Код:
begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
QuarantineFile('C:\Users\Дом\AppData\Local\MacroNetSoftware\RgFltX64.sys','');
DeleteService('RgFltX64');
QuarantineFile('C:\Users\Дом\AppData\Local\winsockmsmpeg2vdecClient\winsockmsmpeg2vdecClient.exe','');
QuarantineFile('C:\Program Files (x86)\Round World\bin\utilRoundWorld.exe','');
DeleteService('winsockmsmpeg2vdecClient.exe');
DeleteService('Util Round World');
QuarantineFile('C:\Users\Дом\AppData\Local\thumbnailqeditSched\thumbnailqeditSched.exe','');
DeleteService('thumbnailqeditSched.exe');
DeleteService('StartThumbnailWindows.exe');
QuarantineFile('C:\Users\Дом\AppData\Local\StartThumbnailWindows\StartThumbnailWindows.exe','');
QuarantineFile('C:\Users\Дом\AppData\Roaming\ASPackage\ASSrv.exe','');
DeleteService('serveras');
DeleteService('repositorydifxTask.exe');
QuarantineFile('C:\Users\Дом\AppData\Local\repositorydifxTask\repositorydifxTask.exe','');
QuarantineFile('C:\Users\Дом\AppData\Local\QuickTaskWin32\QuickTaskWin32.exe','');
DeleteService('QuickTaskWin32.exe');
QuarantineFile('C:\Users\Дом\AppData\Local\OSRepositoryStart\OSRepositoryStart.exe','');
DeleteService('OSRepositoryStart.exe');
QuarantineFile('C:\Users\Дом\AppData\Local\ocrmsv1_032\ocrmsv1_032.exe','');
QuarantineFile('C:\Users\Дом\AppData\Local\odbccredssp32\odbccredssp32.exe','');
QuarantineFile('C:\Users\Дом\AppData\Local\officepython_86\officepython_86.exe','');
QuarantineFile('C:\Users\Дом\AppData\Local\openmscmsBckp\openmscmsBckp.exe','');
QuarantineFile('C:\Users\Дом\AppData\Local\OpenProgramWinsock\OpenProgramWinsock.exe','');
DeleteService('OpenProgramWinsock.exe');
DeleteService('openmscmsBckp.exe');
DeleteService('officepython_86.exe');
DeleteService('odbccredssp32.exe');
DeleteService('ocrmsv1_032.exe');
QuarantineFile('C:\Users\Дом\AppData\Local\msctfmonitorehstorUI\msctfmonitorehstorUI.exe','');
QuarantineFile('C:\Users\Дом\AppData\Local\MySQLOCRPublic\MySQLOCRPublic.exe','');
DeleteService('MySQLOCRPublic.exe');
DeleteService('msctfmonitorehstorUI.exe');
QuarantineFile('C:\Users\Дом\AppData\Local\MinimalProgramRepository\MinimalProgramRepository.exe','');
DeleteService('MinimalProgramRepository.exe');
QuarantineFile('C:\Users\Дом\AppData\Local\macromsctfmonitorapi\macromsctfmonitorapi.exe','');
QuarantineFile('C:\Users\Дом\AppData\Local\MacroNetSoftware\MacroNetSoftware.exe','');
QuarantineFile('C:\Users\Дом\AppData\Local\MemoryProgramSamba\MemoryProgramSamba.exe','');
QuarantineFile('C:\Users\Дом\AppData\Local\MetafileSoftwareText\MetafileSoftwareText.exe','');
QuarantineFile('C:\Users\Дом\AppData\Local\methodrootProt\methodrootProt.exe','');
DeleteService('methodrootProt.exe');
DeleteService('MetafileSoftwareText.exe');
DeleteService('MemoryProgramSamba.exe');
DeleteService('MacroNetSoftware.exe');
DeleteService('macromsctfmonitorapi.exe');
QuarantineFile('C:\Users\Дом\AppData\Local\InterpreterRemoteSchema\InterpreterRemoteSchema.exe','');
DeleteService('InterpreterRemoteSchema.exe');
QuarantineFile('C:\Users\Дом\AppData\Local\IconOpenPath\IconOpenPath.exe','');
QuarantineFile('C:\Users\Дом\AppData\Local\iconsharewareProvider\iconsharewareProvider.exe','');
QuarantineFile('C:\Users\Дом\AppData\Local\ImportJRERoot\ImportJRERoot.exe','');
QuarantineFile('C:\Users\Дом\AppData\Local\indexpublicMonitor\indexpublicMonitor.exe','');
QuarantineFile('C:\Users\Дом\AppData\Local\interactivewdmaud_64\interactivewdmaud_64.exe','');
DeleteService('interactivewdmaud_64.exe');
DeleteService('indexpublicMonitor.exe');
DeleteService('ImportJRERoot.exe');
DeleteService('iconsharewareProvider.exe');
DeleteService('IconOpenPath.exe');
QuarantineFile('C:\Users\Дом\AppData\Local\guiauthuiBckp\guiauthuiBckp.exe','');
DeleteService('guiauthuiBckp.exe');
DeleteService('GNUGammaImport.exe');
QuarantineFile('C:\Users\Дом\AppData\Local\GNUGammaImport\GNUGammaImport.exe','');
QuarantineFile('C:\Users\Дом\AppData\Local\functiongnu32\functiongnu32.exe','');
QuarantineFile('C:\Users\Дом\AppData\Local\frozensharewareGUI\frozensharewareGUI.exe','');
DeleteService('functiongnu32.exe');
DeleteService('frozensharewareGUI.exe');
QuarantineFile('C:\Users\Дом\AppData\Local\FolderPrivacyRoot\FolderPrivacyRoot.exe','');
DeleteService('FolderPrivacyRoot.exe');
