Код:
beginShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);if not IsWOW64 then begin SearchRootkit(true, true); SetAVZGuardStatus(true); end;QuarantineFile('C:\WINDOWS\pipi\browser\wmipvic.exe', 'MBAM: Trojan.Agent');QuarantineFile('C:\RECYCLER\onsetup.exe', 'MBAM: Backdoor.Farfli');QuarantineFile('C:\RECYCLER\bootexplorer.exe', 'MBAM: Backdoor.Farfli');QuarantineFile('C:\RECYCLER\bootpass.exe', 'MBAM: Worm.Magania');QuarantineFile('C:\RECYCLER\hexexplorer.exe', 'MBAM: Backdoor.Farfli');QuarantineFile('C:\RECYCLER\hexpass.exe', 'MBAM: Worm.Magania');QuarantineFile('C:\RECYCLER\hexqq.exe', 'MBAM: Trojan.Agent.QQGen');QuarantineFile('C:\RECYCLER\hexsetup.exe', 'MBAM: Backdoor.Farfli');QuarantineFile('C:\RECYCLER\on123.exe', 'MBAM: Trojan.Agent');QuarantineFile('C:\RECYCLER\onserver.exe', 'MBAM: Backdoor.Farfli');QuarantineFile('C:\RECYCLER\s123.exe', 'MBAM: Trojan.Agent');QuarantineFile('C:\RECYCLER\spass.exe', 'MBAM: Worm.Magania');QuarantineFile('C:\RECYCLER\st123.exe', 'MBAM: Trojan.Agent');QuarantineFile('C:\Documents and Settings\hexserver.exe', 'MBAM: Backdoor.Farfli');QuarantineFile('C:\Documents and Settings\on123.exe', 'MBAM: Trojan.Agent');QuarantineFile('C:\Documents and Settings\onserver.exe', 'MBAM: Backdoor.Farfli');QuarantineFile('C:\Documents and Settings\s123.exe', 'MBAM: Trojan.Agent');QuarantineFile('C:\Documents and Settings\sserver.exe', 'MBAM: Backdoor.Farfli');QuarantineFile('C:\Documents and Settings\admin1\Рабочий стол\2.rar', 'MBAM: Trojan.FlyStudio');QuarantineFile('C:\Documents and Settings\admin1\Рабочий стол\??????1433.exe', 'MBAM: Trojan.FlyStudio');QuarantineFile('C:\Documents and Settings\Waiting\Local Settings\Temporary Internet Files\Content.IE5\K5P8EX2D\A15[1].exe', 'MBAM: Malware.Packer');QuarantineFile('C:\Documents and Settings\Waiting\Local Settings\Temporary Internet Files\Content.IE5\K5P8EX2D\server[1].exe', 'MBAM: Worm.Magania');QuarantineFile('C:\Documents and Settings\Waiting\Local Settings\Temporary Internet Files\Content.IE5\KNJHWCNF\A15[1].exe', 'MBAM: Malware.Packer');QuarantineFile('C:\Documents and Settings\Waiting\Local Settings\Temporary Internet Files\Content.IE5\LQM8IRI8\1[2].exe', 'MBAM: Backdoor.Farfli');QuarantineFile('C:\Documents and Settings\Waiting\Local Settings\Temporary Internet Files\Content.IE5\V59HWDE2\A15[1].exe', 'MBAM: Malware.Packer');QuarantineFile('C:\WINDOWS\xinstall1052700.dll', 'MBAM: Backdoor.Farfli');QuarantineFile('C:\WINDOWS\xinstall1113900.dll', 'MBAM: Backdoor.Farfli');QuarantineFile('C:\WINDOWS\xinstall1148700.dll', 'MBAM: Backdoor.Farfli');QuarantineFile('C:\WINDOWS\xinstall1518100.dll', 'MBAM: Backdoor.Farfli');QuarantineFile('C:\WINDOWS\xinstall1783400.dll', 'MBAM: