Код:
begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.'+#13#10+'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(true);
end;
ClearQuarantine;
TerminateProcessByName('c:\users\user\appdata\roaming\vopackage\vosrv.exe');
TerminateProcessByName('c:\users\user\appdata\local\mbot_ru_1\upmbot_ru_1.exe');
TerminateProcessByName('c:\programdata\windowsmangerprotect\protectwindowsmanager.exe');
TerminateProcessByName('c:\program files (x86)\mbot_ru_1\mbot_ru_1.exe');
SetServiceStart('WindowsMangerProtect', 4);
SetServiceStart('servervo', 4);
StopService('WindowsMangerProtect');
StopService('servervo');
QuarantineFile('C:\Program Files (x86)\Intel\Intel.exe','');
QuarantineFile('C:\Users\User\AppData\Roaming\TMNBYO.exe','');
QuarantineFile('C:\Users\User\AppData\Roaming\TFRKQFSE.exe','');
QuarantineFile('C:\Users\User\AppData\Roaming\TCYE.exe','');
QuarantineFile('C:\Users\User\AppData\Roaming\LLZRHO.exe','');
QuarantineFile('C:\Users\User\AppData\Roaming\ScreenSaverPro.scr','');
QuarantineFile('c:\users\user\appdata\roaming\vopackage\vosrv.exe','');
QuarantineFile('c:\users\user\appdata\local\mbot_ru_1\upmbot_ru_1.exe','');
QuarantineFile('c:\programdata\windowsmangerprotect\protectwindowsmanager.exe','');
QuarantineFile('c:\program files (x86)\mbot_ru_1\mbot_ru_1.exe','');
DeleteFile('c:\program files (x86)\mbot_ru_1\mbot_ru_1.exe','32');
DeleteFile('c:\users\user\appdata\local\mbot_ru_1\upmbot_ru_1.exe','32');
DeleteFile('C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe','32');
DeleteFile('C:\Users\User\AppData\Roaming\VOPackage\VOsrv.exe','32');
DeleteFile('C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe','32');
DeleteFile('C:\Users\User\AppData\Roaming\ScreenSaverPro.scr','32');
DeleteFile('C:\Windows\Tasks\00c15e8c-47ce-4895-b365-de69131926e6-1.job','64');
DeleteFile('C:\Windows\Tasks\00c15e8c-47ce-4895-b365-de69131926e6-11.job','64');
DeleteFile('C:\Windows\Tasks\00c15e8c-47ce-4895-b365-de69131926e6-2.job','64');
DeleteFile('C:\Windows\Tasks\00c15e8c-47ce-4895-b365-de69131926e6-4.job','64');
DeleteFile('C:\Windows\Tasks\00c15e8c-47ce-4895-b365-de69131926e6-5.job','64');
DeleteFile('C:\Windows\Tasks\00c15e8c-47ce-4895-b365-de69131926e6-5_user.job','64');
DeleteFile('C:\Windows\Tasks\61834b2f-b091-41cc-816b-8c833340d037.job','64');
DeleteFile('C:\Windows\Tasks\77073ce7-94f9-4470-b813-277d0637db25-1.job','64');
DeleteFile('C:\Windows\Tasks\77073ce7-94f9-4470-b813-277d0637db25-11.job','64');
DeleteFile('C:\Windows\Tasks\77073ce7-94f9-4470-b813-277d0637db25-2.job','64');
DeleteFile('C:\Windows\Tasks\77073ce7-94f9-4470-b813-277d0637db25-3.job','64');
DeleteFile('C:\Windows\Tasks\77073ce7-94f9-4470-b813-277d0637db25-4.job','64');
DeleteFile('C:\Windows\Tasks\77073ce7-94f9-4470-b813-277d0637db25-5.job','64');
DeleteFile('C:\Windows\Tasks\77073ce7-94f9-4470-b813-277d0637db25-5_user.job','64');
DeleteFile('C:\Windows\Tasks\a4abc836-e796-4643-832e-8373aa7c0202.job','64');
DeleteFile('C:\Windows\Tasks\ceefd6f7-b069-4610-b083-744b9f3ebc05-1.job','64');
DeleteFile('C:\Windows\Tasks\ceefd6f7-b069-4610-b083-744b9f3ebc05-10_user.job','64');
DeleteFile('C:\Windows\Tasks\ceefd6f7-b069-4610-b083-744b9f3ebc05-11.job','64');
DeleteFile('C:\Windows\Tasks\ceefd6f7-b069-4610-b083-744b9f3ebc05-2.job','64');
