Код:
begin
ClearQuarantine;
if not IsWOW64 then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(true);
end;
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\B17F.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\A4E1.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\7825.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\6B1A.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\4ACD.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\43E9.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\3789.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\E18.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\FD.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\C7C3.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\BAD7.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\7CDD.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\707D.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\4586.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\3983.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\114A.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\577.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\E3B3.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\DBD6.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\CE3E.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\A7E8.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\9F5F.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\933E.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\FB13.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\EEE2.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\D440.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\C7D0.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\9444.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\8841.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\F158.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\DFAB.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\D8D7.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\CC96.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\A6DD.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\9F9B.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\937A.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\7021.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\5ADB.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\A61E.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\974F.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\79AD.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\71C0.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\6560.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\4274.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\2D5E.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\756.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\82.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\F4AF.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\D146.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\C5A1.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\A0C2.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\94DF.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\EDEF.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\D61A.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\E994.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\DD53.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\E300.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\DC0D.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\CF9D.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\4940.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\3BD7.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\DF5.exe','Detected by RSIT');
QuarantineFile('C:\Users\SKOLKOVO\AppData\Roaming\AB.exe','Detected by RSIT');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\B17F.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\A4E1.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\7825.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\6B1A.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\4ACD.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\43E9.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\3789.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\E18.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\FD.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\C7C3.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\BAD7.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\7CDD.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\707D.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\4586.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\3983.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\114A.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\577.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\E3B3.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\DBD6.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\CE3E.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\A7E8.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\9F5F.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\933E.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\FB13.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\EEE2.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\D440.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\C7D0.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\9444.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\8841.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\F158.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\DFAB.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\D8D7.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\CC96.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\A6DD.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\9F9B.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\937A.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\7021.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\5ADB.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\A61E.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\974F.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\79AD.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\71C0.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\6560.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\4274.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\2D5E.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\756.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\82.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\F4AF.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\D146.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\C5A1.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\A0C2.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\94DF.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\EDEF.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\D61A.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\E994.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\DD53.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\E300.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\DC0D.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\CF9D.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\4940.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\3BD7.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\DF5.exe');
DeleteFile('C:\Users\SKOLKOVO\AppData\Roaming\AB.exe');
DeleteFileMask('C:\Users\SKOLKOVO\AppData\Roaming\{64821D16-105C-4C7A-A89C-36AA41BD65F7}','*',true);
DeleteFileMask('C:\Users\SKOLKOVO\AppData\Roaming\{E9CE56E8-E32C-489E-ABBE-7B863C63AD13}','*',true);
DeleteDirectory('C:\Users\SKOLKOVO\AppData\Roaming\{E9CE56E8-E32C-489E-ABBE-7B863C63AD13}');
DeleteDirectory('C:\Users\SKOLKOVO\AppData\Roaming\{64821D16-105C-4C7A-A89C-36AA41BD65F7}');
BC_ImportDeletedList;
ExecuteSysClean;
ExecuteWizard('SCU',2,2,false);
BC_Activate;
CreateQurantineArchive(GetAVZDirectory+'quarantine_2.zip');
RebootWindows(true);
end.
После выполнения скрипта компьютер будет перезагружен.