Код:
begin
ShowMessage('Внимание! Перед выполнением скрипта AVZ автоматически закроет все сетевые подключения.' + #13#10 + 'После перезагрузки компьютера подключения к сети будут восстановлены в автоматическом режиме.');
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
if not IsWOW64
then
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
end;
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1804', 1);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '2201', 3);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1004', 3);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1001', 1);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1201', 3);
QuarantineFile('C:\Users\Администратор\appdata\local\pay-by-ads\yahoo! search\1.3.15.4\dsrsetup.exe','');
QuarantineFile('C:\Users\Администратор\appdata\local\pay-by-ads\yahoo! search\1.3.15.4\dsrlte.exe','');
DelBHO('{05b5ef3f-4c6a-426e-b77e-48ebb3e721f1}');
QuarantineFile('C:\Program Files (x86)\Framed Display\FramedDisplayBHO.dll','');
SetServiceStart('{e9bebce7-deb3-4ab9-896c-549739f208c5}Gw64', 4);
DeleteService('{e9bebce7-deb3-4ab9-896c-549739f208c5}Gw64');
SetServiceStart('{dda91daf-e6f8-4453-88d1-df18d861c904}w64', 4);
DeleteService('{dda91daf-e6f8-4453-88d1-df18d861c904}w64');
SetServiceStart('{cd63c300-b231-4a93-a479-5a1e96976d74}w64', 4);
DeleteService('{cd63c300-b231-4a93-a479-5a1e96976d74}w64');
SetServiceStart('{b30c55f2-a940-4907-8051-f13c9acdacdd}w64', 4);
DeleteService('{b30c55f2-a940-4907-8051-f13c9acdacdd}w64');
SetServiceStart('{a6762132-8e80-4305-b1ba-2bec91757ac2}w64', 4);
DeleteService('{a6762132-8e80-4305-b1ba-2bec91757ac2}w64');
SetServiceStart('{9de7e012-74d3-4f9d-b4b0-2d3150073168}w64', 4);
DeleteService('{9de7e012-74d3-4f9d-b4b0-2d3150073168}w64');
SetServiceStart('{8c39d0b0-9b68-43ef-bc3c-2ef385fe5169}w64', 4);
DeleteService('{8c39d0b0-9b68-43ef-bc3c-2ef385fe5169}w64');
SetServiceStart('{88155b61-d5d0-401c-9c66-16b32c330fd8}w64', 4);
DeleteService('{88155b61-d5d0-401c-9c66-16b32c330fd8}w64');
SetServiceStart('{794fff75-3f4f-4508-a917-eee2946e84aa}w64', 4);
DeleteService('{794fff75-3f4f-4508-a917-eee2946e84aa}w64');
SetServiceStart('{7012eec1-4f37-42d4-a2cd-26727494d248}w64', 4);
DeleteService('{7012eec1-4f37-42d4-a2cd-26727494d248}w64');
SetServiceStart('{7012eec1-4f37-42d4-a2cd-26727494d248}Gw64', 4);
DeleteService('{7012eec1-4f37-42d4-a2cd-26727494d248}Gw64');
SetServiceStart('{6db7eb66-a30b-41a3-809c-addb2341dafb}w64', 4);
DeleteService('{6db7eb66-a30b-41a3-809c-addb2341dafb}w64');
SetServiceStart('{5f0f49f4-526a-4e0c-b198-a0742c879601}w64', 4);
DeleteService('{5f0f49f4-526a-4e0c-b198-a0742c879601}w64');
SetServiceStart('{29302da5-1178-40ac-a178-4cb57ebcc501}w64', 4);
DeleteService('{29302da5-1178-40ac-a178-4cb57ebcc501}w64');
SetServiceStart('{2859046f-5dca-482a-8c2d-37943d33a392}w64', 4);
DeleteService('{2859046f-5dca-482a-8c2d-37943d33a392}w64');
DeleteService('Update Framed Display');
