Please help me , mcaffe bacon.exe, fakealet; damage explorer.exe and multiple ###.exe ( like 656.exe, 674.exe ) on the folder C:\Documents and Settings\user\Configuraciуn local\Temp
TKS
Printable View
Please help me , mcaffe bacon.exe, fakealet; damage explorer.exe and multiple ###.exe ( like 656.exe, 674.exe ) on the folder C:\Documents and Settings\user\Configuraciуn local\Temp
TKS
Please, disable System Restore (see Appendix 1 of [url=http://virusinfo.info/showthread.php?t=9184]rules[/url]).
Close all programs.
[url=http://avptool.virusinfo.info/en/AVPTool_helpdesk_curescript.htm]Execute the script[/url]:
[code]
begin
SetAVZGuardStatus(True);
RegKeyIntParamWrite('HKLM','SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer','NoDriveTypeAutoRun', 221);
QuarantineFile('C:\RECYCLER\S-1-5-21-7150428190-8434113126-257595415-3400\rundll32.exe','');
DeleteFile('C:\RECYCLER\S-1-5-21-7150428190-8434113126-257595415-3400\rundll32.exe');
CreateQurantineArchive('C:\quarantine.zip');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(true);
end.
[/code]
The computer will reboot.
Upload file C:\quarantine.zip, by link [color=red][b][u]Upload quarantined files[/u][/b][/color] in top of this thread.
Do "Collect system information" and attach new avptool_syscheck.zip to the thread.
new message after reebot :
The Win32/Bagle.FN was detected in C:\WINDOWS\SYSTEM32\DRIVERS\UTEZMTYX.SYS
File uploaded, thank you!
There are to much "anti "in your system. Please uninstall them, it is enough to have one :)
Please after uninstalling all your antivirus staff, create logs with special avz in my signature.( read rules for assistance)