i have anew viurs i want soulition please help me

[ahmed_rezk]

i have anew viurs  i want soulition please help me the name of the viurse

  i have anew viurs  i want soulition please help me the name of the viurse (fexwfz.exe )

 
my story i do scan by my avast pro bout its not removing it and no rading originaly why i want rason and soulition please help me?
the link of imeg viurs:

[DavidR]

Why is it not removing it (you should be sending it to the chest), what errors were displayed ?

If you have XP, vista32bit or Win2k, you could enable a boot time scan. Right click the avast icon, select Start avast! Antivirus, a memory scan will take place followed by the opening of the Simple User Interface, Menu, 'Schedule boot-time scan...' Or see http://www.digitalred.com/avast-boot-time.php.

Or are you saying avast isn't detecting it ?

If so - If you haven't already got this software (freeware), download, install, update and run it, preferably in safe mode and report the findings (it should product a log file).

• 1. SUPERantispyware On-Demand only in free version.
• 2. MalwareBytes Anti-Malware, On-Demand only in free version http://download.bleepingcomputer.com/malwarebytes/mbam-setup.exe, right click on the link and select Save As or Save File (As depending on your browser), save it to a location where you can find it easily later.

You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner and report the findings here the URL in the Address bar of the VT results page.

[ahmed_rezk]

thanks for replay but alrady i do scan with  new update but the my programe cant remove it and the new programe( malwarebytes )cant it  i use windows xp 32bit my avast prof 4.8 i want soulition please  help me thanks for all replay me

and my cause harm and dmage not  headien and dmage data exe   and i change my windows  for cpu   

download vuirs link:hXXp://rapidshare.com/files/209062484/pmp_usb.rar.html

[Tarq57]

OK, this appears to be the real deal.
I suggest not to download and run the file unless you know what you're doing.
http://www.virustotal.com/analisis/f286e44f9f606291e66760fd4fd47833
The package contains and executable, a .ini, and an xml file titled "winamp_cache_0001.xml"
The .exe properties list it as "document folder" and file version 5.0.0.4, and language Chinese (Singapore).
Asquared detects it as "Packed.Win32.Klone!IK", and is able to quarantine the standalone exe, not sure about how it would go if the thing had done whatever it does when all files are unpacked/run. (Not prepared to try: This is my main machine, with no virtual partition, and I don't really know enough to do more than this.)

Ahmed, try using Asquared to quarantine it. http://www.emsisoft.com/en/software/free/

[Eddy]

NEVER put a link on this webboard to (suspected) malware!!!
Delete the files Tarq mentioned

Also search for (and if found delete) winuqw32.dll

Open the registry editor and navigate to:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\shell
The value should be: "explorer.exe"
If it is not, restore it.
Close everything and reboot.
Run CCleaner and let it check/fix registry errors.
Reboot