Backdoor.Farfli');QuarantineFile('C:\WINDOWS\xinstall2506900.dll', 'MBAM: Backdoor.Farfli');QuarantineFile('C:\WINDOWS\xinstall2876500.dll', 'MBAM: Backdoor.Farfli');QuarantineFile('C:\WINDOWS\xinstall2998900.dll', 'MBAM: Backdoor.Farfli');QuarantineFile('C:\WINDOWS\xinstall3006900.dll', 'MBAM: Backdoor.Farfli');QuarantineFile('C:\WINDOWS\xinstall3054800.dll', 'MBAM: Backdoor.Farfli');QuarantineFile('C:\WINDOWS\xinstall3228600.dll', 'MBAM: Backdoor.Farfli');QuarantineFile('C:\WINDOWS\xinstall605900.dll', 'MBAM: Backdoor.Farfli');QuarantineFile('C:\WINDOWS\Web\2345xiufu_kgm521_v1.5.exe', 'MBAM: Trojan.ChinAd');QuarantineFile('C:\WINDOWS\E67242C7\svchsot.exe', 'MBAM: Backdoor.Farfli');QuarantineFile('C:\WINDOWS\WinSxS\РЦµЬНшВз\1433\scan\s.exe', 'MBAM: PUP.RiskWare.TCPScan');QuarantineFile('C:\WINDOWS\Config\setup_open_3342.exe', 'MBAM: Trojan.Downloader.Small');QuarantineFile('C:\WINDOWS\43AFCDAB\svchsot.exe', 'MBAM: Backdoor.Farfli');QuarantineFile('C:\WINDOWS\90C77571\svchsot.exe', 'MBAM: Backdoor.Farfli');QuarantineFile('C:\Program Files\Common Files\Microsoft Shared\svhost.exe', 'MBAM: Backdoor.Farfli');QuarantineFile('C:\RECYCLER\bootKINSTALLERS_66_4511.exe', 'MBAM: Trojan.Agent');QuarantineFile('C:\RECYCLER\bootwin.exe', 'MBAM: Trojan.Agent');QuarantineFile('C:\RECYCLER\hex123.exe', 'MBAM: Trojan.Agent');QuarantineFile('C:\RECYCLER\hexKINSTALLERS_66_4511.exe', 'MBAM: Trojan.Agent');QuarantineFile('C:\RECYCLER\hexwin.exe', 'MBAM: Trojan.Agent');QuarantineFile('C:\RECYCLER\shqq.exe', 'MBAM: Trojan.Agent');QuarantineFile('C:\RECYCLER\sKINSTALLERS_66_4511.exe', 'MBAM: Trojan.Agent');QuarantineFile('C:\RECYCLER\stKINSTALLERS_66_4511.exe', 'MBAM: Trojan.Agent');QuarantineFile('C:\RECYCLER\swin.exe', 'MBAM: Trojan.Agent');QuarantineFile('C:\RECYCLER\xpexplorer.exe', 'MBAM: Trojan.Agent');QuarantineFile('C:\RECYCLER\xpKINSTALLERS_66_4511.exe', 'MBAM: Trojan.Agent');QuarantineFile('C:\RECYCLER\xppass.exe', 'MBAM: Trojan.Agent');QuarantineFile('C:\RECYCLER\xpqq.exe', 'MBAM: Trojan.Agent');QuarantineFile('C:\RECYCLER\xpserver.exe', 'MBAM: Trojan.Agent');QuarantineFile('C:\RECYCLER\xpwin.exe', 'MBAM: Trojan.Agent');QuarantineFile('C:\RECYCLER\zyqq.exe', 'MBAM: Trojan.Agent');QuarantineFile('C:\WINDOWS\system32\f5859b27.rdb', 'MBAM: Malware.Trace');DeleteFile('C:\WINDOWS\pipi\browser\wmipvic.exe');DeleteFile('C:\RECYCLER\onsetup.exe');DeleteFile('C:\RECYCLER\bootexplorer.exe');DeleteFile('C:\RECYCLER\bootpass.exe');DeleteFile('C:\RECYCLER\hexexplorer.exe');DeleteFile('C:\RECYCLER\hexpass.exe');DeleteFile('C:\RECYCLER\hexqq.exe');DeleteFile('C:\RECYCLER\hexsetup.exe');DeleteFile('C:\RECYCLER\on123.exe');DeleteFile('C:\RECYCLER\onserver.exe');DeleteFile('C:\RECYCLER\s123.exe');DeleteFile('C:\RECYCLER\spass.exe');DeleteFile('C:\RECYCLER\st123.exe');DeleteFile('C:\Documents