1. Please, disable System Restore and antivirus (if you have).
2. Execute the script in AVPTool:
Код:
begin
SetAVZGuardStatus(True);
RegKeyIntParamWrite('HKLM','SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer','NoDriveTypeAutoRun', 221);
QuarantineFile('G:\RECYCLER\autorun.exe','');
QuarantineFile('c:\documents and settings\regina mills\local settings\temporary internet files\content.ie5\x08w2ovg\yahoomailuploader_0.5[1].exe','');
TerminateProcessByName('c:\documents and settings\regina mills\local settings\temporary internet files\content.ie5\x08w2ovg\yahoomailuploader_0.5[1].exe');
QuarantineFile('c:\windows\system32\ctfmon.exe','');
DeleteFile('c:\documents and settings\regina mills\local settings\temporary internet files\content.ie5\x08w2ovg\yahoomailuploader_0.5[1].exe');
DeleteFile('G:\autorun.inf');
DeleteFile('G:\RECYCLER\autorun.exe');
BC_ImportDeletedList;
ExecuteSysClean;
ExecuteWizard('TSW', 3, 3, true);
BC_Activate;
CreateQurantineArchive('C:\quarantine.zip');
RebootWindows(true);
end.
After restart upload file C:\quarantine.zip, by link http://virusinfo.info/upload_virus.php?tid=58784
3. Attach a new avptool_syscheck.zip.