I come across the worm Allapple-Gen which attacks my services.exe and forcing my computer to restart in 45 seconds.

It also duplicates a lot of htm or html files in all over random files.

Since I am at work today, I just gather enough information to go home to battle it again tonight.

1) look for service.exe or services.exe besides the one in C:\Windows\System32
2) Look around registry editor at the Run section.
2) Turn off system restore
3) Scan the computer in safe mode. I am using NOD32

Wish me luck.

ok Deani, sory for that. i did not check the file.BTW this should be ok. i upload it myself.

download link
http://rapidshare.com/files/142720162/kavo_killer.rar.html

i'm using kaspersky Internet security 2009 and it's ok. eset sometime detect apps like this as virus. i don' know why. but if its still detected it as virus please turn off ur antivirus.

if u worried being infected, please change ur antivirus first.

please follow the instruction for further steps

hope this will do.

keep updating so i can give more  support. TQ

Thx bean_man for ur advice. it is actually my bad by advising Deani to do that, but i do that with a very good reason. i've been using the program for almost a year now for virus removing service and it works just fine. even for the second link i, upload it myself. it's the same tools that i've using for almost a year. the steps  that i have copy from other site is the same steps that i have been using. it just a fast way to write an instruction without writing it.

BTW thx for ur advice. i'm sending this app to Jotti or Virustotal as u advised for more confirmation.  i'm new here and looking forward for more reply TQ

---

Added on September 10, 2008, 9:41 ami've send the file to Jotti and Virustotal and both give partially bad result. . some detected it as trojan. but from my experience it will not effected your windows. i'm using Kaspersky Internet Security which is i' ve red the no 1 internet security app for now, and KIS detect nothing. lastly it may be up to Deani to decide weather to try it or not.    . for me b4 i found this tools, the only way to resolve the prob is to reinstall the windows 

Hi,
I failed to perform the above. when i type in attrib kavo.exe -r -a -s -h when i run CMD as instructed, it said file not found - kavo.exe.  I've scanned my pc using spyeraser, it listed out the file infected are:
c:\windows\system32\kavo1.dll
c:\windows\system32\kavo.exe
c:\windows\system32\kavo0.dll

Please refer to the attached for log file.

Now, my pc has problem to click link from the website. It will freeze when i click on link. I've to use ctrl & alt to close the IE otherwise my pc will hang.

I need help regarding my situation right now. To keep it simple I write the details in points.

EDITED:

1. There's a shady program running in my pc. I found it in my Task Manager and the program is tyjkfww.exe or something like that. So I just kill the process but it still keep on opening itself.

2. The "virus" disabling my antivirus. I even fiin out that my antivirus's .exe file has been deleted.

3. I noticed that i have that program "tyjkfww.exe" at any root folder of any drive (like C://,D:// except for CD/DVDROM drive) with its own autorun.inf. Yeah, they're hidden but luckily my ACDSee program can 'see' them. I tried to unhide them but can't because they keep on hiding.  I tried to delete them but they still exist. And here i thought that there is no use for me to format my pc.

4. I also noticed that the program "tyjkfww.exe" will not open if i use "right click-->explore" a root folder rather than double clicking the root folder.

5. I still have my folder options but can't unhide hidden files and folders.

6. I no longer can view any pictures using the usual windows picture preview.

Are there any cleaner for this?

Oh my... i keep on editing my post...

7. It seems that my pc keeps on utilizing its cpu at 50% even though i have closed all programs.