Код:
begin
ExecuteAVUpdate;
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(true);
end;
QuarantineFile('C:\Windows\System32\microsoftwin\microsoft.exe', 'MBAM: Trojan.JiePo.Gen');
QuarantineFile('C:\Program Files (x86)\Uninstall Information\ib_uninst_518\uninstall.exe', 'MBAM: PUP.BundleInstaller.IB');
QuarantineFile('C:\Program Files (x86)\Uninstall Information\ib_uninst_519\uninstall.exe', 'MBAM: PUP.BundleInstaller.IB');
QuarantineFile('C:\Users\Max\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8WQX6628\firfox[1].exe', 'MBAM: Trojan.JiePo.Gen');
QuarantineFile('C:\Users\Max\AppData\Local\Temp\13071136.exe', 'MBAM: Trojan.JiePo.Gen');
QuarantineFile('C:\Users\Max\AppData\Local\Temp\30690061.exe', 'MBAM: Trojan.JiePo.Gen');
QuarantineFile('C:\Users\Max\AppData\Local\Temp\microsoft.exe', 'MBAM: Trojan.JiePo.Gen');
QuarantineFile('C:\Windows\system32\microsoftwin\microsoft.exe','');
QuarantineFile('C:\Windows\SysWOW64\avira apc\avira.exe','');
QuarantineFile('C:\Users\Max\AppData\Roaming\avira apc\avira.exe','');
QuarantineFile('C:\Users\Max\AppData\Roaming\dm\svchost.exe','');
DeleteFile('C:\Users\Max\AppData\Roaming\dm\svchost.exe');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','servicehost');
QuarantineFile('C:\Users\Max\AppData\Roaming\microsoftwin\microsoft.exe', 'MBAM: Trojan.JiePo.Gen');
QuarantineFile('C:\Windows\System32\microsoft.exever.exe', 'MBAM: Trojan.JiePo.Gen');
QuarantineFile('E:\Games\programs\Adobe photoshop CS6 13.0 [Extended x86+x64] (2012) PC\Patch\adobe.photoshop.cs6.patch.exe', 'MBAM: PUP.RiskwareTool.CK');
QuarantineFile('E:\Games\programs\avz4\avz4 old\Quarantine\2012-10-17\avz00002.dta', 'MBAM: Trojan.JiePo.Gen');
QuarantineFile('E:\Games\programs\drivers\BestCodecsPack.exe', 'MBAM: PUP.BundleInstaller.IB');
QuarantineFile('E:\Games\programs\тюнер\miniinstall.exe', 'MBAM: PUP.BundleInstaller.MB');
QuarantineFile('C:\Users\Max\AppData\Local\Temp\win.exe', 'MBAM: Trojan.Downloader');
QuarantineFile('C:\Users\Max\AppData\Roaming\logs.dat', 'MBAM: Bifrose.Trace');
QuarantineFile('C:\Users\Max\AppData\Local\Temp\UuU.uUu', 'MBAM: Malware.Trace');
QuarantineFile('C:\Users\Max\AppData\Local\Temp\XxX.xXx', 'MBAM: Malware.Trace');
QuarantineFile('C:\Users\Max\AppData\Roaming\dclogs\2012-07-24-3.dc', 'MBAM: Stolen.Data');
QuarantineFile('C:\Users\Max\AppData\Roaming\dclogs\2012-07-25-4.dc', 'MBAM: Stolen.Data');
QuarantineFile('C:\Users\Max\AppData\Roaming\dclogs\2012-07-28-7.dc', 'MBAM: Stolen.Data');
QuarantineFile('C:\Users\Max\AppData\Roaming\dclogs\2012-07-29-1.dc', 'MBAM: Stolen.Data');
QuarantineFile('C:\Users\Max\AppData\Roaming\dclogs\2012-07-30-2.dc', 'MBAM: Stolen.Data');
QuarantineFile('C:\Users\Max\AppData\Roaming\dclogs\2012-07-31-3.dc', 'MBAM: Stolen.Data');
QuarantineFile('C:\Users\Max\AppData\Roaming\dclogs\2012-08-15-4.dc', 'MBAM: Stolen.Data');
QuarantineFile('C:\Users\Max\AppData\Roaming\dclogs\2012-08-16-5.dc', 'MBAM: Stolen.Data');
QuarantineFile('C:\Users\Max\AppData\Roaming\dclogs\2012-08-17-6.dc', 'MBAM: Stolen.Data');
QuarantineFile('C:\Users\Max\AppData\Roaming\dclogs\2012-08-22-4.dc', 'MBAM: Stolen.Data');
QuarantineFile('C:\Users\Max\AppData\Roaming\dclogs\2012-08-23-5.dc', 'MBAM: Stolen.Data');
QuarantineFile('C:\Users\Max\Local Settings\Application Data\Temp\13071136.exe', 'MBAM: Trojan.Agent.Gen');
QuarantineFile('C:\Users\Max\Local Settings\Application Data\Temp\30690061.exe', 'MBAM: Trojan.Agent.Gen');
QuarantineFile('C:\Windows\SysWOW64\avira apc\avira.exe', 'MBAM: Backdoor.HMCPol.Gen');
QuarantineFile('C:\Users\Max\AppData\Roaming\dm\svchost.exe', 'MBAM: Trojan.Agent');
DeleteFile('C:\Windows\System32\microsoftwin\microsoft.exe');
DeleteFile('C:\Users\Max\AppData\Local\Temp\13071136.exe');
DeleteFile('C:\Users\Max\AppData\Local\Temp\30690061.exe');
DeleteFile('C:\Users\Max\AppData\Local\Temp\microsoft.exe');
DeleteFile('C:\Users\Max\AppData\Roaming\microsoftwin\microsoft.exe');
DeleteFile('C:\Windows\System32\microsoft.exever.exe');
DeleteFile('C:\Users\Max\AppData\Local\Temp\win.exe');
DeleteFile('C:\Users\Max\AppData\Roaming\logs.dat');
DeleteFile('C:\Users\Max\AppData\Local\Temp\UuU.uUu');
DeleteFile('C:\Users\Max\AppData\Local\Temp\XxX.xXx');
DeleteFile('C:\Users\Max\AppData\Roaming\dclogs\2012-07-24-3.dc');
DeleteFile('C:\Users\Max\AppData\Roaming\dclogs\2012-07-25-4.dc');
DeleteFile('C:\Users\Max\AppData\Roaming\dclogs\2012-07-28-7.dc');
DeleteFile('C:\Users\Max\AppData\Roaming\dclogs\2012-07-29-1.dc');
DeleteFile('C:\Users\Max\AppData\Roaming\dclogs\2012-07-30-2.dc');
DeleteFile('C:\Users\Max\AppData\Roaming\dclogs\2012-07-31-3.dc');
DeleteFile('C:\Users\Max\AppData\Roaming\dclogs\2012-08-15-4.dc');
DeleteFile('C:\Users\Max\AppData\Roaming\dclogs\2012-08-16-5.dc');
DeleteFile('C:\Users\Max\AppData\Roaming\dclogs\2012-08-17-6.dc');
DeleteFile('C:\Users\Max\AppData\Roaming\dclogs\2012-08-22-4.dc');
DeleteFile('C:\Users\Max\AppData\Roaming\dclogs\2012-08-23-5.dc');
DeleteFile('C:\Users\Max\Local Settings\Application Data\Temp\13071136.exe');
DeleteFile('C:\Users\Max\Local Settings\Application Data\Temp\30690061.exe');
DeleteFile('C:\Users\Max\AppData\Roaming\dm\svchost.exe');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(true);
end.