sumone help me! .. ..now ma pc is affected by a dam ViRUS!#.. firstly i noticed when some of the .exe files of the regularly used programs were remOved.. nd wen i tried get them through the setups or backups hOrribly they were also remOved.. i tried to get them through rekOvery softwares but the softwares shows that FILE DOSE EXIST.. it means they r nOt deleted but r just hided.. again Wen i cheked the properties of fOlders wid .EXE files.. it shOws FiLee EXiST!

..HAAaaaaAAHHHH#... :unsure:

..again i did gave a another try by enabling the option *view hidden files* from folder options but there was a illusiOn by this viriiii!.. ..coz ven i instantly cheked this SAME option it was disabled.. nOw wat R da hell wayz to get rid of dis asshit?? ...can ne 1 HeLP Me!

..HUNH??....

Maybe try Google (http://www.google.ca/search?q=google&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-US:official&client=firefox-a) or How Did I get Infected in the first place (http://www.albinoblacksheep.com/flash/youare.php)


If those don't work try this: Good Computing (http://redwing.hutman.net/%7Emreed/warriorshtm/newbie.htm)

But if you are really serious in your request, then maybe a better explanation of your problem and possibly a little more legible to read, and some one will assist...:rolleyes:

you would think that after having your posting privalidges removed on another site for the same question in the same broken english would make you clarify you post slightly before putting it up on another security site.

At the very least, stop using pointless caps where they are obviously not needed, as well as punctuation that is unwarrented.

Fix these and I for one will attempt to help. Don't fix your post, and I doubt anyone can help you.

Hello cross,

I see your point................. I am waiting for his brother to post the "silver bullet" solution :p:D

..dont u think instead of fOcusing on HOW I WROTE? if u wil fOcus on WHAT I WROTE? will prove more meaning of this site (for wat it is meant****(coz i dnt hav much of time n the problem is still understandable ..))

coz i dnt hav much of time n the problem is still understandable

I don't have much time either and no, I don't understand the problem. Unless the answer is install some antivirus software?

okay i try this again bein a descent guy!:D..
..my pc is structed by a virus which gives the illusion that *FILES ARE DELETED* but realee they r hided coz when i see the properties of any folder in explorer the proprty tab shOws the files does exist in fOlder.
..And all abOve this virus dont even letme enable the VIEW HIDDEN FILES option.. as soon as i enable this option it is disabled.. nOw this is @#$%^**
..nd now ne thing cant be mOre descent then this reply!#:halo:

ok, so what OS, what AV are you using? Have you run spybot? adaware? hijack this? ccleaner? Assuming windows, is it up to date? all service packs installed?
is IE up to date? do you often visit warez sites?

yup!.. i m using WINXP ..i tried with all of this AV but all of them were like a kid in frOnt of this virus!#

okay i try this again bein a descent guy!:D..
..my pc is structed by a virus which gives the illusion that *FILES ARE DELETED* but realee they r hided coz when i see the properties of any folder in explorer the proprty tab shOws the files does exist in fOlder.
..And all abOve this virus dont even letme enable the VIEW HIDDEN FILES option.. as soon as i enable this option it is disabled.. nOw this is @#$%^**
..nd now ne thing cant be mOre descent then this reply!#:halo:
Why don't you start here: http://www.geekstogo.com/forum/index.php?autocom=custom&page=How_did_I (http://www.geekstogo.com/forum/index.php?autocom=custom&page=How_did_I)

Seriously read up on what they talk about, try some of their recommendations and good luck...

Note: Most people will help out when they can, but when we are unsure of the problem it is hard to diagnose the situation, unless your more forthcoming in helping us to help you, I suggest you do some serious reading of the FAQ's on this site and google as much as you can, otherwise you are trolling and as such will be treated as one...:rolleyes:

ya i visited warez site.. ..ummmmm but not past 2 weeks#

Have you tried to repair your install with the XP disc???

How about a system restore???

Why not just back up your data ....format the drive and reinstall from scratch...that should fix everything.

There is lots of great info provided here..in the links and on this site.

I suggest reading up on your issue...

If you are unable to do this...

then take the computer to your local shop...and have them back it up and reinstall....

as for warez sites..well you get what you pay for ;)

MLF

Boot into safe mode and re-run your scans.

Will it let you set the view hidden files option in safe mode?

Which applications have had their .exe files hidden? Are the part of Windows or something else?

Do these applications still work?

What are the names of the .exe files?

Try submitting some of the files here:

http://www.virustotal.com/en/indexx.html

Or install a second copy of XP (specify a different installation folder), boot that copy, install CA Anti-Virus (free for a year) and Defender, and run them to completion.