DeleteService('FinderSambaScrolling.exe');
SetServiceStart('FirmwareMotionSymbolic.exe', 4);
DeleteService('FirmwareMotionSymbolic.exe');
QuarantineFile('C:\Users\Дом\AppData\Local\FirmwareMotionSymbolic\FirmwareMotionSymbolic.exe','');
QuarantineFile('C:\Users\Дом\AppData\Local\ExportTextTooltip\ExportTextTooltip.exe','');
QuarantineFile('C:\Users\Дом\AppData\Local\FinderSambaScrolling\FinderSambaScrolling.exe','');
DeleteService('ExportTextTooltip.exe');
DeleteService('EncondingFolderMBR.exe');
QuarantineFile('C:\Users\Дом\AppData\Local\EncondingFolderMBR\EncondingFolderMBR.exe','');
QuarantineFile('C:\Users\Дом\AppData\Local\dosprocess_64\dosprocess_64.exe','');
DeleteService('dosprocess_64.exe');
QuarantineFile('C:\Users\Дом\AppData\Local\DashboardDebuggerSchema\DashboardDebuggerSchema.exe','');
QuarantineFile('C:\Users\Дом\AppData\Local\DashboardExportSamba\DashboardExportSamba.exe','');
QuarantineFile('C:\Users\Дом\AppData\Local\DebuggerGammaTask\DebuggerGammaTask.exe','');
QuarantineFile('C:\Users\Дом\AppData\Local\DirectXFormatMinimal\DirectXFormatMinimal.exe','');
DeleteService('DirectXFormatMinimal.exe');
DeleteService('DebuggerGammaTask.exe');
DeleteService('DashboardExportSamba.exe');
DeleteService('DashboardDebuggerSchema.exe');
QuarantineFile('C:\Users\Дом\AppData\Local\controlmsmpeg2vdecTask\controlmsmpeg2vdecTask.exe','');
QuarantineFile('C:\Users\Дом\AppData\Local\crondebug32\crondebug32.exe','');
QuarantineFile('C:\Users\Дом\AppData\Local\CronDesktopShareware\CronDesktopShareware.exe','');
QuarantineFile('C:\Users\Дом\AppData\Local\CronPublicScript\CronPublicScript.exe','');
DeleteService('CronPublicScript.exe');
DeleteService('CronDesktopShareware.exe');
DeleteService('crondebug32.exe');
DeleteService('controlmsmpeg2vdecTask.exe');
QuarantineFile('C:\Users\Дом\AppData\Local\ClipboardSnapshotSoftware\ClipboardSnapshotSoftware.exe','');
QuarantineFile('C:\Users\Дом\AppData\Local\ContextualGNUTask\ContextualGNUTask.exe','');
QuarantineFile('C:\Users\Дом\AppData\Local\ControlDockFolder\ControlDockFolder.exe','');
DeleteService('ControlDockFolder.exe');
DeleteService('ContextualGNUTask.exe');
DeleteService('ClipboardSnapshotSoftware.exe');
QuarantineFile('C:\Users\Дом\AppData\Local\bed124d25950a043d81b0481057ecaea\bed124d25950a043d81b0481057ecaea.exe','');
DeleteService('bed124d25950a043d81b0481057ecaea.exe');
DeleteService('APIMacroSamba.exe');
QuarantineFile('C:\Users\Дом\AppData\Local\APIMacroSamba\APIMacroSamba.exe','');
QuarantineFile('C:\Users\Дом\AppData\Local\AddonProcessSprite\AddonProcessSprite.exe','');
DeleteService('AddonProcessSprite.exe');
DeleteService('a343713e9a9325b.exe');
QuarantineFile('C:\Users\Дом\AppData\Local\032c70bdfe5bb568770b4a81745aa63a\a343713e9a9325b.exe','');
QuarantineFile('C:\Users\Дом\AppData\Local\824d2cabf3334593051e47a8d30072cc\824d2cabf3334593051e47a8d30072cc.exe','');
DeleteService('824d2cabf3334593051e47a8d30072cc.exe');
DeleteService('4c54c8af95c6b7b.exe');
QuarantineFile('C:\Users\Дом\AppData\Local\dcb8e8bb4d14f1854a1bf9b7ac581958\4c54c8af95c6b7b.exe','');
QuarantineFile('C:\Users\Дом\AppData\Local\8414f379a6182c966b78bc5a6813dc75\1cbd2f3a1516909.exe','');
SetServiceStart('1cbd2f3a1516909.exe', 4);
DeleteService('1cbd2f3a1516909.exe');
DeleteFile('C:\Users\Дом\AppData\Local\8414f379a6182c966b78bc5a6813dc75\1cbd2f3a1516909.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\dcb8e8bb4d14f1854a1bf9b7ac581958\4c54c8af95c6b7b.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\824d2cabf3334593051e47a8d30072cc\824d2cabf3334593051e47a8d30072cc.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\032c70bdfe5bb568770b4a81745aa63a\a343713e9a9325b.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\AddonProcessSprite\AddonProcessSprite.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\APIMacroSamba\APIMacroSamba.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\bed124d25950a043d81b0481057ecaea\bed124d25950a043d81b0481057ecaea.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\ControlDockFolder\ControlDockFolder.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\ContextualGNUTask\ContextualGNUTask.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\ClipboardSnapshotSoftware\ClipboardSnapshotSoftware.