Код:
begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
QuarantineFile('C:\Program Files\Lyrmix\LymxUD.exe','');
DeleteService('RegFltrX86');
QuarantineFile('C:\Users\светлана\AppData\Local\DatabaseJRERegister\RegFltrX86.sys','');
QuarantineFile('C:\Users\светлана\AppData\Local\CopyOSScrolling\RgFltX86.sys','');
DeleteService('RgFltX86');
QuarantineFile('C:\Users\светлана\AppData\Local\daemontrashSched\daemontrashSched.exe','');
QuarantineFile('C:\Program Files\WinRST\WinRST.exe','');
QuarantineFile('C:\Users\светлана\AppData\Local\3d266a47585669600a4e328b311ed3c8\6b083181c826b54.exe','');
QuarantineFile('C:\Users\светлана\AppData\Local\CompilerJAVAWizard\CompilerJAVAWizard.exe','');
QuarantineFile('C:\Users\светлана\AppData\Local\PirritSuggestor\PirritService.exe','');
DeleteService('PirritDesktop');
DeleteService('CompilerJAVAWizard.exe');
DeleteService('6b083181c826b54.exe');
SetServiceStart('WinRST', 4);
DeleteService('WinRST');
SetServiceStart('daemontrashSched.exe', 4);
DeleteService('daemontrashSched.exe');
SetServiceStart('CopyOSScrolling.exe', 4);
DeleteService('CopyOSScrolling.exe');
SetServiceStart('ApplicationContextualRecycle', 4);
DeleteService('ApplicationContextualRecycle');
TerminateProcessByName('c:\users\светлана\appdata\local\daemontrashsched\daemontrashsched.exe');
QuarantineFile('c:\users\светлана\appdata\local\daemontrashsched\daemontrashsched.exe','');
TerminateProcessByName('c:\program files\winrst\winrst.exe');
QuarantineFile('c:\program files\winrst\winrst.exe','');
TerminateProcessByName('c:\windows\system32\applicationcontextualrecycle\applicationcontextualrecycle.exe');
QuarantineFile('c:\windows\system32\applicationcontextualrecycle\applicationcontextualrecycle.exe','');
TerminateProcessByName('c:\program files\edealpop\edealpop.exe');
QuarantineFile('c:\program files\edealpop\edealpop.exe','');
TerminateProcessByName('c:\users\светлана\appdata\local\copyosscrolling\copyosscrolling.exe');
QuarantineFile('c:\users\светлана\appdata\local\copyosscrolling\copyosscrolling.exe','');
DeleteFile('c:\users\светлана\appdata\local\copyosscrolling\copyosscrolling.exe','32');
DeleteFile('c:\program files\edealpop\edealpop.exe','32');
DeleteFile('c:\windows\system32\applicationcontextualrecycle\applicationcontextualrecycle.exe','32');
DeleteFile('c:\program files\winrst\winrst.exe','32');
DeleteFile('c:\users\светлана\appdata\local\daemontrashsched\daemontrashsched.exe','32');
DeleteFile('C:\Users\светлана\AppData\Local\PirritSuggestor\PirritService.exe','32');
DeleteFile('C:\Users\светлана\AppData\Local\CompilerJAVAWizard\CompilerJAVAWizard.exe','32');
DeleteFile('C:\Users\светлана\AppData\Local\3d266a47585669600a4e328b311ed3c8\6b083181c826b54.exe','32');
DeleteFile('C:\Program Files\WinRST\WinRST.exe','32');
DeleteFile('C:\Users\светлана\AppData\Local\daemontrashSched\daemontrashSched.exe','32');
DeleteFile('C:\Users\светлана\AppData\Local\CopyOSScrolling\RgFltX86.sys','32');
DeleteFile('C:\Users\светлана\AppData\Local\DatabaseJRERegister\RegFltrX86.sys','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','eDealPop');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','eDealsPop');
DeleteFile('C:\Program Files\Lyrmix\LymxUD.exe','32');
DeleteFile('C:\Windows\Tasks\Lyrmix Update.job','32');
DeleteFileMask('C:\Program Files\Lyrmix', '*', true);
DeleteDirectory('C:\Program Files\Lyrmix');
DeleteFileMask('C:\Users\светлана\AppData\Local\DatabaseJRERegister', '*', true);
DeleteDirectory('C:\Users\светлана\AppData\Local\DatabaseJRERegister');
DeleteFileMask('C:\Users\светлана\AppData\Local\CopyOSScrolling', '*', true);
DeleteDirectory('C:\Users\светлана\AppData\Local\CopyOSScrolling');
DeleteFileMask('C:\Users\светлана\AppData\Local\daemontrashSched', '*', true);
DeleteDirectory('C:\Users\светлана\AppData\Local\daemontrashSched');
DeleteFileMask('C:\Users\светлана\AppData\Local\3d266a47585669600a4e328b311ed3c8', '*', true);
DeleteDirectory('C:\Users\светлана\AppData\Local\3d266a47585669600a4e328b311ed3c8');
DeleteFileMask('C:\Users\светлана\AppData\Local\CompilerJAVAWizard', '*', true);
DeleteDirectory('C:\Users\светлана\AppData\Local\CompilerJAVAWizard');
DeleteFileMask('C:\Users\светлана\AppData\Local\PirritSuggestor', '*', true);
DeleteDirectory('C:\Users\светлана\AppData\Local\PirritSuggestor');
DeleteFileMask('c:\program files\winrst', '*', true);
DeleteDirectory('c:\program files\winrst');
DeleteFileMask('c:\program files\edealpop', '*', true);
DeleteDirectory('c:\program files\edealpop');
DeleteFileMask('c:\windows\system32\applicationcontextualrecycle', '*', true);
DeleteDirectory('c:\windows\system32\applicationcontextualrecycle');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(false);
end.
Компьютер перезагрузится.