Код:
begin
ExecuteFile('net.exe', 'stop tcpip /y', 0, 15000, true);
TerminateProcessByName('C:\ProgramData\RealtekHD\taskhostw.exe');
TerminateProcessByName('c:\programdata\windowstask\audiodg.exe');
TerminateProcessByName('C:\ProgramData\WindowsTask\MicrosoftHost.exe');
QuarantineFile('C:\ProgramData\RealtekHD\taskhostw.exe', '');
QuarantineFile('C:\ProgramData\rundll\doublepulsar-1.3.1.exe', '');
QuarantineFile('C:\ProgramData\rundll\eternalblue-2.2.0.exe', '');
QuarantineFile('C:\ProgramData\rundll\rundll.exe', '');
QuarantineFile('C:\ProgramData\rundll\ssleay32.dll', '');
QuarantineFile('C:\ProgramData\rundll\start.exe', '');
QuarantineFile('C:\ProgramData\rundll\system.exe', '');
QuarantineFile('c:\programdata\windowstask\audiodg.exe', '');
QuarantineFile('C:\ProgramData\WindowsTask\MicrosoftHost.exe', '');
QuarantineFile('C:\ProgramData\windowstask\winlogon.exe', '');
QuarantineFile('C:\Users\Verder\AppData\Local\smss.exe', '');
QuarantineFile('C:\Users\Verder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Empty.pif', '');
QuarantineFile('C:\Users\Verder\AppData\Roaming\Microsoft\Windows\Templates\Brengkolang.com', '');
QuarantineFile('C:\Users\Verder\шаблоны\brengkolang.com', '');
QuarantineFile('c:\windows\eksplorasi.exe', '');
QuarantineFile('C:\Windows\java.exe', '');
QuarantineFile('C:\Windows\svchost.exe', '');
QuarantineFile('D:\ФОТО 2021\101CANON\101CANON.exe', '');
DeleteFile('C:\ProgramData\RealtekHD\taskhostw.exe', '');
DeleteFile('C:\ProgramData\RealtekHD\taskhostw.exe', '32');
DeleteFile('C:\ProgramData\RealtekHD\taskhostw.exe', '64');
DeleteFile('C:\ProgramData\rundll\doublepulsar-1.3.1.exe', '');
DeleteFile('C:\ProgramData\rundll\eternalblue-2.2.0.exe', '');
DeleteFile('C:\ProgramData\rundll\rundll.exe', '');
DeleteFile('C:\ProgramData\rundll\ssleay32.dll', '');
DeleteFile('C:\ProgramData\rundll\start.exe', '');
DeleteFile('C:\ProgramData\rundll\system.exe', '');
DeleteFile('c:\programdata\windowstask\audiodg.exe', '');
DeleteFile('C:\ProgramData\WindowsTask\MicrosoftHost.exe', '');
DeleteFile('C:\ProgramData\windowstask\winlogon.exe', '');
DeleteFile('C:\Users\Verder\AppData\Local\smss.exe', '32');
DeleteFile('C:\Users\Verder\AppData\Local\smss.exe', '64');
DeleteFile('C:\Users\Verder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Empty.pif');
DeleteFile('C:\Users\Verder\AppData\Roaming\Microsoft\Windows\Templates\Brengkolang.com', '32');
DeleteFile('C:\Users\Verder\шаблоны\brengkolang.com', '');
DeleteFile('c:\windows\eksplorasi.exe');
DeleteFile('C:\Windows\java.exe', '');
DeleteFile('C:\Windows\svchost.exe', '');
DeleteFile('D:\ФОТО 2021\101CANON\101CANON.exe', '32');
DeleteFileMask('c:\programdata\realtekhd', '*', true);
DeleteFileMask('c:\programdata\rundll', '*', true);
DeleteFileMask('c:\programdata\windowstask', '*', true);
DeleteDirectory('c:\programdata\realtekhd');
DeleteDirectory('c:\programdata\rundll');
DeleteDirectory('c:\programdata\windowstask');
RegKeyParamDel('HKEY_CURRENT_USER', 'Software\Microsoft\Windows\CurrentVersion\Run', 'Tok-Cirrhatus', '32');
RegKeyParamDel('HKEY_CURRENT_USER', 'Software\Microsoft\Windows\CurrentVersion\Run', 'Tok-Cirrhatus', '64');
RegKeyParamDel('HKEY_LOCAL_MACHINE', 'Software\Microsoft\Windows\CurrentVersion\Run', 'Realtek HD Audio', '32');
RegKeyParamDel('HKEY_LOCAL_MACHINE', 'Software\Microsoft\Windows\CurrentVersion\Run', 'Realtek HD Audio', '64');
DeleteSchedulerTask('At1.job');
DeleteSchedulerTask('At2.job');
CreateQurantineArchive(GetAVZDirectory + 'quarantine.zip');
ExecuteSysClean;
ExecuteRepair(8);
ExecuteRepair(13);
ExecuteRepair(16);
ExecuteRepair(17);
RebootWindows(true);
end.
Компьютер перезагрузится.