Код:
begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
QuarantineFile('C:\Users\Юлия\AppData\Roaming\TVOI.exe','');
QuarantineFile('C:\Users\Юлия\AppData\Roaming\PQSKQTP.exe','');
QuarantineFile('C:\Users\0E3B~1\AppData\Roaming\PennyBee\UPDATE~1\UPDATE~1.EXE','');
QuarantineFile('C:\Program Files (x86)\HQ-Video-Pro-2.1cV19.12\e75cb157-cdb9-40b0-8d3b-db028c45c89f-7.exe','');
QuarantineFile('C:\Program Files (x86)\HQ-Video-Pro-2.1cV19.12\e75cb157-cdb9-40b0-8d3b-db028c45c89f-5.exe','');
QuarantineFile('C:\Program Files (x86)\HQ-Video-Pro-2.1cV19.12\e75cb157-cdb9-40b0-8d3b-db028c45c89f-2.exe','');
QuarantineFile('C:\Program Files (x86)\HQ-Video-Pro-2.1cV19.12\HQ-Video-Pro-2.1cV19.12-codedownloader.exe','');
QuarantineFile('C:\Program Files (x86)\Ge-Force\c64487ac-36e2-4fc5-ad65-d8e5de5acb86-6.exe','');
QuarantineFile('C:\Program Files (x86)\Ge-Force\c64487ac-36e2-4fc5-ad65-d8e5de5acb86-5.exe','');
QuarantineFile('C:\Program Files (x86)\Ge-Force\c64487ac-36e2-4fc5-ad65-d8e5de5acb86-2.exe','');
QuarantineFile('C:\Program Files (x86)\SavePass 1.1\c156bda9-04bd-481a-9a92-a48043392a25.exe','');
QuarantineFile('C:\Program Files (x86)\SavePass 1.1\bd235320-55b3-4b4c-b65d-42e16109800c-6.exe','');
QuarantineFile('C:\Program Files (x86)\SavePass 1.1\bd235320-55b3-4b4c-b65d-42e16109800c-5.exe','');
QuarantineFile('C:\Program Files (x86)\SavePass 1.1\bd235320-55b3-4b4c-b65d-42e16109800c-4.exe','');
QuarantineFile('C:\Program Files (x86)\SavePass 1.1\bd235320-55b3-4b4c-b65d-42e16109800c-2.exe','');
QuarantineFile('C:\Program Files (x86)\SavePass 1.1\bd235320-55b3-4b4c-b65d-42e16109800c-11.exe','');
QuarantineFile('C:\Program Files (x86)\Sense\18f2ae77-2af7-421c-97b4-09df249d396f-6.exe','');
QuarantineFile('C:\Program Files (x86)\Sense\18f2ae77-2af7-421c-97b4-09df249d396f-5.exe','');
QuarantineFile('C:\Program Files (x86)\Sense\18f2ae77-2af7-421c-97b4-09df249d396f-2.exe','');
DelBHO('{11111111-1111-1111-1111-110611911129}');
DelBHO('{11111111-1111-1111-1111-110611901163}');
DelBHO('{11111111-1111-1111-1111-110611901159}');
DelBHO('{11111111-1111-1111-1111-110611341129}');
QuarantineFile('C:\Program Files (x86)\SavePass 1.1\SavePass 1.1-bho.dll','');
QuarantineFile('C:\Program Files (x86)\PennyBee\PennyBeeW.exe','');
QuarantineFile('C:\Program Files (x86)\ShopperPro\JSDriver\1.38.0.1447\jsdrv.exe','');
QuarantineFile('C:\Windows\system32\drivers\ccnfd_1_10_0_4.sys','');
DeleteService('ccnfd_1_10_0_4');
SetServiceStart('webinstrNewH', 4);
DeleteService('webinstrNewH');
QuarantineFile('C:\Program Files (x86)\snipsmart\updatesnipsmart.exe','');
DeleteService('Update snipsmart');
SetServiceStart('WindowsMangerProtect', 4);
DeleteService('WindowsMangerProtect');
QuarantineFile('C:\Windows\system32\Drivers\webinstrNewH.sys','');
TerminateProcessByName('c:\programdata\windowsmangerprotect\protectwindowsmanager.exe');
QuarantineFile('c:\programdata\windowsmangerprotect\protectwindowsmanager.exe','');
TerminateProcessByName('c:\program files (x86)\savepass 1.1\c156bda9-04bd-481a-9a92-a48043392a25.exe');
