Код:
begin
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
QuarantineFileF('c:\users\pc\appdata\locallow\searchgo', '*.exe, *.dll, *.sys, *.bat, *.vbs, *.js*, *.tmp*', true, '', 0 ,0);
QuarantineFileF('c:\users\pc\appdata\local\fupdate', '*.exe, *.dll, *.sys, *.bat, *.vbs, *.js*, *.tmp*', true, '', 0 ,0);
QuarantineFileF('c:\users\pc\appdata\local\microsoft\extensions', '*', true, '', 0 ,0);
QuarantineFileF('c:\programdata\krb updater utility', '*.exe, *.dll, *.sys, *.bat, *.vbs, *.js*, *.tmp*', true, '', 0 ,0);
QuarantineFileF('c:\users\pc\appdata\local\systemdir', '*.exe, *.dll, *.sys, *.bat, *.vbs, *.js*, *.tmp*', true, '', 0 ,0);
QuarantineFileF('c:\users\pc\appdata\local\searchgo', '*.exe, *.dll, *.sys, *.bat, *.vbs, *.js*, *.tmp*', true, '', 0 ,0);
QuarantineFile('C:\Windows\system32\drivers\netfilter2.sys', '');
QuarantineFile('C:\Users\PC\AppData\LocalLow\SearchGo\searchgo.dll', '');
QuarantineFile('C:\Users\PC\AppData\Local\fupdate\fupdate.exe', '');
QuarantineFile('C:\Users\PC\AppData\Local\Microsoft\Extensions\extsetup.exe', '');
QuarantineFile('C:\ProgramData\KRB Updater Utility\krbupdater-utility.exe', '');
QuarantineFile('C:\Users\PC\AppData\Local\SystemDir\nethost.exe', '');
QuarantineFile('C:\Users\PC\AppData\Local\SearchGo\searchgo.exe', '');
QuarantineFile('C:\Users\PC\AppData\Local\ScriptWriter\ScriptWriter.exe','');
QuarantineFile('C:\Users\PC\AppData\Local\Microsoft\Start Menu\Вoйти в Интeрнeт.lnk', '');
QuarantineFile('C:\Users\PC\Favorites\Links\Интернет.url', '');
ExecuteFile('schtasks.exe', '/delete /TN "fupdate" /F', 0, 15000, true);
ExecuteFile('schtasks.exe', '/delete /TN "Microsoft\Windows\extsetup" /F', 0, 15000, true);
ExecuteFile('schtasks.exe', '/delete /TN "Microsoft\Windows\KRBUUS\KRB Updater Utility Service" /F', 0, 15000, true);
ExecuteFile('schtasks.exe', '/delete /TN "Microsoft\Windows\SafeBrowser" /F', 0, 15000, true);
ExecuteFile('schtasks.exe', '/delete /TN "nethost task" /F', 0, 15000, true);
ExecuteFile('schtasks.exe', '/delete /TN "SearchGo Task" /F', 0, 15000, true);
ExecuteFile('schtasks.exe', '/delete /TN "ScriptWriter" /F', 0, 15000, true);
DeleteFile('C:\Users\PC\AppData\Local\ScriptWriter\ScriptWriter.exe','32');
DeleteFile('C:\Windows\system32\drivers\netfilter2.sys', '32');
DeleteFile('C:\Users\PC\AppData\LocalLow\SearchGo\searchgo.dll', '32');
DeleteFile('C:\Users\PC\AppData\Local\fupdate\fupdate.exe', '32');
DeleteFile('C:\Users\PC\AppData\Local\Microsoft\Extensions\extsetup.exe', '32');
DeleteFile('C:\ProgramData\KRB Updater Utility\krbupdater-utility.exe', '32');
DeleteFile('C:\Users\PC\AppData\Local\SystemDir\nethost.exe', '32');
DeleteFile('C:\Users\PC\AppData\Local\SearchGo\searchgo.exe', '32');
DeleteFileMask('c:\users\pc\appdata\locallow\searchgo', '*', true);
DeleteFileMask('c:\users\pc\appdata\local\fupdate', '*', true);
DeleteFileMask('c:\users\pc\appdata\local\microsoft\extensions', '*', true);
DeleteFileMask('c:\programdata\krb updater utility', '*', true);
DeleteFileMask('c:\users\pc\appdata\local\systemdir', '*', true);
DeleteFileMask('c:\users\pc\appdata\local\searchgo', '*', true);
DeleteDirectory('c:\users\pc\appdata\locallow\searchgo');
DeleteDirectory('c:\users\pc\appdata\local\fupdate');
DeleteDirectory('c:\programdata\krb updater utility');
DeleteDirectory('c:\users\pc\appdata\local\systemdir');
DeleteDirectory('c:\users\pc\appdata\local\searchgo');
DelBHO('{2BC46CFA-4B00-4193-A7BD-6AD1D0BCB5BC}');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','fizwgiizjn');
DeleteService('netfilter2');
ExecuteSysClean;
ExecuteWizard('SCU', 2, 3, true);
CreateQurantineArchive(GetAVZDirectory + 'quarantine.zip');
RebootWindows(true);
end.
Компьютер