Код:
begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
QuarantineFile('C:\Users\FireLight\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.15.4\dsrsetup.exe','');
QuarantineFile('C:\Users\FireLight\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.15.4\dsrlte.exe','');
QuarantineFile('C:\Users\FireLight\AppData\Roaming\Gameo\gameo.exe','');
QuarantineFile('C:\Users\FIRELI~1\AppData\Roaming\WSE_LA~1\UPDATE~1\UPDATE~1.EXE','');
QuarantineFile('C:\Users\FIRELI~1\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE','');
QuarantineFile('C:\Program Files (x86)\MediaPlayerplus\f3f0858e-82fc-41a9-afa1-4fa3e3eb766f-4.exe','');
QuarantineFile('C:\Program Files (x86)\MediaPlayerplus\f3f0858e-82fc-41a9-afa1-4fa3e3eb766f-3.exe','');
DelBHO('{7CE987D5-11B3-44FC-9C3D-03069360D462}');
DelBHO('{FF794437-932D-47E8-BEE9-EB8CB6AE3073}');
QuarantineFile('C:\Program Files (x86)\advPlugin\Toolbar32.dll','');
QuarantineFile('C:\Program Files (x86)\couPonpeakk\2DzfL9hoTf89TJ.dll','');
QuarantineFile('C:\Windows\system32\drivers\{29b136c9-938d-4d3d-8df8-d649d9b74d02}Gw64.sys','');
QuarantineFile('C:\Windows\system32\drivers\{5eeb83d0-96ea-4249-942c-beead6847053}w64.sys','');
QuarantineFile('C:\Windows\system32\drivers\{71d5e150-c72b-4e5b-a773-e49420251642}w64.sys','');
QuarantineFile('C:\Windows\system32\drivers\{efa349b9-003c-4506-9e55-957c1cff853c}w64.sys','');
DeleteService('{efa349b9-003c-4506-9e55-957c1cff853c}w64');
DeleteService('{71d5e150-c72b-4e5b-a773-e49420251642}w64');
DeleteService('{5eeb83d0-96ea-4249-942c-beead6847053}w64');
DeleteService('{29b136c9-938d-4d3d-8df8-d649d9b74d02}Gw64');
DeleteService('Update Mega Browse');
QuarantineFile('C:\Program Files (x86)\Mega Browse\updateMegaBrowse.exe','');
QuarantineFile('C:\Users\FireLight\AppData\Roaming\VOPackage\VOsrv.exe','');
SetServiceStart('vosr', 4);
DeleteService('vosr');
QuarantineFile('C:\Program Files (x86)\NewPlayer\NewPlayerUpdaterService.exe','');
SetServiceStart('Update Service for advPlugin', 4);
DeleteService('Update Service for advPlugin');
SetServiceStart('MgAssistService', 4);
DeleteService('MgAssistService');
TerminateProcessByName('c:\program files (x86)\advplugin\basement\extensionupdaterservice.exe');
QuarantineFile('c:\program files (x86)\advplugin\basement\extensionupdaterservice.exe','');
TerminateProcessByName('c:\users\firelight\appdata\local\kometa\kometaup.exe');
QuarantineFile('c:\users\firelight\appdata\local\kometa\kometaup.exe','');
TerminateProcessByName('c:\program files (x86)\mobogenie\mgassist.exe');
TerminateProcessByName('c:\users\firelight\appdata\roaming\vopackage\vosrv.exe');
QuarantineFile('c:\users\firelight\appdata\roaming\vopackage\vosrv.exe','');
DeleteFile('c:\users\firelight\appdata\roaming\vopackage\vosrv.exe','32');
DeleteFile('c:\program files (x86)\mobogenie\mgassist.exe','32');
DeleteFile('c:\users\firelight\appdata\local\kometa\kometaup.exe','32');
DeleteFile('c:\program files (x86)\advplugin\basement\extensionupdaterservice.exe','32');
DeleteFile('C:\Users\FireLight\AppData\Roaming\VOPackage\VOsrv.exe','32');
DeleteFile('C:\Program Files (x86)\Mega Browse\updateMegaBrowse.exe','32');
DeleteFile('C:\Windows\system32\drivers\{efa349b9-003c-4506-9e55-957c1cff853c}w64.sys','32');
DeleteFile('C:\Windows\system32\drivers\{71d5e150-c72b-4e5b-a773-e49420251642}w64.sys','32');
DeleteFile('C:\Windows\system32\drivers\{5eeb83d0-96ea-4249-942c-beead6847053}w64.sys','32');
DeleteFile('C:\Windows\system32\drivers\{29b136c9-938d-4d3d-8df8-d649d9b74d02}Gw64.sys','32');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','kometaup');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','emioinefsh');
DeleteFile('C:\Program Files (x86)\couPonpeakk\2DzfL9hoTf89TJ.dll','32');
DeleteFile('C:\Program Files (x86)\advPlugin\Toolbar32.dll','32');
DeleteFile('C:\Windows\Tasks\56e24faf-5a5a-4ae9-b26e-23b5f791f1ce-4.job','64');
DeleteFile('C:\Windows\Tasks\f3f0858e-82fc-41a9-afa1-4fa3e3eb766f-3.job','64');
DeleteFile('C:\Program Files (x86)\MediaPlayerplus\f3f0858e-82fc-41a9-afa1-4fa3e3eb766f-3.exe','32');
DeleteFile('C:\Program Files (x86)\MediaPlayerplus\f3f0858e-82fc-41a9-afa1-4fa3e3eb766f-4.exe','32');
DeleteFile('C:\Users\FIRELI~1\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE','32');
DeleteFile('C:\Windows\Tasks\MySearchDial.job','64');
DeleteFile('C:\Windows\Tasks\f3f0858e-82fc-41a9-afa1-4fa3e3eb766f-4.job','64');
DeleteFile('C:\Windows\Tasks\RegClean Pro_DEFAULT.job','64');
DeleteFile('C:\Windows\Tasks\RegClean Pro_UPDATES.job','64');
DeleteFile('C:\Windows\Tasks\WSE_Lasaoren.job','64');
DeleteFile('C:\Users\FIRELI~1\AppData\Roaming\WSE_LA~1\UPDATE~1\UPDATE~1.EXE','32');
DeleteFile('C:\Windows\system32\Tasks\56e24faf-5a5a-4ae9-b26e-23b5f791f1ce-4','64');
DeleteFile('C:\Windows\system32\Tasks\f3f0858e-82fc-41a9-afa1-4fa3e3eb766f-3','64');
DeleteFile('C:\Windows\system32\Tasks\f3f0858e-82fc-41a9-afa1-4fa3e3eb766f-4','64');
DeleteFile('C:\Users\FireLight\AppData\Roaming\Gameo\gameo.exe','32');
DeleteFile('C:\Windows\system32\Tasks\gameo_update','64');
DeleteFile('C:\Windows\system32\Tasks\RegClean Pro','64');
DeleteFile('C:\Windows\system32\Tasks\RegClean Pro_DEFAULT','64');
DeleteFile('C:\Windows\system32\Tasks\RegClean Pro_UPDATES','64');
DeleteFile('C:\Windows\system32\Tasks\Super Optimizer Schedule','64');
DeleteFile('C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe','32');
DeleteFile('C:\Windows\system32\Tasks\Yahoo! Search','64');
DeleteFile('C:\Windows\system32\Tasks\Yahoo! Search Updater','64');
DeleteFile('C:\Users\FireLight\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.15.4\dsrlte.exe','32');
DeleteFile('C:\Users\FireLight\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.15.4\dsrsetup.exe','32');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(false);
end.
Компьютер перезагрузится.