2 Replies Latest reply on Dec 30, 2011 4:39 AM by kuttus

    systeme fix

      Mon pc a été infecté par le malware systeme fix. McAfee n'a pas été en mesure de le détecter. Qu'es que je peux faire pour remédier à la situation?

        • 1. Re: systeme fix
          Peter M

          McAfee and most major antivirus software does not detect this sort of malware unfortunately.

           

          The first thing to try would be System Restore to before it happened.  If successful update Windows and McAfee immediately afterwards.

           

          Or try running McAfee FakeAlert Stinger tool:

          http://www.mcafee.com/us/downloads/free-tools/fake-alert-stinger.aspx

           

          Or you can find removal instructions at

          http://www.bleepingcomputer.com/virus-removal/remove-system-fix

           

          Google Translate:

           

          McAfee et le logiciel antivirus le plus important ne détecte pas ce genre de malware, malheureusement.

          La première chose à faire serait de restauration du système à l'avant que cela n'arrive. En cas de succès mise à jour Windows et McAfee immédiatement après.

          Ou essayez de lancer McAfee FakeAlert Stinger outil:

          http://www.mcafee.com/us/downloads/free-tools/fake-alert-stinger.aspx

          Ou vous pouvez trouver des instructions de suppression au

          http://www.bleepingcomputer.com/virus-removal/remove-system-fix

          • 2. Re: systeme fix

            Removal steps for System Fix / System Restore Spyware

             

            These are the shortcuts in your start Menu.

            If you delete these folders you will lose all of the shortcuts in the start menu. First take a back up of these folder

             

            %Temp%\smtmp\

             

            This infection will hide all of the files on your computer. So first we have to fix that issue. For that

            Please select the Tools menu and click Folder  Options.
            After the new window appears select the View tab.
            Put a checkmark in the checkbox labeled Display the contents of system  folders.
            Under the Hidden files and folders section select the radio button  labeled Show hidden files and folders.
            Remove the checkmark from the checkbox labeled Hide file extensions for  known file types.
            Remove the checkmark from the checkbox labeled Hide protected operating  system files.
            After this please press the Apply button and then the OK

            Press on the key Alt+Crtl+Delete key on the  keyboard. Now you will get a new window called Task Manager.  Now hold the Ctrl key on the key board and  click on File, New Task on the Task Manager.  Now you will get a new black  window.
              Inside that black window type CD/ and hit on enter.
              Now type ATTRIB –H –R –S /S /D and hit on enter.

            It will unside all of the files on your computer. Now you have to delete all of the infected files from the follwoing location

            Associated System Restore Files:

             

             

            %LocalAppData%\<random>

            %LocalAppData%\<random>.exe

            %LocalAppData%\~<random>

            %LocalAppData%\~<random>

            %StartMenu%\Programs\System Restore\

            %StartMenu%\Programs\System Restore\System Restore.lnk

            %StartMenu%\Programs\System Restore\Uninstall System Restore.lnk

            %Temp%\smtmp\

            %Temp%\smtmp\1

            %Temp%\smtmp\1

            %Temp%\smtmp\2

            %Temp%\smtmp\3

            %Temp%\smtmp\4

            %UserProfile%\Desktop\System Restore.lnk

             

            Don't delete the folder

            %Temp%\smtmp\

            %Temp%\smtmp\1

            %Temp%\smtmp\1

            %Temp%\smtmp\2

            %Temp%\smtmp\3

            %Temp%\smtmp\4

             

            These are the shortcuts in your start Menu.

            If you delete these folders you will lose all of the shortcuts in the start menu. First take a back up of these folder

             

            %Temp%\smtmp\