Код:
begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
QuarantineFile('C:\Program Files\SavePass 1.1\ea1eba0b-5b03-470c-97f5-2c0c93503ed2-5.exe','');
QuarantineFile('C:\Program Files\SavePass 1.1\ea1eba0b-5b03-470c-97f5-2c0c93503ed2-4.exe','');
QuarantineFile('C:\Program Files\SavePass 1.1\ea1eba0b-5b03-470c-97f5-2c0c93503ed2-11.exe','');
QuarantineFile('C:\Program Files\SavePass 1.1\ea1eba0b-5b03-470c-97f5-2c0c93503ed2-10.exe','');
QuarantineFile('C:\Program Files\SavePass 1.1\ea1eba0b-5b03-470c-97f5-2c0c93503ed2-1-7.exe','');
QuarantineFile('C:\Program Files\SavePass 1.1\ea1eba0b-5b03-470c-97f5-2c0c93503ed2-1-6.exe','');
QuarantineFile('C:\Program Files\HQ Cinema Video 1.9cV08.02\c90b9019-188a-4b04-bf01-c30893986124-5.exe','');
QuarantineFile('C:\Program Files\HQ Cinema Video 1.9cV08.02\c90b9019-188a-4b04-bf01-c30893986124-4.exe','');
QuarantineFile('C:\Program Files\HQ Cinema Video 1.9cV08.02\c90b9019-188a-4b04-bf01-c30893986124-11.exe','');
QuarantineFile('C:\Program Files\HQ Cinema Video 1.9cV08.02\c90b9019-188a-4b04-bf01-c30893986124-1-7.exe','');
QuarantineFile('C:\Program Files\HQ Cinema Video 1.9cV08.02\c90b9019-188a-4b04-bf01-c30893986124-1-6.exe','');
QuarantineFile('C:\Program Files\Internet Speed Checker\1fcaab5d-9ca3-43ad-a3ce-839ffea030d5-5.exe','');
QuarantineFile('C:\Program Files\Internet Speed Checker\1fcaab5d-9ca3-43ad-a3ce-839ffea030d5-4.exe','');
QuarantineFile('C:\Program Files\Internet Speed Checker\1fcaab5d-9ca3-43ad-a3ce-839ffea030d5-11.exe','');
QuarantineFile('C:\Program Files\Internet Speed Checker\1fcaab5d-9ca3-43ad-a3ce-839ffea030d5-10.exe','');
QuarantineFile('C:\Program Files\Internet Speed Checker\1fcaab5d-9ca3-43ad-a3ce-839ffea030d5-1-7.exe','');
QuarantineFile('C:\Program Files\Internet Speed Checker\1fcaab5d-9ca3-43ad-a3ce-839ffea030d5-1-6.exe','');
DelBHO('{7CE987D5-11B3-44FC-9C3D-03069360D462}');
DelBHO('{1FE48F08-A2AC-44AC-A21C-0556D91C50DA}');
SetServiceStart('{d487b1e4-59cf-4940-87da-e7c5a283dab7}t', 4);
DeleteService('{d487b1e4-59cf-4940-87da-e7c5a283dab7}t');
SetServiceStart('{c0915853-fd66-4086-a9ce-b80496d49b3f}Gt', 4);
DeleteService('{c0915853-fd66-4086-a9ce-b80496d49b3f}Gt');
SetServiceStart('{9d525140-2aa5-4c29-b571-058468248f69}t', 4);
DeleteService('{9d525140-2aa5-4c29-b571-058468248f69}t');
SetServiceStart('{955a1491-962c-4a4d-a25b-ddfc77991b58}t', 4);
DeleteService('{955a1491-962c-4a4d-a25b-ddfc77991b58}t');
SetServiceStart('{34789ec0-129d-4a2d-b089-9977cdae65db}t', 4);
DeleteService('{34789ec0-129d-4a2d-b089-9977cdae65db}t');
SetServiceStart('{1a7531da-31ad-48c5-8d60-be70ecfbab93}t', 4);
DeleteService('{1a7531da-31ad-48c5-8d60-be70ecfbab93}t');
SetServiceStart('Util Cyti Web', 4);
DeleteService('Util Cyti Web');
SetServiceStart('Update Service for advPlugin', 4);
DeleteService('Update Service for advPlugin');
