begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.'+#13#10+'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
ClearQuarantineEx(true);
QuarantineFile('C:\ProgramData\windowstask\microsofthost.exe','');
QuarantineFile('C:\ProgramData\windowstask\audiodg.exe','');
QuarantineFile('C:\Program Files\RDP Wrapper\rdpwrap.dll','');
QuarantineFile('C:\ProgramData\ReaItekHD\taskhostw.exe','');
QuarantineFile('C:\Programdata\ReaItekHD\taskhost.exe','');
QuarantineFile('C:\ProgramData\Microsoft\DRM\Gvj0zW\CreedMobeM.bat','');
QuarantineFile('C:\ProgramData\Microsoft\DRM\Gvj0zW\Game.exe','');
QuarantineFile('C:\ProgramData\Windows Tasks Service\winserv.exe','');
QuarantineFileF('C:\ProgramData\Microsoft\DRM\Gvj0zW', '*.exe, *.dll, *.sys, *.bat, *.vbs, *.ps1, *.js*, *.tmp*', true, '', 0 , 0);
DeleteFile('C:\ProgramData\windowstask\microsofthost.exe','32');
DeleteFile('C:\ProgramData\windowstask\audiodg.exe','32');
DeleteFile('C:\Program Files\RDP Wrapper\rdpwrap.dll','64');
DeleteFile('C:\Program Files\rdp wrapper\rdpwrap.dll','32');
DeleteFile('C:\ProgramData\ReaItekHD\taskhostw.exe','64');
DeleteFile('C:\Programdata\ReaItekHD\taskhost.exe','64');
DeleteFile('C:\ProgramData\Microsoft\DRM\Gvj0zW\CreedMobeM.bat','64');
DeleteFile('C:\ProgramData\Microsoft\DRM\Gvj0zW\Game.exe','64');
DeleteFile('C:\ProgramData\Windows Tasks Service\winserv.exe','64');
DeleteFileMask('C:\ProgramData\windowstask', '*', true);
DeleteFileMask('C:\ProgramData\ReaItekHD', '*', true);
DeleteFileMask('C:\ProgramData\Windows Tasks Service', '*', true);
DeleteFileMask('C:\ProgramData\Microsoft\DRM\Gvj0zW', '*', true);
DeleteDirectory('C:\ProgramData\windowstask');
DeleteDirectory('C:\ProgramData\ReaItekHD');
DeleteDirectory('C:\ProgramData\Windows Tasks Service');
DeleteDirectory('C:\ProgramData\Microsoft\DRM\Gvj0zW');
DeleteSchedulerTask('Microsoft\Windows\CreedMobeM\RecoveryHosts');
DeleteSchedulerTask('Microsoft\Windows\CreedMobeM\Gvj0zW');
DeleteSchedulerTask('Microsoft\Windows\CreedMobeM\RecoveryTask');
DeleteSchedulerTask('Microsoft\Windows\Wininet\Hor');
DeleteSchedulerTask('Microsoft\Windows\Wininet\winser');
DeleteSchedulerTask('Microsoft\Windows\Wininet\winsers');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','Realtek HD Audio','x64');
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1001', 1);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1004', 3);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1201', 3);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1804', 1);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '2201', 3);
CreateQurantineArchive(GetAVZDirectory + 'quarantine.zip');
ExecuteSysClean;
ExecuteWizard('SCU', 2, 3, true);
RebootWindows(true);
end.