa\Application\kometa.exe','');
QuarantineFile('C:\Windows\system32\drivers\innfd_1_10_0_14.sys','');
DeleteService('lwnfd_1_10_0_14');
DeleteService('innfd_1_10_0_14');
SetServiceStart('{31a2f244-4a67-4367-b593-df9513aea360}Gw64', 4);
DeleteService('{31a2f244-4a67-4367-b593-df9513aea360}Gw64');
SetServiceStart('SPDRIVER_1.42.0.1819', 4);
DeleteService('SPDRIVER_1.42.0.1819');
SetServiceStart('sbmntr', 4);
DeleteService('sbmntr');
SetServiceStart('IHProtect Service', 4);
DeleteService('IHProtect Service');
SetServiceStart('BrsHelper', 4);
DeleteService('BrsHelper');
QuarantineFile('C:\Windows\system32\drivers\{e08fcad9-9d66-45db-b3c2-5d84d4983d6e}Gw64.sys','');
QuarantineFile('C:\Windows\system32\drivers\{31a2f244-4a67-4367-b593-df9513aea360}Gw64.sys','');
QuarantineFile('C:\PROGRA~2\YTDOWN~1\sbmntr.sys','');
QuarantineFile('C:\ProgramData\ShopperPro\ShopperPro.dll','');
TerminateProcessByName('c:\program files (x86)\ytdownloader\ytdownloader.exe');
QuarantineFile('c:\program files (x86)\ytdownloader\ytdownloader.exe','');
TerminateProcessByName('c:\program files (x86)\xtab\protectservice.exe');
QuarantineFile('c:\program files (x86)\xtab\protectservice.exe','');
TerminateProcessByName('c:\users\Бусь\appdata\local\mediaget2\mediaget.exe');
TerminateProcessByName('c:\program files (x86)\shopperpro\jsdriver\1.42.0.1819\jsdrv.exe');
QuarantineFile('c:\program files (x86)\shopperpro\jsdriver\1.42.0.1819\jsdrv.exe','');
TerminateProcessByName('c:\programdata\{4e5cfc52-baa5-b096-4e5c-cfc52baaf14a}\hqghumeaylnlf.exe');
QuarantineFile('c:\programdata\{4e5cfc52-baa5-b096-4e5c-cfc52baaf14a}\hqghumeaylnlf.exe','');
TerminateProcessByName('c:\program files (x86)\crossbrowse\crossbrowse\application\crossbrowse.exe');
QuarantineFile('c:\program files (x86)\crossbrowse\crossbrowse\application\crossbrowse.exe','');
TerminateProcessByName('c:\progra~2\ytdown~1\browse~2.exe');
QuarantineFile('c:\progra~2\ytdown~1\browse~2.exe','');
TerminateProcessByName('c:\progra~2\ytdown~1\browserhelper.exe');
QuarantineFile('c:\progra~2\ytdown~1\browserhelper.exe','');
DeleteFile('c:\progra~2\ytdown~1\browserhelper.exe','32');
DeleteFile('c:\progra~2\ytdown~1\browse~2.exe','32');
DeleteFile('c:\program files (x86)\crossbrowse\crossbrowse\application\crossbrowse.exe','32');
DeleteFile('c:\programdata\{4e5cfc52-baa5-b096-4e5c-cfc52baaf14a}\hqghumeaylnlf.exe','32');
DeleteFile('c:\program files (x86)\shopperpro\jsdriver\1.42.0.1819\jsdrv.exe','32');
DeleteFile('c:\users\Бусь\appdata\local\mediaget2\mediaget.exe','32');
DeleteFile('c:\program files (x86)\xtab\protectservice.exe','32');
DeleteFile('c:\program files (x86)\ytdownloader\ytdownloader.exe','32');
DeleteFile('C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.5.2171.95\chrome.dll','32');
DeleteFile('C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.5.2171.95\chrome_child.dll','32');
DeleteFile('C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.5.2171.95\chrome_elf.dll','32');
DeleteFile('C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.5.2171.95\ffmpegsumo.dll','32');
DeleteFile('C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.5.2171.95\libegl.dll','32');
DeleteFile('C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.5.2171.95\libglesv2.dll','32');
DeleteFile('C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.5.2171.95\pdf.dll','32');
DeleteFile('C:\ProgramData\ShopperPro\ShopperPro.dll','32');
DeleteFile('C:\Users\Бусь\AppData\Local\MediaGet2\icudt53.dll','32');
DeleteFile('C:\Users\Бусь\AppData\Local\MediaGet2\icuin53.dll','32');
DeleteFile('C:\Users\Бусь\AppData\Local\MediaGet2\icuuc53.dll','32');
DeleteFile('C:\Users\Бусь\AppData\Local\MediaGet2\imageformats\qgif.dll','32');
DeleteFile('C:\Users\Бусь\AppData\Local\MediaGet2\imageformats\qjpeg.dll','32');
