1. Please, disable System Restore and antivirus (if you have).
2. Execute this script in AVPTool:
Код:
begin
SetAVZGuardStatus(True);
RegKeyIntParamWrite('HKLM','SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer','NoDriveTypeAutoRun', 221);
QuarantineFile('c:\winxp\system32\zkqshbwakeuo.exe','');
TerminateProcessByName('c:\winxp\system32\zkqshbwakeuo.exe');
DeleteFile('c:\winxp\system32\zkqshbwakeuo.exe');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','loginservces');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\RunServices','loginservces');
RegKeyParamDel('HKEY_USERS','S-1-5-21-1645522239-790525478-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run','loginservces');
RegKeyParamDel('HKEY_USERS','S-1-5-21-1645522239-790525478-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunServices','loginservces');
BC_ImportDeletedList;
ExecuteSysClean;
ExecuteWizard('TSW', 3, 3, true);
BC_Activate;
RebootWindows(true);
end.
3. After reboot execute this script in AVPTool:
Код:
begin
CreateQurantineArchive('C:\quarantine.zip');
end.
Upload file C:\quarantine.zip, by link http://virusinfo.info/upload_virus.php?tid=64691
4. Make a new log of AVPTool.