Код:
begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
QuarantineFile('C:\Users\C5C4~1\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE','');
QuarantineFile('C:\Users\C5C4~1\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.EXE','');
QuarantineFile('C:\Program Files (x86)\DealPly\DealPlyUpdate.exe','');
QuarantineFile('C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe','');
QuarantineFile('C:\Program Files (x86)\Lyrmix\LymxUD.exe','');
QuarantineFile('C:\Program Files\V-bates\PrefHelper.exe','');
QuarantineFile('C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe','');
QuarantineFile('C:\Users\Бондаревы\Desktop\Виктория\Obnovi Soft\ObnoviSoft.exe','');
QuarantineFile('C:\Users\Бондаревы\AppData\Roaming\desktopy.ru\desktopy.exe','');
QuarantineFile('C:\Users\Бондаревы\AppData\Local\Screeny\Screeny.exe','');
QuarantineFile('C:\Users\Бондаревы\AppData\Local\da59ceaf645fa1ca7480ec3ac5759a40\547a330468863a1.exe','');
QuarantineFile('C:\Users\Бондаревы\AppData\Local\b979fe86ac4bca1ec197b7173ebd17d6\5d9fc5d9c742be0.exe','');
QuarantineFile('C:\Users\Бондаревы\AppData\Local\451ca5ca2c6db89fb37a9c067aff795d\98a4481d47a67dd.exe','');
QuarantineFile('C:\Users\Бондаревы\AppData\Local\APIArchiveTask\APIArchiveTask.exe','');
QuarantineFile('C:\Users\Бондаревы\AppData\Local\APIBackupScrolling\APIBackupScrolling.exe','');
QuarantineFile('C:\Users\Бондаревы\AppData\Local\ClassJRERoot\ClassJRERoot.exe','');
QuarantineFile('C:\Users\Бондаревы\AppData\Local\CompilerDatabaseMySQL\CompilerDatabaseMySQL.exe','');
QuarantineFile('C:\Users\Бондаревы\AppData\Local\ContextualDriverTrash\ContextualDriverTrash.exe','');
QuarantineFile('C:\Users\Бондаревы\AppData\Local\DesktopGNUIcon\DesktopGNUIcon.exe','');
QuarantineFile('C:\Users\Бондаревы\AppData\Local\DriverFolderRuntime\DriverFolderRuntime.exe','');
QuarantineFile('C:\Users\Бондаревы\AppData\Local\FAT32MBRMotion\FAT32MBRMotion.exe','');
QuarantineFile('C:\Users\Бондаревы\AppData\Local\FormatMemorySprite\FormatMemorySprite.exe','');
QuarantineFile('C:\Users\Бондаревы\AppData\Local\FormatPathTooltip\FormatPathTooltip.exe','');
QuarantineFile('C:\Users\Бондаревы\AppData\Local\GNUOCRProgram\GNUOCRProgram.exe','');
QuarantineFile('C:\Users\Бондаревы\AppData\Local\OCRPathTooltip\OCRPathTooltip.exe','');
QuarantineFile('C:\Users\Бондаревы\AppData\Local\PirritSuggestor\PirritService.exe','');
QuarantineFile('C:\Users\Бондаревы\AppData\Local\20f944e94c133b4adc25c01d407b8b73\RubyScreenshotScript.exe','');
QuarantineFile('C:\Program Files\V-bates\ExtensionUpdaterService.exe','');
DeleteService('V-bates Updater');
DeleteService('RubyScreenshotScript.exe');
DeleteService('PirritDesktop');
DeleteService('OCRPathTooltip.exe');
DeleteService('MozillaMaintenance');
DeleteService('GNUOCRProgram.exe');
DeleteService('FormatPathTooltip.exe');
DeleteService('FormatMemorySprite.exe');
DeleteService('FAT32MBRMotion.exe');
DeleteService('DriverFolderRuntime.exe');
DeleteService('DesktopGNUIcon.exe');
DeleteService('ContextualDriverTrash.exe');
DeleteService('CompilerDatabaseMySQL.exe');
DeleteService('ClassJRERoot.exe');
DeleteService('APIBackupScrolling.exe');
DeleteService('APIArchiveTask.exe');
DeleteService('98a4481d47a67dd.exe');
DeleteService('5d9fc5d9c742be0.exe');
DeleteService('547a330468863a1.exe');
DeleteFile('C:\Program Files\V-bates\ExtensionUpdaterService.exe','32');
DeleteFile('C:\Users\Бондаревы\AppData\Local\20f944e94c133b4adc25c01d407b8b73\RubyScreenshotScript.exe','32');
DeleteFile('C:\Users\Бондаревы\AppData\Local\PirritSuggestor\PirritService.exe','32');
DeleteFile('C:\Users\Бондаревы\AppData\Local\OCRPathTooltip\OCRPathTooltip.exe','32');
DeleteFile('C:\Users\Бондаревы\AppData\Local\GNUOCRProgram\GNUOCRProgram.exe','32');
DeleteFile('C:\Users\Бондаревы\AppData\Local\FormatPathTooltip\FormatPathTooltip.exe','32');