and Settings\hexserver.exe');DeleteFile('C:\Documents and Settings\on123.exe');DeleteFile('C:\Documents and Settings\onserver.exe');DeleteFile('C:\Documents and Settings\s123.exe');DeleteFile('C:\Documents and Settings\sserver.exe');DeleteFile('C:\Documents and Settings\admin1\Рабочий стол\2.rar');DeleteFile('C:\Documents and Settings\admin1\Рабочий стол\??????1433.exe');DeleteFile('C:\Documents and Settings\Waiting\Local Settings\Temporary Internet Files\Content.IE5\K5P8EX2D\A15[1].exe');DeleteFile('C:\Documents and Settings\Waiting\Local Settings\Temporary Internet Files\Content.IE5\K5P8EX2D\server[1].exe');DeleteFile('C:\Documents and Settings\Waiting\Local Settings\Temporary Internet Files\Content.IE5\KNJHWCNF\A15[1].exe');DeleteFile('C:\Documents and Settings\Waiting\Local Settings\Temporary Internet Files\Content.IE5\LQM8IRI8\1[2].exe');DeleteFile('C:\Documents and Settings\Waiting\Local Settings\Temporary Internet Files\Content.IE5\V59HWDE2\A15[1].exe');DeleteFile('C:\WINDOWS\xinstall1052700.dll');DeleteFile('C:\WINDOWS\xinstall1113900.dll');DeleteFile('C:\WINDOWS\xinstall1148700.dll');DeleteFile('C:\WINDOWS\xinstall1518100.dll');DeleteFile('C:\WINDOWS\xinstall1783400.dll');DeleteFile('C:\WINDOWS\xinstall2506900.dll');DeleteFile('C:\WINDOWS\xinstall2876500.dll');DeleteFile('C:\WINDOWS\xinstall2998900.dll');DeleteFile('C:\WINDOWS\xinstall3006900.dll');DeleteFile('C:\WINDOWS\xinstall3054800.dll');DeleteFile('C:\WINDOWS\xinstall3228600.dll');DeleteFile('C:\WINDOWS\xinstall605900.dll');DeleteFile('C:\WINDOWS\Web\2345xiufu_kgm521_v1.5.exe');DeleteFile('C:\WINDOWS\E67242C7\svchsot.exe');DeleteFile('C:\WINDOWS\WinSxS\РЦµЬНшВз\1433\scan\s.exe');DeleteFile('C:\WINDOWS\43AFCDAB\svchsot.exe');DeleteFile('C:\WINDOWS\90C77571\svchsot.exe');DeleteFile('C:\Program Files\Common Files\Microsoft Shared\svhost.exe');DeleteFile('C:\RECYCLER\bootKINSTALLERS_66_4511.exe');DeleteFile('C:\RECYCLER\bootwin.exe');DeleteFile('C:\RECYCLER\hex123.exe');DeleteFile('C:\RECYCLER\hexKINSTALLERS_66_4511.exe');DeleteFile('C:\RECYCLER\hexwin.exe');DeleteFile('C:\RECYCLER\shqq.exe');DeleteFile('C:\RECYCLER\sKINSTALLERS_66_4511.exe');DeleteFile('C:\RECYCLER\stKINSTALLERS_66_4511.exe');DeleteFile('C:\RECYCLER\swin.exe');DeleteFile('C:\RECYCLER\xpexplorer.exe');DeleteFile('C:\RECYCLER\xpKINSTALLERS_66_4511.exe');DeleteFile('C:\RECYCLER\xppass.exe');DeleteFile('C:\RECYCLER\xpqq.exe');DeleteFile('C:\RECYCLER\xpserver.exe');DeleteFile('C:\RECYCLER\xpwin.exe');DeleteFile('C:\RECYCLER\zyqq.exe');BC_ImportAll;ExecuteSysClean;BC_Activate;end.
Компьютер перезагрузите вручную.Пришлите карантин согласно