SetServiceStart('Util Framed Display', 4);
DeleteService('Util Framed Display');
QuarantineFile('C:\Windows\system32\drivers\{e9bebce7-deb3-4ab9-896c-549739f208c5}Gw64.sys','');
QuarantineFile('C:\Windows\system32\drivers\{dda91daf-e6f8-4453-88d1-df18d861c904}w64.sys','');
QuarantineFile('C:\Windows\system32\drivers\{cd63c300-b231-4a93-a479-5a1e96976d74}w64.sys','');
QuarantineFile('C:\Windows\system32\drivers\{b30c55f2-a940-4907-8051-f13c9acdacdd}w64.sys','');
QuarantineFile('C:\Windows\system32\drivers\{a6762132-8e80-4305-b1ba-2bec91757ac2}w64.sys','');
QuarantineFile('C:\Windows\system32\drivers\{9de7e012-74d3-4f9d-b4b0-2d3150073168}w64.sys','');
QuarantineFile('C:\Windows\system32\drivers\{8c39d0b0-9b68-43ef-bc3c-2ef385fe5169}w64.sys','');
QuarantineFile('C:\Windows\system32\drivers\{88155b61-d5d0-401c-9c66-16b32c330fd8}w64.sys','');
QuarantineFile('C:\Windows\system32\drivers\{794fff75-3f4f-4508-a917-eee2946e84aa}w64.sys','');
QuarantineFile('C:\Windows\system32\drivers\{7012eec1-4f37-42d4-a2cd-26727494d248}Gw64.sys','');
QuarantineFile('C:\Windows\system32\drivers\{6db7eb66-a30b-41a3-809c-addb2341dafb}w64.sys','');
QuarantineFile('C:\Windows\system32\drivers\{5f0f49f4-526a-4e0c-b198-a0742c879601}w64.sys','');
QuarantineFile('C:\Windows\system32\drivers\{29302da5-1178-40ac-a178-4cb57ebcc501}w64.sys','');
QuarantineFile('C:\Windows\system32\drivers\{2859046f-5dca-482a-8c2d-37943d33a392}w64.sys','');
QuarantineFile('C:\Program Files (x86)\Framed Display\bin\FramedDisplay.expextdll.dll','');
QuarantineFile('C:\Program Files (x86)\Framed Display\bin\cd63c300b2314a93a4795a1e96976d74.dll','');
QuarantineFile('C:\Program Files (x86)\Framed Display\bin\cd63c300b2314a93a479.dll','');
TerminateProcessByName('c:\program files (x86)\framed display\bin\utilframeddisplay.exe');
QuarantineFile('c:\program files (x86)\framed display\bin\utilframeddisplay.exe','');
TerminateProcessByName('C:\Program Files (x86)\Framed Display\bin\FramedDisplay.PurBrowse64.exe');
QuarantineFile('C:\Program Files (x86)\Framed Display\bin\FramedDisplay.PurBrowse64.exe','');
TerminateProcessByName('c:\program files (x86)\framed display\bin\frameddisplay.expext.exe');
QuarantineFile('c:\program files (x86)\framed display\bin\frameddisplay.expext.exe','');
TerminateProcessByName('C:\Program Files (x86)\Framed Display\bin\FramedDisplay.BrowserAdapter64.exe');
QuarantineFile('C:\Program Files (x86)\Framed Display\bin\FramedDisplay.BrowserAdapter64.exe','');
TerminateProcessByName('c:\program files (x86)\framed display\bin\frameddisplay.browseradapter.exe');
QuarantineFile('c:\program files (x86)\framed display\bin\frameddisplay.browseradapter.exe','');
TerminateProcessByName('c:\program files (x86)\framed display\bin\frameddisplay.boasprt.exe');
QuarantineFile('c:\program files (x86)\framed display\bin\frameddisplay.boasprt.exe','');
TerminateProcessByName('c:\program files (x86)\framed display\bin\frameddisplay.boashelper.exe');