SetServiceStart('Update Cyti Web', 4);
DeleteService('Update Cyti Web');
QuarantineFile('C:\WINDOWS\system32\drivers\{d487b1e4-59cf-4940-87da-e7c5a283dab7}t.sys','');
QuarantineFile('C:\WINDOWS\system32\drivers\{c0915853-fd66-4086-a9ce-b80496d49b3f}Gt.sys','');
QuarantineFile('C:\WINDOWS\system32\drivers\{9d525140-2aa5-4c29-b571-058468248f69}t.sys','');
QuarantineFile('C:\WINDOWS\system32\drivers\{955a1491-962c-4a4d-a25b-ddfc77991b58}t.sys','');
QuarantineFile('C:\WINDOWS\system32\drivers\{34789ec0-129d-4a2d-b089-9977cdae65db}t.sys','');
QuarantineFile('C:\WINDOWS\system32\drivers\{1a7531da-31ad-48c5-8d60-be70ecfbab93}t.sys','');
QuarantineFile('C:\Program Files\advPlugin\Toolbar32.dll','');
QuarantineFile('C:\Program Files\advPlugin\Interfaces32.dll','');
QuarantineFile('c:\program files\cyti web\bin\utilcytiweb.exe','');
TerminateProcessByName('c:\program files\cyti web\updatecytiweb.exe');
QuarantineFile('c:\program files\cyti web\updatecytiweb.exe','');
TerminateProcessByName('c:\program files\advplugin\basement\extensionupdaterservice.exe');
QuarantineFile('c:\program files\advplugin\basement\extensionupdaterservice.exe','');
TerminateProcessByName('c:\program files\advplugin\backgroundsingleton.exe');
QuarantineFile('c:\program files\advplugin\backgroundsingleton.exe','');
QuarantineFile('c:\documents and settings\all users\application data\appmgr3.16.8591351\appmgr.exe','');
DeleteFile('c:\program files\advplugin\backgroundsingleton.exe','32');
DeleteFile('c:\program files\advplugin\basement\extensionupdaterservice.exe','32');
DeleteFile('c:\program files\cyti web\updatecytiweb.exe','32');
DeleteFile('c:\program files\cyti web\bin\utilcytiweb.exe','32');
DeleteFile('C:\Program Files\advPlugin\Interfaces32.dll','32');
DeleteFile('C:\Program Files\advPlugin\Toolbar32.dll','32');
DeleteFile('C:\WINDOWS\system32\drivers\{1a7531da-31ad-48c5-8d60-be70ecfbab93}t.sys','32');
DeleteFile('C:\WINDOWS\system32\drivers\{34789ec0-129d-4a2d-b089-9977cdae65db}t.sys','32');
DeleteFile('C:\WINDOWS\system32\drivers\{955a1491-962c-4a4d-a25b-ddfc77991b58}t.sys','32');
DeleteFile('C:\WINDOWS\system32\drivers\{9d525140-2aa5-4c29-b571-058468248f69}t.sys','32');
DeleteFile('C:\WINDOWS\system32\drivers\{c0915853-fd66-4086-a9ce-b80496d49b3f}Gt.sys','32');
DeleteFile('C:\WINDOWS\system32\drivers\{d487b1e4-59cf-4940-87da-e7c5a283dab7}t.sys','32');
DeleteFile('C:\Program Files\Internet Speed Checker\1fcaab5d-9ca3-43ad-a3ce-839ffea030d5-1-6.exe','32');
DeleteFile('C:\WINDOWS\Tasks\1fcaab5d-9ca3-43ad-a3ce-839ffea030d5-1-6.job','32');
DeleteFile('C:\WINDOWS\Tasks\1fcaab5d-9ca3-43ad-a3ce-839ffea030d5-1-7.job','32');
DeleteFile('C:\Program Files\Internet Speed Checker\1fcaab5d-9ca3-43ad-a3ce-839ffea030d5-1-7.exe','32');
