Код:
begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
QuarantineFile('C:\Program Files (x86)\WordSurfer_1.10.0.19\Update\WordSurferAutoUpdateClient.exe','');
QuarantineFile('c:\task.vbs','');
QuarantineFile('C:\Users\User\AppData\Local\SmartWeb\SmartWebHelper.exe','');
QuarantineFile('C:\Users\User\AppData\Roaming\LINEbgTbMjgJOMRMR9ZMJfSZ.exe','');
QuarantineFile('C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe','');
QuarantineFile('C:\Users\User\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE','');
QuarantineFile('C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe','');
QuarantineFile('C:\Program Files (x86)\CiPlus-4.5vV06.09\53c34064-80d0-4142-b8ca-88c750ff99ae-7.exe','');
QuarantineFile('C:\Program Files (x86)\CiPlus-4.5vV06.09\53c34064-80d0-4142-b8ca-88c750ff99ae-6.exe','');
QuarantineFile('C:\Program Files (x86)\CiPlus-4.5vV06.09\53c34064-80d0-4142-b8ca-88c750ff99ae-5.exe','');
QuarantineFile('C:\Program Files (x86)\CiPlus-4.5vV06.09\53c34064-80d0-4142-b8ca-88c750ff99ae-3.exe','');
QuarantineFile('C:\Program Files (x86)\CiPlus-4.5vV06.09\53c34064-80d0-4142-b8ca-88c750ff99ae-11.exe','');
QuarantineFile('C:\Program Files (x86)\CiPlus-4.5vV06.09\53c34064-80d0-4142-b8ca-88c750ff99ae-10.exe','');
QuarantineFile('C:\Program Files (x86)\CiPlus-4.5vV06.09\53c34064-80d0-4142-b8ca-88c750ff99ae-1-7.exe','');
QuarantineFile('C:\Program Files (x86)\CiPlus-4.5vV06.09\53c34064-80d0-4142-b8ca-88c750ff99ae-1-6.exe','');
QuarantineFile('C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe','');
QuarantineFile('C:\Windows\system32\drivers\wsafd_1_10_0_19.sys','');
DeleteService('wsafd_1_10_0_19');
SetServiceStart('nevinyqu', 4);
DeleteService('nevinyqu');
SetServiceStart('mulikety', 4);
DeleteService('mulikety');
TerminateProcessByName('c:\program files (x86)\obnovi soft\obnovisoft.exe');
TerminateProcessByName('c:\users\user\appdata\local\mediaget2\mediaget.exe');
TerminateProcessByName('c:\users\user\appdata\roaming\16fe2140-1432638531-11d9-9825-c8600067d57a\jnsr71c6.tmp');
QuarantineFile('c:\users\user\appdata\roaming\16fe2140-1432638531-11d9-9825-c8600067d57a\jnsr71c6.tmp','');
TerminateProcessByName('c:\program files (x86)\iobit\liveupdate\iobitlauncher.exe');
QuarantineFile('c:\program files (x86)\iobit\liveupdate\iobitlauncher.exe','');
TerminateProcessByName('c:\users\user\appdata\roaming\16fe2140-1432638531-11d9-9825-c8600067d57a\hnsx87d8.tmp');
QuarantineFile('c:\users\user\appdata\roaming\16fe2140-1432638531-11d9-9825-c8600067d57a\hnsx87d8.tmp','');
DeleteFile('c:\users\user\appdata\roaming\16fe2140-1432638531-11d9-9825-c8600067d57a\hnsx87d8.tmp','32');
DeleteFile('c:\program files (x86)\iobit\liveupdate\iobitlauncher.exe','32');
DeleteFile('c:\users\user\appdata\roaming\16fe2140-1432638531-11d9-9825-c8600067d57a\jnsr71c6.tmp','32');
DeleteFile('c:\users\user\appdata\local\mediaget2\mediaget.exe','32');
DeleteFile('c:\program files (x86)\obnovi soft\obnovisoft.exe','32');
DeleteFile('C:\Windows\system32\drivers\wsafd_1_10_0_19.sys','32');
DeleteFile('C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe','32');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','Обнови Софт');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','MediaGet2');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV06.09\53c34064-80d0-4142-b8ca-88c750ff99ae-1-6.exe','32');
DeleteFile('C:\Windows\Tasks\53c34064-80d0-4142-b8ca-88c750ff99ae-1-6.job','64');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV06.09\53c34064-80d0-4142-b8ca-88c750ff99ae-1-7.exe','32');
DeleteFile('C:\Windows\Tasks\53c34064-80d0-4142-b8ca-88c750ff99ae-1-7.job','64');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV06.09\53c34064-80d0-4142-b8ca-88c750ff99ae-10.exe','32');
DeleteFile('C:\Windows\Tasks\53c34064-80d0-4142-b8ca-88c750ff99ae-10_user.job','64');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV06.09\53c34064-80d0-4142-b8ca-88c750ff99ae-11.exe','32');
DeleteFile('C:\Windows\Tasks\53c34064-80d0-4142-b8ca-88c750ff99ae-11.job','64');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV06.09\53c34064-80d0-4142-b8ca-88c750ff99ae-3.exe','32');