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\CronPublicScript\CronPublicScript.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\CronDesktopShareware\CronDesktopShareware.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\crondebug32\crondebug32.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\controlmsmpeg2vdecTask\controlmsmpeg2vdecTask.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\DirectXFormatMinimal\DirectXFormatMinimal.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\DebuggerGammaTask\DebuggerGammaTask.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\DashboardExportSamba\DashboardExportSamba.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\DashboardDebuggerSchema\DashboardDebuggerSchema.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\dosprocess_64\dosprocess_64.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\EncondingFolderMBR\EncondingFolderMBR.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\FinderSambaScrolling\FinderSambaScrolling.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\ExportTextTooltip\ExportTextTooltip.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\FirmwareMotionSymbolic\FirmwareMotionSymbolic.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\FolderPrivacyRoot\FolderPrivacyRoot.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\frozensharewareGUI\frozensharewareGUI.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\functiongnu32\functiongnu32.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\GNUGammaImport\GNUGammaImport.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\guiauthuiBckp\guiauthuiBckp.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\interactivewdmaud_64\interactivewdmaud_64.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\indexpublicMonitor\indexpublicMonitor.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\ImportJRERoot\ImportJRERoot.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\iconsharewareProvider\iconsharewareProvider.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\IconOpenPath\IconOpenPath.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\InterpreterRemoteSchema\InterpreterRemoteSchema.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\methodrootProt\methodrootProt.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\MetafileSoftwareText\MetafileSoftwareText.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\MemoryProgramSamba\MemoryProgramSamba.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\MacroNetSoftware\MacroNetSoftware.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\macromsctfmonitorapi\macromsctfmonitorapi.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\MinimalProgramRepository\MinimalProgramRepository.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\MySQLOCRPublic\MySQLOCRPublic.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\msctfmonitorehstorUI\msctfmonitorehstorUI.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\OpenProgramWinsock\OpenProgramWinsock.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\openmscmsBckp\openmscmsBckp.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\officepython_86\officepython_86.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\odbccredssp32\odbccredssp32.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\ocrmsv1_032\ocrmsv1_032.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\OSRepositoryStart\OSRepositoryStart.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\QuickTaskWin32\QuickTaskWin32.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\repositorydifxTask\repositorydifxTask.exe','32');
DeleteFile('C:\Users\Дом\AppData\Roaming\ASPackage\ASSrv.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\StartThumbnailWindows\StartThumbnailWindows.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\thumbnailqeditSched\thumbnailqeditSched.exe','32');
DeleteFile('C:\Program Files (x86)\Round World\bin\utilRoundWorld.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\winsockmsmpeg2vdecClient\winsockmsmpeg2vdecClient.exe','32');
DeleteFile('C:\Users\Дом\AppData\Local\MacroNetSoftware\RgFltX64.sys','32');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(false);
end.
Компьютер перезагрузится.