DeleteFile('C:\Windows\Tasks\ceefd6f7-b069-4610-b083-744b9f3ebc05-3.job','64');
DeleteFile('C:\Windows\Tasks\ceefd6f7-b069-4610-b083-744b9f3ebc05-4.job','64');
DeleteFile('C:\Windows\Tasks\ceefd6f7-b069-4610-b083-744b9f3ebc05-5.job','64');
DeleteFile('C:\Windows\Tasks\ceefd6f7-b069-4610-b083-744b9f3ebc05-5_user.job','64');
DeleteFile('C:\Windows\Tasks\Dealply.job','64');
DeleteFile('C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job','64');
DeleteFile('C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job','64');
DeleteFile('C:\Users\User\AppData\Roaming\LLZRHO.exe','32');
DeleteFile('C:\Users\User\AppData\Roaming\TCYE.exe','32');
DeleteFile('C:\Windows\Tasks\TCYE.job','64');
DeleteFile('C:\Windows\Tasks\LLZRHO.job','64');
DeleteFile('C:\Users\User\AppData\Roaming\TFRKQFSE.exe','32');
DeleteFile('C:\Users\User\AppData\Roaming\TMNBYO.exe','32');
DeleteFile('C:\Windows\Tasks\TMNBYO.job','64');
DeleteFile('C:\Windows\Tasks\TFRKQFSE.job','64');
DeleteFile('C:\Windows\system32\Tasks\00c15e8c-47ce-4895-b365-de69131926e6-1','64');
DeleteFile('C:\Windows\system32\Tasks\00c15e8c-47ce-4895-b365-de69131926e6-11','64');
DeleteFile('C:\Windows\system32\Tasks\00c15e8c-47ce-4895-b365-de69131926e6-2','64');
DeleteFile('C:\Windows\system32\Tasks\00c15e8c-47ce-4895-b365-de69131926e6-4','64');
DeleteFile('C:\Windows\system32\Tasks\00c15e8c-47ce-4895-b365-de69131926e6-5','64');
DeleteFile('C:\Windows\system32\Tasks\61834b2f-b091-41cc-816b-8c833340d037','64');
DeleteFile('C:\Windows\system32\Tasks\77073ce7-94f9-4470-b813-277d0637db25-1','64');
DeleteFile('C:\Windows\system32\Tasks\77073ce7-94f9-4470-b813-277d0637db25-11','64');
DeleteFile('C:\Windows\system32\Tasks\77073ce7-94f9-4470-b813-277d0637db25-2','64');
DeleteFile('C:\Windows\system32\Tasks\77073ce7-94f9-4470-b813-277d0637db25-3','64');
DeleteFile('C:\Windows\system32\Tasks\77073ce7-94f9-4470-b813-277d0637db25-4','64');
DeleteFile('C:\Windows\system32\Tasks\77073ce7-94f9-4470-b813-277d0637db25-5','64');
DeleteFile('C:\Windows\system32\Tasks\ceefd6f7-b069-4610-b083-744b9f3ebc05-1','64');
DeleteFile('C:\Windows\system32\Tasks\ceefd6f7-b069-4610-b083-744b9f3ebc05-11','64');
DeleteFile('C:\Windows\system32\Tasks\ceefd6f7-b069-4610-b083-744b9f3ebc05-2','64');
DeleteFile('C:\Windows\system32\Tasks\ceefd6f7-b069-4610-b083-744b9f3ebc05-3','64');
DeleteFile('C:\Windows\system32\Tasks\ceefd6f7-b069-4610-b083-744b9f3ebc05-4','64');
DeleteFile('C:\Windows\system32\Tasks\ceefd6f7-b069-4610-b083-744b9f3ebc05-5','64');
DeleteFile('C:\Windows\system32\Tasks\Dealply','64');
DeleteFile('C:\Windows\system32\Tasks\globalUpdateUpdateTaskMachineCore','64');
DeleteFile('C:\Windows\system32\Tasks\globalUpdateUpdateTaskMachineUA','64');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','mbot_ru_1');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\RunOnce','upmbot_ru_1.exe');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','Screen Saver Pro 3.1');
DeleteService('globalUpdatem');
DeleteService('globalUpdate');
DeleteService('WindowsMangerProtect');
DeleteService('servervo');
DeleteFileMask('c:\program files (x86)\mbot_ru_1', '*', true, ' ');
DeleteDirectory('c:\program files (x86)\mbot_ru_1');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(false);
end.