DeleteFile('C:\Users\Бусь\AppData\Local\MediaGet2\imageformats\qmng.dll','32');
DeleteFile('C:\Users\Бусь\AppData\Local\MediaGet2\LIBEAY32.dll','32');
DeleteFile('C:\Users\Бусь\AppData\Local\MediaGet2\libvlc.dll','32');
DeleteFile('C:\Users\Бусь\AppData\Local\MediaGet2\libvlccore.dll','32');
DeleteFile('C:\Users\Бусь\AppData\Local\MediaGet2\platforms\qwindows.dll','32');
DeleteFile('C:\Users\Бусь\AppData\Local\MediaGet2\plugins\access\libdshow_plugin.dll','32');
DeleteFile('C:\Users\Бусь\AppData\Local\MediaGet2\plugins\audio_output\libdirectsound_plugin.dll','32');
DeleteFile('C:\PROGRA~2\YTDOWN~1\sbmntr.sys','32');
DeleteFile('C:\Windows\system32\drivers\{31a2f244-4a67-4367-b593-df9513aea360}Gw64.sys','32');
DeleteFile('C:\Windows\system32\drivers\{e08fcad9-9d66-45db-b3c2-5d84d4983d6e}Gw64.sys','32');
DeleteFile('C:\Windows\system32\drivers\innfd_1_10_0_14.sys','32');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','GoogleChromeAutoLaunch_C286486E4D4D4FDA7E815CA0534A461A');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','SPDriver');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','SPDriver');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','YTDownloader');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','YTDownloader');
DeleteFile('C:\Users\Бусь\AppData\Local\Kometa\Application\kometa.exe','32');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','KometaAutoLaunch_B87A36CC48B700F824F8EBECACBFAA29');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','MediaGet2');
DeleteFile('C:\Users\Бусь\AppData\Roaming\Browsers\exe.erolpxei.bat','32');
DeleteFile('C:\Users\Бусь\AppData\Roaming\Browsers\exe.resworb.bat','32');
DeleteFile('C:\Users\Бусь\AppData\Roaming\Browsers\exe.xoferif.bat','32');
DeleteFile('C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe','32');
DeleteFile('C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe','32');
DeleteFile('C:\Windows\Tasks\5Mh2VxuOQC6eo6jfzgS.job','64');
DeleteFile('C:\Windows\Tasks\APSnotifierPP1.job','64');
DeleteFile('C:\Windows\Tasks\APSnotifierPP2.job','64');
DeleteFile('C:\Windows\Tasks\APSnotifierPP3.job','64');
DeleteFile('C:\Windows\Tasks\Crossbrowse.job','64');
DeleteFile('C:\Windows\Tasks\sJ0zz5KZuZkpkB6d0rm0bb.job','64');
DeleteFile('C:\Windows\system32\Tasks\APSnotifierPP1','64');
DeleteFile('C:\Windows\system32\Tasks\APSnotifierPP2','64');
DeleteFile('C:\Windows\system32\Tasks\APSnotifierPP3','64');
DeleteFile('C:\Windows\system32\Tasks\gameo_update','64');
DeleteFile('C:\Windows\system32\Tasks\Microsoft\Windows\Maintenance\SMupdate2','64');
DeleteFile('C:\Windows\system32\Tasks\Microsoft\Windows\Multimedia\SMupdate3','64');
DeleteFile('C:\Windows\system32\Tasks\PC Performer Logon Scan','64');
DeleteFile('C:\Windows\system32\Tasks\PC Performer Scheduled Scan','64');
DeleteFile('C:\Users\Бусь\AppData\Roaming\Gameo\gameo.dat','32');
DeleteFile('C:\PROGRA~1\COMMON~1\System\SysMenu.dll','32');
DeleteFile('C:\Program Files (x86)\YTDownloader\updater.exe','32');
DeleteFile('C:\Users\Бусь\AppData\Roaming\mystartsearch\UninstallManager.exe','32');
DeleteFile('C:\Windows\system32\Tasks\ShopperPro','64');
DeleteFile('C:\Windows\system32\Tasks\ShopperProJSUpd','64');
DeleteFile('C:\Windows\system32\Tasks\SMupdate1','64');
DeleteFile('C:\Windows\system32\Tasks\SPDriver','64');
DeleteFile('C:\Windows\system32\Tasks\YTDownloader','64');
DeleteFile('C:\Windows\system32\Tasks\YTDownloaderUpd','64');
DeleteFile('C:\Windows\system32\Tasks\UNELEVATE_4379','64');
DeleteFile('C:\Windows\system32\Tasks\{1D0B0963-27B8-45C0-8C35-8B1B732520BE}','64');
DeleteFile('C:\Users\Бусь\appdata\local\smartweb\swhk.dll','32');
DeleteFile('C:\Program Files (x86)\XTab\SupTab.dll','32');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(false);
end.
Компьютер перезагрузится.