Heeeeeeeeeelp

[ashraf_gafar00]

please help me i can't install the anti virus

[Aleksandra]

1. Please, disable System Restore and antivirus (if you have).
2. Execute this script in AVPTool:

Код:

begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
RegKeyIntParamWrite('HKLM','SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer','NoDriveTypeAutoRun', 221);
 QuarantineFile('C:\Thumbs.db','');
 QuarantineFile('C:\WINDOWS\system32\fdisk.com','');
 QuarantineFile('C:\Documents and Settings\Ashraf Gaafar\Templates\cache\SFCsrvc.pif','');
 QuarantineFile('C:\Documents and Settings\Ashraf Gaafar\Start Menu\Programs\Startup\sndvol32.exe','');
 QuarantineFile('C:\Documents and Settings\All Users\Start Menu\Programs\Startup\sndvol32.exe','');
 QuarantineFile('C:\DOCUME~1\ASHRAF~1\LOCALS~1\Temp\scr\logon.exe','');
 QuarantineFile('c:\docume~1\ashraf~1\locals~1\temp\svchost.com','');
 TerminateProcessByName('c:\docume~1\ashraf~1\locals~1\temp\svchost.com');
 DeleteFile('c:\docume~1\ashraf~1\locals~1\temp\svchost.com');
 DeleteFile('C:\DOCUME~1\ASHRAF~1\LOCALS~1\Temp\scr\logon.exe');
 RegKeyParamDel('HKEY_USERS','S-1-5-21-1606980848-1326574676-1417001333-1003\Control Panel\Desktop','scrnsave.exe');
 RegKeyParamDel('HKEY_USERS','S-1-5-21-1606980848-1326574676-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Run','User Agent');
 DeleteFile('C:\Documents and Settings\All Users\Start Menu\Programs\Startup\sndvol32.exe');
 DeleteFile('C:\Documents and Settings\Ashraf Gaafar\Start Menu\Programs\Startup\sndvol32.exe');
 DeleteFile('C:\Documents and Settings\Ashraf Gaafar\Templates\cache\SFCsrvc.pif');
 RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','HotKey');
 RegKeyParamDel('HKEY_USERS','S-1-5-21-1606980848-1326574676-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Run','HotKey');
 DeleteFile('C:\WINDOWS\system32\fdisk.com');
 RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','User Agent');
 DeleteFile('C:\autorun.inf');
 DeleteFile('C:\Thumbs.db');
 DeleteFile('D:\autorun.inf');
 DeleteFile('D:\Thumbs.db');
 DeleteFile('E:\autorun.inf');
 DeleteFile('E:\Thumbs.db');
BC_ImportDeletedList;
ExecuteSysClean;
ExecuteWizard('TSW', 3, 3, true);
ExecuteWizard('SCU', 3, 3, true);
BC_Activate;
RebootWindows(true);
end.

3. After reboot execute this script in AVPTool:

Код:

begin
 CreateQurantineArchive(GetAVZDirectory+'quarantine.zip');
end.

Upload file quarantine.zip, by link http://virusinfo.info/upload_virus.php?tid=85353

4. Make a new log of AVPTool.