Код:
begin
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
ClearQuarantineEx(true);
QuarantineFile('C:\Windows\System32\Winlogon.vbs', '');
QuarantineFile('C:\Users\Ninja\AppData\Roaming\m5k6vbVW98yO.exe', '');
DeleteFile('C:\Windows\System32\Winlogon.vbs', '32');
DeleteFile('C:\Users\Ninja\AppData\Roaming\m5k6vbVW98yO.exe', '32');
ExecuteFile('schtasks.exe', '/delete /TN "m5k6vbVW98yO" /F', 0, 15000, true);
ExecuteFile('schtasks.exe', '/delete /TN "{3AE1EE25-967E-44C0-9F21-7CFA4E5F5859}" /F', 0, 15000, true);
ExecuteFile('schtasks.exe', '/delete /TN "{52C1AA13-71EB-4AFF-9F9C-698C911606A8}" /F', 0, 15000, true);
ExecuteFile('schtasks.exe', '/delete /TN "{2AD17A5F-7CEA-4343-B984-965DC28D6F60}" /F', 0, 15000, true);
ExecuteFile('schtasks.exe', '/delete /TN "{27AF05F5-9B04-4D96-A258-3CB147AC70ED}" /F', 0, 15000, true);
ExecuteFile('schtasks.exe', '/delete /TN "{28A2F15A-3410-499A-8D96-3D6E03C0464D}" /F', 0, 15000, true);
ExecuteFile('schtasks.exe', '/delete /TN "{A056EB94-8CCD-4B99-ABBE-1A499D0720DC}" /F', 0, 15000, true);
ExecuteFile('schtasks.exe', '/delete /TN "{676C6FD8-6CDD-4E6B-BD16-7A9F36ADFCE2}" /F', 0, 15000, true);
ExecuteFile('schtasks.exe', '/delete /TN "{E5864FA4-7634-4A95-952A-6AB1FF252079}" /F', 0, 15000, true);
RegKeyParamDel('HKEY_LOCAL_MACHINE', 'Software\Microsoft\Windows\CurrentVersion\Run', 'Winlogon Windows');
RegKeyParamDel('HKEY_CURRENT_USER', 'Software\Microsoft\Windows\CurrentVersion\Run-', 'CMD');
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1201', 3);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1001', 1);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1004', 3);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '2201', 3);
RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1804', 1);
CreateQurantineArchive(GetAVZDirectory + 'quarantine.zip');
ExecuteSysClean;
ExecuteRepair(1);
ExecuteRepair(9);
ExecuteWizard('SCU', 2, 3, true);
RebootWindows(true);
end.