DeleteFile('C:\Windows\Tasks\53c34064-80d0-4142-b8ca-88c750ff99ae-3.job','64');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV06.09\53c34064-80d0-4142-b8ca-88c750ff99ae-5.exe','32');
DeleteFile('C:\Windows\Tasks\53c34064-80d0-4142-b8ca-88c750ff99ae-5.job','64');
DeleteFile('C:\Windows\Tasks\53c34064-80d0-4142-b8ca-88c750ff99ae-5_user.job','64');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV06.09\53c34064-80d0-4142-b8ca-88c750ff99ae-6.exe','32');
DeleteFile('C:\Windows\Tasks\53c34064-80d0-4142-b8ca-88c750ff99ae-6.job','64');
DeleteFile('C:\Program Files (x86)\CiPlus-4.5vV06.09\53c34064-80d0-4142-b8ca-88c750ff99ae-7.exe','32');
DeleteFile('C:\Windows\Tasks\53c34064-80d0-4142-b8ca-88c750ff99ae-7.job','64');
DeleteFile('C:\Windows\Tasks\APSnotifierPP1.job','64');
DeleteFile('C:\Windows\Tasks\APSnotifierPP2.job','64');
DeleteFile('C:\Windows\Tasks\APSnotifierPP3.job','64');
DeleteFile('C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe','32');
DeleteFile('C:\Users\User\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE','32');
DeleteFile('C:\Windows\Tasks\Digital Sites.job','64');
DeleteFile('C:\Windows\Tasks\Crossbrowse.job','64');
DeleteFile('C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job','64');
DeleteFile('C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job','64');
DeleteFile('C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe','32');
DeleteFile('C:\Users\User\AppData\Roaming\LINEbgTbMjgJOMRMR9ZMJfSZ.exe','32');
DeleteFile('C:\Windows\Tasks\LINEbgTbMjgJOMRMR9ZMJfSZ.job','64');
DeleteFile('C:\Windows\system32\Tasks\50dc9e50-0b3a-4036-ab03-e787a5059eb4-1-6','64');
DeleteFile('C:\Windows\system32\Tasks\50dc9e50-0b3a-4036-ab03-e787a5059eb4-1-7','64');
DeleteFile('C:\Windows\system32\Tasks\50dc9e50-0b3a-4036-ab03-e787a5059eb4-10_user','64');
DeleteFile('C:\Windows\system32\Tasks\50dc9e50-0b3a-4036-ab03-e787a5059eb4-11','64');
DeleteFile('C:\Windows\system32\Tasks\50dc9e50-0b3a-4036-ab03-e787a5059eb4-3','64');
DeleteFile('C:\Windows\system32\Tasks\50dc9e50-0b3a-4036-ab03-e787a5059eb4-5','64');
DeleteFile('C:\Windows\system32\Tasks\50dc9e50-0b3a-4036-ab03-e787a5059eb4-5_user','64');
DeleteFile('C:\Windows\system32\Tasks\50dc9e50-0b3a-4036-ab03-e787a5059eb4-6','64');
DeleteFile('C:\Windows\system32\Tasks\50dc9e50-0b3a-4036-ab03-e787a5059eb4-7','64');
DeleteFile('C:\Windows\system32\Tasks\53c34064-80d0-4142-b8ca-88c750ff99ae-1-7','64');
DeleteFile('C:\Windows\system32\Tasks\53c34064-80d0-4142-b8ca-88c750ff99ae-1-6','64');
DeleteFile('C:\Windows\system32\Tasks\53c34064-80d0-4142-b8ca-88c750ff99ae-10_user','64');
DeleteFile('C:\Windows\system32\Tasks\53c34064-80d0-4142-b8ca-88c750ff99ae-11','64');
DeleteFile('C:\Windows\system32\Tasks\53c34064-80d0-4142-b8ca-88c750ff99ae-3','64');
DeleteFile('C:\Windows\system32\Tasks\53c34064-80d0-4142-b8ca-88c750ff99ae-5','64');
DeleteFile('C:\Windows\system32\Tasks\53c34064-80d0-4142-b8ca-88c750ff99ae-5_user','64');
DeleteFile('C:\Windows\system32\Tasks\53c34064-80d0-4142-b8ca-88c750ff99ae-6','64');
DeleteFile('C:\Windows\system32\Tasks\53c34064-80d0-4142-b8ca-88c750ff99ae-7','64');
DeleteFile('C:\Windows\system32\Tasks\APSnotifierPP1','64');
DeleteFile('C:\Windows\system32\Tasks\APSnotifierPP2','64');
DeleteFile('C:\Windows\system32\Tasks\APSnotifierPP3','64');
DeleteFile('C:\Windows\system32\Tasks\Crossbrowse','64');
DeleteFile('C:\Windows\system32\Tasks\globalUpdateUpdateTaskMachineCore','64');
DeleteFile('C:\Windows\system32\Tasks\globalUpdateUpdateTaskMachineUA','64');
DeleteFile('C:\Users\User\AppData\Local\SmartWeb\SmartWebHelper.exe','32');
DeleteFile('c:\task.vbs','32');
DeleteFile('C:\Windows\system32\Tasks\updateTask','64');
DeleteFile('C:\Windows\system32\Tasks\SmartWeb Upgrade Trigger Task','64');
DeleteFile('C:\Windows\system32\Tasks\WordSurfer Auto Updater 1.10.0.19 Core','64');
DeleteFile('C:\Windows\system32\Tasks\WordSurfer Auto Updater 1.10.0.19 Pending Update','64');
DeleteFile('C:\Program Files (x86)\WordSurfer_1.10.0.19\Update\WordSurferAutoUpdateClient.exe','32');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(false);
end.
Будет выполнена перезагрузка компьютера.