DeleteFile('C:\Users\Бондаревы\AppData\Local\FormatMemorySprite\FormatMemorySprite.exe','32');
DeleteFile('C:\Users\Бондаревы\AppData\Local\FAT32MBRMotion\FAT32MBRMotion.exe','32');
DeleteFile('C:\Users\Бондаревы\AppData\Local\DriverFolderRuntime\DriverFolderRuntime.exe','32');
DeleteFile('C:\Users\Бондаревы\AppData\Local\DesktopGNUIcon\DesktopGNUIcon.exe','32');
DeleteFile('C:\Users\Бондаревы\AppData\Local\ContextualDriverTrash\ContextualDriverTrash.exe','32');
DeleteFile('C:\Users\Бондаревы\AppData\Local\CompilerDatabaseMySQL\CompilerDatabaseMySQL.exe','32');
DeleteFile('C:\Users\Бондаревы\AppData\Local\ClassJRERoot\ClassJRERoot.exe','32');
DeleteFile('C:\Users\Бондаревы\AppData\Local\APIBackupScrolling\APIBackupScrolling.exe','32');
DeleteFile('C:\Users\Бондаревы\AppData\Local\APIArchiveTask\APIArchiveTask.exe','32');
DeleteFile('C:\Users\Бондаревы\AppData\Local\451ca5ca2c6db89fb37a9c067aff795d\98a4481d47a67dd.exe','32');
DeleteFile('C:\Users\Бондаревы\AppData\Local\b979fe86ac4bca1ec197b7173ebd17d6\5d9fc5d9c742be0.exe','32');
DeleteFile('C:\Users\Бондаревы\AppData\Local\da59ceaf645fa1ca7480ec3ac5759a40\547a330468863a1.exe','32');
DeleteFile('C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AnyProtect','command');
DeleteFile('C:\Users\Бондаревы\AppData\Local\Screeny\Screeny.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Screeny','command');
DeleteFile('C:\Users\Бондаревы\AppData\Roaming\desktopy.ru\desktopy.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\desktopy','command');
DeleteFile('C:\Users\Бондаревы\Desktop\ВДВ\Mobogenie\DaemonProcess.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\mobilegeni daemon','command');
DeleteFile('C:\Users\Бондаревы\Desktop\Виктория\Obnovi Soft\ObnoviSoft.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Обнови Софт','command');
DeleteFile('C:\Windows\Tasks\APSnotifierPP3.job','64');
DeleteFile('C:\Windows\Tasks\At1.job','64');
DeleteFile('C:\Users\C5C4~1\AppData\Local\Temp\993476','32');
DeleteFile('C:\Windows\Tasks\APSnotifierPP2.job','64');
DeleteFile('C:\Windows\Tasks\APSnotifierPP1.job','64');
DeleteFile('C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe','32');
DeleteFile('C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job','64');
DeleteFile('C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job','64');
DeleteFile('C:\Program Files\V-bates\PrefHelper.exe','32');
DeleteFile('C:\Program Files (x86)\Lyrmix\LymxUD.exe','32');
DeleteFile('C:\Windows\Tasks\Lyrmix Update.job','64');
DeleteFile('C:\Windows\Tasks\FF Watcher {53DCD401-5931-466C-A6C1-D69DBC74957A}.job','64');
DeleteFile('C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe','32');
DeleteFile('C:\Windows\system32\Tasks\Advanced System Protector_startup','64');
DeleteFile('C:\Windows\system32\Tasks\APSnotifierPP1','64');
DeleteFile('C:\Windows\system32\Tasks\APSnotifierPP2','64');
DeleteFile('C:\Windows\system32\Tasks\APSnotifierPP3','64');
DeleteFile('C:\Windows\system32\Tasks\At1','64');
DeleteFile('C:\Windows\system32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore','64');
DeleteFile('C:\Windows\system32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA','64');
DeleteFile('C:\Windows\system32\Tasks\DealPly','64');
DeleteFile('C:\Windows\system32\Tasks\DealPlyUpdate','64');
DeleteFile('C:\Program Files (x86)\DealPly\DealPlyUpdate.exe','32');
DeleteFile('C:\Users\C5C4~1\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.EXE','32');
DeleteFile('C:\Windows\system32\Tasks\DSite','64');
DeleteFile('C:\Users\C5C4~1\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE','32');
DeleteFile('C:\Windows\system32\Tasks\FF Watcher {53DCD401-5931-466C-A6C1-D69DBC74957A}','64');
DeleteFile('C:\Windows\system32\Tasks\Lyrmix Update','64');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(false);
end.
Компьютер перезагрузится.