Код:
begin
TerminateProcessByName('c:\windows\syswow64\nethtsrv.exe');
ClearQuarantine;
QuarantineFile('C:\Windows\syswow64\nethtsrv.exe','');
QuarantineFile('C:\Windows\syswow64\hfpapi.dll','');
QuarantineFile('C:\Windows\syswow64\hfnapi.dll','');
QuarantineFile('C:\Windows\system32\nethtsrv.exe','');
QuarantineFile('C:\Windows\system32\hfpapi.dll','');
QuarantineFile('C:\Windows\system32\hfnapi.dll','');
QuarantineFile('C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C84OU4WJ\Win64_153117.exe','');
QuarantineFile('C:\Users\User\AppData\Roaming\DIGITA~2\UPDATE~1\UPDATE~1.EXE','');
QuarantineFile('C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe','');
QuarantineFile('C:\Users\User\AppData\Local\27511\a17752.exe','');
QuarantineFile('C:\Windows\SysWOW64\netupdsrv.exe','');
QuarantineFile('C:\Windows\SysWOW64\nethtsrv.exe','');
QuarantineFile('C:\Windows\system32\drivers\nethfdrv.sys','');
QuarantineFile('C:\Windows\SysWOW64\hfpapi.dll','');
QuarantineFile('C:\Windows\SysWOW64\hfnapi.dll','');
QuarantineFile('c:\windows\syswow64\nethtsrv.exe','');
QuarantineFile('c:\program files (x86)\isafe\isafetray.exe','');
QuarantineFile('c:\program files (x86)\isafe\isafesvc2.exe','');
QuarantineFile('c:\program files (x86)\isafe\isafesvc.exe','');
CreateQurantineArchive(GetAVZDirectory + 'quarantine.zip');
DeleteService('NetHttpService');
DeleteService('nethfdrv');
DeleteService('ServiceUpdater');
DeleteFile('c:\windows\syswow64\nethtsrv.exe','32');
DeleteFile('C:\Windows\SysWOW64\hfnapi.dll','32');
DeleteFile('C:\Windows\SysWOW64\hfpapi.dll','32');
DeleteFile('C:\Windows\system32\drivers\nethfdrv.sys','32');
DeleteFile('C:\Windows\SysWOW64\nethtsrv.exe','32');
DeleteFile('C:\Windows\SysWOW64\netupdsrv.exe','32');
DeleteFile('C:\Users\User\AppData\Local\27511\a17752.exe','32');
DeleteFile('C:\Windows\Tasks\AmiUpdXp.job','64');
DeleteFile('C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe','32');
DeleteFile('C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job','64');
DeleteFile('C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job','64');
DeleteFile('C:\Users\User\AppData\Roaming\DIGITA~2\UPDATE~1\UPDATE~1.EXE','32');
DeleteFile('C:\Windows\Tasks\Digital Sites.job','64');
DeleteFile('C:\Windows\Tasks\DigitalSite.job','64');
DeleteFile('C:\Windows\system32\Tasks\AmiUpdXp','64');
DeleteFile('C:\Windows\system32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore','64');
DeleteFile('C:\Windows\system32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA','64');
DeleteFile('C:\Windows\system32\Tasks\Digital Sites','64');
DeleteFile('C:\Windows\system32\Tasks\DigitalSite','64');
DeleteFile('C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C84OU4WJ\Win64_153117.exe','32');
DeleteFile('C:\Windows\system32\Tasks\{2F3C6B27-B3D3-4B11-B9AA-D3969D958992}','64');
DeleteFile('C:\Windows\system32\hfnapi.dll','32');
DeleteFile('C:\Windows\system32\hfpapi.dll','32');
DeleteFile('C:\Windows\system32\nethtsrv.exe','32');
DeleteFile('C:\Windows\syswow64\hfnapi.dll','32');
DeleteFile('C:\Windows\syswow64\hfpapi.dll','32');
DeleteFile('C:\Windows\syswow64\nethtsrv.exe','32');
DeleteFileMask('C:\Users\User\AppData\Roaming\DIGITA~2','*', true);
DeleteDirectory('C:\Users\User\AppData\Roaming\DIGITA~2');
DeleteFileMask('C:\Program Files (x86)\BonanzaDealsLive','*', true);
DeleteDirectory('C:\Program Files (x86)\BonanzaDealsLive');
ExecuteWizard('SCU',2,2,true);
ExecuteSysClean;
RebootWindows(true);
end.
Компьютер перезагрузится.