DeleteFile('C:\Program Files\Internet Speed Checker\1fcaab5d-9ca3-43ad-a3ce-839ffea030d5-10.exe','32');
DeleteFile('C:\WINDOWS\Tasks\1fcaab5d-9ca3-43ad-a3ce-839ffea030d5-10_user.job','32');
DeleteFile('C:\WINDOWS\Tasks\1fcaab5d-9ca3-43ad-a3ce-839ffea030d5-11.job','32');
DeleteFile('C:\Program Files\Internet Speed Checker\1fcaab5d-9ca3-43ad-a3ce-839ffea030d5-11.exe','32');
DeleteFile('C:\Program Files\Internet Speed Checker\1fcaab5d-9ca3-43ad-a3ce-839ffea030d5-4.exe','32');
DeleteFile('C:\WINDOWS\Tasks\1fcaab5d-9ca3-43ad-a3ce-839ffea030d5-4.job','32');
DeleteFile('C:\WINDOWS\Tasks\1fcaab5d-9ca3-43ad-a3ce-839ffea030d5-5.job','32');
DeleteFile('C:\Program Files\Internet Speed Checker\1fcaab5d-9ca3-43ad-a3ce-839ffea030d5-5.exe','32');
DeleteFile('C:\Program Files\HQ Cinema Video 1.9cV08.02\c90b9019-188a-4b04-bf01-c30893986124-1-6.exe','32');
DeleteFile('C:\WINDOWS\Tasks\c90b9019-188a-4b04-bf01-c30893986124-1-6.job','32');
DeleteFile('C:\WINDOWS\Tasks\c90b9019-188a-4b04-bf01-c30893986124-1-7.job','32');
DeleteFile('C:\Program Files\HQ Cinema Video 1.9cV08.02\c90b9019-188a-4b04-bf01-c30893986124-1-7.exe','32');
DeleteFile('C:\Program Files\HQ Cinema Video 1.9cV08.02\c90b9019-188a-4b04-bf01-c30893986124-11.exe','32');
DeleteFile('C:\WINDOWS\Tasks\c90b9019-188a-4b04-bf01-c30893986124-11.job','32');
DeleteFile('C:\WINDOWS\Tasks\c90b9019-188a-4b04-bf01-c30893986124-4.job','32');
DeleteFile('C:\Program Files\HQ Cinema Video 1.9cV08.02\c90b9019-188a-4b04-bf01-c30893986124-4.exe','32');
DeleteFile('C:\Program Files\HQ Cinema Video 1.9cV08.02\c90b9019-188a-4b04-bf01-c30893986124-5.exe','32');
DeleteFile('C:\WINDOWS\Tasks\c90b9019-188a-4b04-bf01-c30893986124-5.job','32');
DeleteFile('C:\Program Files\SavePass 1.1\ea1eba0b-5b03-470c-97f5-2c0c93503ed2-1-6.exe','32');
DeleteFile('C:\Program Files\SavePass 1.1\ea1eba0b-5b03-470c-97f5-2c0c93503ed2-1-7.exe','32');
DeleteFile('C:\WINDOWS\Tasks\ea1eba0b-5b03-470c-97f5-2c0c93503ed2-1-7.job','32');
DeleteFile('C:\WINDOWS\Tasks\ea1eba0b-5b03-470c-97f5-2c0c93503ed2-10_user.job','32');
DeleteFile('C:\Program Files\SavePass 1.1\ea1eba0b-5b03-470c-97f5-2c0c93503ed2-10.exe','32');
DeleteFile('C:\Program Files\SavePass 1.1\ea1eba0b-5b03-470c-97f5-2c0c93503ed2-11.exe','32');
DeleteFile('C:\WINDOWS\Tasks\ea1eba0b-5b03-470c-97f5-2c0c93503ed2-11.job','32');
DeleteFile('C:\WINDOWS\Tasks\ea1eba0b-5b03-470c-97f5-2c0c93503ed2-4.job','32');
DeleteFile('C:\Program Files\SavePass 1.1\ea1eba0b-5b03-470c-97f5-2c0c93503ed2-4.exe','32');
DeleteFile('C:\Program Files\SavePass 1.1\ea1eba0b-5b03-470c-97f5-2c0c93503ed2-5.exe','32');
DeleteFile('C:\WINDOWS\Tasks\ea1eba0b-5b03-470c-97f5-2c0c93503ed2-5.job','32');
DeleteFile('C:\WINDOWS\Tasks\NAXDF.job','32');
DeleteFile('C:\WINDOWS\Tasks\NKWRMO.job','32');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(false);
end.
Компьютер перезагрузится.