QuarantineFile('c:\program files (x86)\savepass 1.1\c156bda9-04bd-481a-9a92-a48043392a25.exe','');
DeleteFile('c:\program files (x86)\savepass 1.1\c156bda9-04bd-481a-9a92-a48043392a25.exe','32');
DeleteFile('c:\programdata\windowsmangerprotect\protectwindowsmanager.exe','32');
DeleteFile('C:\Windows\system32\Drivers\webinstrNewH.sys','32');
DeleteFile('C:\Program Files (x86)\snipsmart\updatesnipsmart.exe','32');
DeleteFile('C:\Windows\system32\drivers\ccnfd_1_10_0_4.sys','32');
DeleteFile('C:\Program Files (x86)\ShopperPro\JSDriver\1.38.0.1447\jsdrv.exe','32');
DeleteFile('C:\Program Files (x86)\PennyBee\PennyBeeW.exe','32');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','PennyBee');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','SPDriver');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','SPDriver');
DeleteFile('C:\Program Files (x86)\SavePass 1.1\SavePass 1.1-bho.dll','32');
DeleteFile('C:\Program Files (x86)\Sense\18f2ae77-2af7-421c-97b4-09df249d396f-2.exe','32');
DeleteFile('C:\Program Files (x86)\Sense\18f2ae77-2af7-421c-97b4-09df249d396f-5.exe','32');
DeleteFile('C:\Program Files (x86)\Sense\18f2ae77-2af7-421c-97b4-09df249d396f-6.exe','32');
DeleteFile('C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe','32');
DeleteFile('C:\Program Files (x86)\SavePass 1.1\bc3e5259-216b-45ab-922d-6380dea9f0d0.exe','32');
DeleteFile('C:\Program Files (x86)\SavePass 1.1\bd235320-55b3-4b4c-b65d-42e16109800c-11.exe','32');
DeleteFile('C:\Program Files (x86)\SavePass 1.1\bd235320-55b3-4b4c-b65d-42e16109800c-2.exe','32');
DeleteFile('C:\Program Files (x86)\SavePass 1.1\bd235320-55b3-4b4c-b65d-42e16109800c-4.exe','32');
DeleteFile('C:\Program Files (x86)\SavePass 1.1\bd235320-55b3-4b4c-b65d-42e16109800c-5.exe','32');
DeleteFile('C:\Program Files (x86)\SavePass 1.1\bd235320-55b3-4b4c-b65d-42e16109800c-6.exe','32');
DeleteFile('C:\Program Files (x86)\SavePass 1.1\c156bda9-04bd-481a-9a92-a48043392a25.exe','32');
DeleteFile('C:\Program Files (x86)\Ge-Force\c64487ac-36e2-4fc5-ad65-d8e5de5acb86-2.exe','32');
DeleteFile('C:\Program Files (x86)\Ge-Force\c64487ac-36e2-4fc5-ad65-d8e5de5acb86-5.exe','32');
DeleteFile('C:\Program Files (x86)\Ge-Force\c64487ac-36e2-4fc5-ad65-d8e5de5acb86-6.exe','32');
DeleteFile('C:\Program Files (x86)\HQ-Video-Pro-2.1cV19.12\HQ-Video-Pro-2.1cV19.12-codedownloader.exe','32');
DeleteFile('C:\Program Files (x86)\HQ-Video-Pro-2.1cV19.12\e75cb157-cdb9-40b0-8d3b-db028c45c89f-2.exe','32');
DeleteFile('C:\Program Files (x86)\HQ-Video-Pro-2.1cV19.12\e75cb157-cdb9-40b0-8d3b-db028c45c89f-5.exe','32');
DeleteFile('C:\Program Files (x86)\HQ-Video-Pro-2.1cV19.12\e75cb157-cdb9-40b0-8d3b-db028c45c89f-7.exe','32');
DeleteFile('C:\Users\0E3B~1\AppData\Roaming\PennyBee\UPDATE~1\UPDATE~1.EXE','32');
DeleteFile('C:\Users\Юлия\AppData\Roaming\PQSKQTP.exe','32');
DeleteFile('C:\Users\Юлия\AppData\Roaming\TVOI.exe','32');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(false);
end.
Компьютер перезагрузится.