Код:
begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
QuarantineFile('C:\Program Files\webget\bin\{55685567-4840-4A91-962B-49A412E9485A}.dll','');
QuarantineFile('C:\Program Files\webget\bin\webget.browserfilter.helper.dll','');
QuarantineFile('C:\Program Files\webget\bin\webget.browseradapter.exe','');
QuarantineFile('C:\Program Files\webget\bin\webget.browseradapter64.exe','');
QuarantineFile('C:\Program Files\suptab\search~2.dll','');
QuarantineFile('C:\Program Files\suptab\search~1.dll','');
QuarantineFile('C:\Program Files\suptab\dpinterface32.dll','');
QuarantineFile('C:\Users\Анастасияо\appdata\roaming\update~1\update~1\update~1.exe','');
QuarantineFile('C:\Users\Анастасияо\appdata\roaming\mail.ru newgamest\api.dll','');
TerminateProcessByName('c:\program files\internet speed checker\dfa10732-efd7-430c-9f56-fd7f9a591b3e.exe');
DelBHO('{11111111-1111-1111-1111-110611171152}');
DelBHO('{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}');
QuarantineFile('C:\Program Files\SupTab\SupTab.dll','');
QuarantineFile('C:\Program Files\Internet Speed Checker\Internet Speed Checker-bho.dll','');
QuarantineFile('C:\Users\Анастасияо\AppData\Roaming\runWIN\update.exe','');
QuarantineFile('C:\Users\Анастасияо\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runWIN.exe','');
QuarantineFile('C:\Users\Анастасияо\AppData\Roaming\Mail.RU NewGamesT\Encrypt.exe','');
QuarantineFile('C:\Program Files\Twilight Tech\Pretty Search\dummyDlg.exe','');
QuarantineFile('C:\PROGRA~1\SupTab\SEARCH~1.DLL','');
QuarantineFile('C:\Windows\system32\drivers\{55685567-4840-4a91-962b-49a412e9485a}Gw.sys','');
QuarantineFile('C:\Windows\system32\drivers\{55685567-4840-4a91-962b-49a412e9485a}w.sys','');
SetServiceStart('{55685567-4840-4a91-962b-49a412e9485a}w', 4);
DeleteService('{55685567-4840-4a91-962b-49a412e9485a}w');
SetServiceStart('{55685567-4840-4a91-962b-49a412e9485a}Gw', 4);
DeleteService('{55685567-4840-4a91-962b-49a412e9485a}Gw');
SetServiceStart('Wpm', 4);
DeleteService('Wpm');
SetServiceStart('Util webget', 4);
DeleteService('Util webget');
SetServiceStart('Update webget', 4);
DeleteService('Update webget');
SetServiceStart('servervo', 4);
DeleteService('servervo');
TerminateProcessByName('c:\programdata\wpm\wprotectmanager.exe');
QuarantineFile('c:\programdata\wpm\wprotectmanager.exe','');
TerminateProcessByName('c:\users\Анастасияо\appdata\roaming\vopackage\vosrv.exe');
QuarantineFile('c:\users\Анастасияо\appdata\roaming\vopackage\vosrv.exe','');
TerminateProcessByName('c:\program files\webget\bin\utilwebget.exe');
TerminateProcessByName('c:\program files\webget\updatewebget.exe');
QuarantineFile('c:\program files\webget\updatewebget.exe','');
QuarantineFile('c:\program files\webget\bin\utilwebget.exe','');
QuarantineFile('c:\program files\internet speed checker\dfa10732-efd7-430c-9f56-fd7f9a591b3e.exe','');
DeleteFile('c:\program files\webget\bin\utilwebget.exe','32');
DeleteFile('c:\program files\webget\updatewebget.exe','32');
DeleteFile('c:\users\Анастасияо\appdata\roaming\vopackage\vosrv.exe','32');
DeleteFile('c:\programdata\wpm\wprotectmanager.exe','32');
DeleteFile('C:\Windows\system32\drivers\{55685567-4840-4a91-962b-49a412e9485a}w.sys','32');
DeleteFile('C:\Windows\system32\drivers\{55685567-4840-4a91-962b-49a412e9485a}Gw.sys','32');
DeleteFile('C:\PROGRA~1\SupTab\SEARCH~1.DLL','32');
DeleteFile('C:\Program Files\Google\Chrome\Application\chrome.exe.bat','32');
DeleteFile('C:\Users\Анастасияо\AppData\Roaming\Mail.RU NewGamesT\Encrypt.exe','32');
DeleteFile('C:\Users\Анастасияо\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runWIN.exe','32');
DeleteFile('C:\Users\Анастасияо\AppData\Roaming\runWIN\update.exe','32');
DeleteFile('C:\Program Files\SupTab\SupTab.dll','32');
DeleteFile('C:\Program Files\Internet Speed Checker\Internet Speed Checker-bho.dll','32');
DeleteFile('c:\program files\internet speed checker\dfa10732-efd7-430c-9f56-fd7f9a591b3e.exe','32');
DeleteFile('C:\Users\Анастасияо\appdata\roaming\mail.ru newgamest\api.dll','32');
DeleteFile('C:\Users\Анастасияо\appdata\roaming\update~1\update~1\update~1.exe','32');
DeleteFile('C:\Program Files\suptab\dpinterface32.dll','32');
DeleteFile('C:\Program Files\suptab\search~1.dll','32');
DeleteFile('C:\Program Files\suptab\search~2.dll','32');
DeleteFile('C:\Program Files\webget\bin\webget.browseradapter64.exe','32');
DeleteFile('C:\Program Files\webget\bin\webget.browseradapter.exe','32');
DeleteFile('C:\Program Files\webget\bin\webget.browserfilter.helper.dll','32');
DeleteFile('C:\Program Files\webget\bin\{55685567-4840-4A91-962B-49A412E9485A}.dll','32');
DeleteFileMask('C:\Users\Анастасияо\AppData\Roaming\runWIN', '*', true);
DeleteDirectory('C:\Users\Анастасияо\AppData\Roaming\runWIN');
DeleteFileMask('C:\Users\Анастасияо\AppData\Roaming\Mail.RU NewGamesT', '*', true);
DeleteDirectory('C:\Users\Анастасияо\AppData\Roaming\Mail.RU NewGamesT');
DeleteFileMask('C:\Program Files\webget', '*', true);
DeleteDirectory('C:\Program Files\webget');
DeleteFileMask('C:\Program Files\suptab', '*', true);
DeleteDirectory('C:\Program Files\suptab');
DeleteFileMask('C:\Program Files\Internet Speed Checker', '*', true);
DeleteDirectory('C:\Program Files\Internet Speed Checker');
DeleteFileMask('c:\programdata\wpm', '*', true);
DeleteDirectory('c:\programdata\wpm');
DeleteFileMask('C:\Program Files\Twilight Tech', '*', true);
DeleteDirectory('C:\Program Files\Twilight Tech');
DeleteFileMask('c:\users\Анастасияо\appdata\roaming\vopackage', '*', true);
DeleteDirectory('c:\users\Анастасияо\appdata\roaming\vopackage');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(false);
end.
Компьютер перезагрузится.