The original version of this page can be found at : http://www.canadianwellsite.com/oiltalk/default.aspx?f=11&m=686
Posted By : Tech Support - 12/7/2006 2:47 PM
Flooder.Ake is a brand new threat that began to appear on people's computers on December 6th, 2006.

The symptoms of infection are an alert window which pops up reading "threat found, trojan horse, heal now". Clicking this popup quarantines a system file, which then restarts the computer and pops up the alert again. The computer is then stuck in an infinite loop. Here are two solutions which have been reported to work (see below).

This problem only seems to be impacting users of the antivirus program, AVG. Initial indications are that this is not a true virus, but rather a bug in AVG that results in damage to system critical files.


Solution #1:

1. Boot your computer to Safe mode. Power on (or restart) your computer, keep pressing F8 key until the Startup menu appears and choose "Windows in Safe Mode".

2. Uninstall AVG through the control panel "Add or Remove Programs" applet.

3. Reboot.

Reinstall AVG and Update.


Solution #2:

1. Boot your computer to Safe mode. Power on (or restart) your computer, keep pressing F8 key until the Startup menu appears and choose "Windows in Safe Mode".

2. In the Windows Safe mode, navigate to following folder:

C:\WINDOWS\system32\drivers\

3. Rename rename the following files to avoid furhter deleting of "winlogon.exe".

AVGCLEAN.SYS -> AVGCLEAN.SY_
AVGRSXP.SYS -> AVGRSXP.SY_

4. Launch Registry Editor (regedit.exe) and remove the "__delete" value in the right pane from this key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AvgClean

5. Restart the computer back to Windows normal mode

6. Update your AVG program to latest virus base version. Launch AVG or open AVG Control Center and press F9 key to update your AVG.

7. Then rename the SYS files back to their original names

AVGCLEAN.SY_ -> AVGCLEAN.SYS
AVGRSXP.SY_ -> AVGRSXP.SYS

8. Restart your computer for to get AVG Resident shield loaded again

Post Edited (Tech Support) : 12/7/2006 11:15:24 PM GMT