QuarantineFile('c:\program files (x86)\framed display\bin\frameddisplay.boashelper.exe','');
DeleteFile('c:\program files (x86)\framed display\bin\frameddisplay.boashelper.exe','32');
DeleteFile('c:\program files (x86)\framed display\bin\frameddisplay.boasprt.exe','32');
DeleteFile('c:\program files (x86)\framed display\bin\frameddisplay.browseradapter.exe','32');
DeleteFile('C:\Program Files (x86)\Framed Display\bin\FramedDisplay.BrowserAdapter64.exe','32');
DeleteFile('c:\program files (x86)\framed display\bin\frameddisplay.expext.exe','32');
DeleteFile('C:\Program Files (x86)\Framed Display\bin\FramedDisplay.PurBrowse64.exe','32');
DeleteFile('c:\program files (x86)\framed display\bin\utilframeddisplay.exe','32');
DeleteFile('C:\Program Files (x86)\Framed Display\bin\cd63c300b2314a93a479.dll','32');
DeleteFile('C:\Program Files (x86)\Framed Display\bin\cd63c300b2314a93a4795a1e96976d74.dll','32');
DeleteFile('C:\Program Files (x86)\Framed Display\bin\FramedDisplay.expextdll.dll','32');
DeleteFile('C:\Windows\system32\drivers\{2859046f-5dca-482a-8c2d-37943d33a392}w64.sys','32');
DeleteFile('C:\Windows\system32\drivers\{29302da5-1178-40ac-a178-4cb57ebcc501}w64.sys','32');
DeleteFile('C:\Windows\system32\drivers\{5f0f49f4-526a-4e0c-b198-a0742c879601}w64.sys','32');
DeleteFile('C:\Windows\system32\drivers\{6db7eb66-a30b-41a3-809c-addb2341dafb}w64.sys','32');
DeleteFile('C:\Windows\system32\drivers\{7012eec1-4f37-42d4-a2cd-26727494d248}Gw64.sys','32');
DeleteFile('C:\Windows\system32\drivers\{7012eec1-4f37-42d4-a2cd-26727494d248}w64.sys','32');
DeleteFile('C:\Windows\system32\drivers\{794fff75-3f4f-4508-a917-eee2946e84aa}w64.sys','32');
DeleteFile('C:\Windows\system32\drivers\{88155b61-d5d0-401c-9c66-16b32c330fd8}w64.sys','32');
DeleteFile('C:\Windows\system32\drivers\{8c39d0b0-9b68-43ef-bc3c-2ef385fe5169}w64.sys','32');
DeleteFile('C:\Windows\system32\drivers\{9de7e012-74d3-4f9d-b4b0-2d3150073168}w64.sys','32');
DeleteFile('C:\Windows\system32\drivers\{a6762132-8e80-4305-b1ba-2bec91757ac2}w64.sys','32');
DeleteFile('C:\Windows\system32\drivers\{b30c55f2-a940-4907-8051-f13c9acdacdd}w64.sys','32');
DeleteFile('C:\Windows\system32\drivers\{cd63c300-b231-4a93-a479-5a1e96976d74}w64.sys','32');
DeleteFile('C:\Windows\system32\drivers\{dda91daf-e6f8-4453-88d1-df18d861c904}w64.sys','32');
DeleteFile('C:\Windows\system32\drivers\{e9bebce7-deb3-4ab9-896c-549739f208c5}Gw64.sys','32');
DeleteFile('C:\Users\Администратор\AppData\Local\Temp\_uninst_14818912.bat','32');
DeleteFile('C:\Program Files (x86)\Framed Display\FramedDisplayBHO.dll','32');
DeleteFile('C:\Users\Администратор\appdata\local\pay-by-ads\yahoo! search\1.3.15.4\dsrlte.exe','32');
DeleteFile('C:\Users\Администратор\appdata\local\pay-by-ads\yahoo! search\1.3.15.4\dsrsetup.exe','32');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(false);
end.
Компьютер перезагрузится.