Hope this helps.

Adding to Farmikol0t's idea, here is what I would personally do (Im a geek, I have lots of machines)
Turn off the infected machine, and hook up the drive to a new machine and do a virus scan from the non infected machine, hooking the hard drive up as a secondary drive. This way, nothing should be activly running and any vscan program should remove any malicous files.

After this is done, hook the hard drive back into the original machine and BOOT INTO SAFE MODE.
Do another virus scan, and spyware/malware scan, remove anything found.

This method has worked on every virus I have encountered so far, so good luck, and thank you for reposting.

Hmmm,

I am not entirely convinced that this is a virus, or even malware?

The reason I say that is it seems to be advertising that there is a problem, which is not typical malware behaviour.

I would expect a virus to just infect the executables, not hide them. Other malware might create a duplicate named file somewhere else and change the access path so the "fake" file is run.

I would be curious to know if the same thing happens with a new user account with administrator rights.

Okay...lets start at the beginning, how long ago did this start to happen, if you can determine that, then try a system restore to just before the problem started, also are you sure it's a virus and not a Trojan (warez is usually Trojans), if it's a virus you got it by opening an attachment likely from an email or zip file, if it's a trojan you got it from visiting malicious websites.


This site has very good info on doing a restore.. http://bertk.mvps.org/ after you do this I would go into safe mode and run your anti-spyware and AV's or go online and get the housecall from Trend Micro, http://housecall.trendmicro.com/ sometimes a restore point will have the infected files, so unfortunately if this is the case, a restore is no good and you may have to flush the restore points and try to clean up as much as possible and set a manual restore point.:cool:

now all from the begining?.. okay#>>

..ya it started exactly 5 dayZ agao.. when i found sum programs like NERO, OPERA, WINDVD, morpheus are not working..

so i tried to reinstall them but the setup files were also not there..

..again when i tried with recovery softwares like PC INSPECTOR FILE RECOVERY and FILE*RECOVERY*ANGEL all the files were shown as not deleted**

..BUT again wen i tried recovering same files 2 dayz b4.. da files are shown as deleted nd restoring them gave me all the files of same size<67.3 KB>.. looks like DOS based .exe nd executing them just give a DOS screen and den suddenly disappears from ma eyes..

..i think i lost them ..i mean i lost all my program files and back ups for them#..

..BUT,TUT stil ven i lOOk in explorer the property windows of folders still shows that files does exist!.. i mean i cant see nd access the files.. but they exist#..

yup.. i tried with restortation*points which was my first step..
..i even tried with with AV like AVG - TREND MICRO - PANDA ONLINE SCAN - and almost all anti-MALWARES*SPYWARES nd all those things.. that too in SAFE MODE..

..but nOthing worked#.. nd nothing helped me!..

..haahhh#..
..i think i should forget my data nd now FORMAT ALL#.....:( ....:(......

Hmmmm,

The malware behaviour that you are describing is that of a Vandal. These programs are not subtle, they get on your machine and cause as much damage as possible, usually targetting particular files and applications.

In this case it looks like music, films and filesharing are the targets? You will have been infected either from a file sharing/warez site or through P2P.

Can you rename one of these 67.3K files as a .txt extension and attach it to a post............. I am curious to know what it is.

I think your safest approach is to reformat and reinstall, as you don't know if it is still there, or how it works.

This time I would suggest that you download your installations and burn a copy to CD/DVD as a backup.

:)

In this case it looks like music, films and filesharing are the targets? You will have been infected either from a file sharing/warez site or through P2P.


Yeah, Morpheus top of the list for infection vector.

I quite liked panda platinum package. Bit bulkier than some, but spyware, adware, av and firewall all in one place was handy.

I'm guessing at some point either your on-access scanning was disabled or like me you were unlucky enough to download a virus with no definition. I often disable the on-access scan for performance reasons, but whenever I'm downloading binaries I turn it back on. If its a really dodgy source I will even wait a few days before opening it now, to prevent the same "waiting 3 days for a fix" as last time.

..so isnt there ne way except to format all and forget about all my setupz n bakupz n data**
..this thing had even del all AV.. recOvery n file*zipping software setupz ..hOly sheit#

here are the files of MORPHEUS n WINRAR..
check it out n plz say me any other way to get ma dataa bak#....
..waiting..#..

Please try to attach the file again either as a zipped file or renamed .txt:)

okay! ..here again..>>

Well, I am afraid not, but that is just my opinion. The two applications you posted have been well and truly trashed. The only way to recover is to reinstall.

The files do not seem to be infected with anything on first inspection. That could mean that the malware is just waiting for a date/time/event trigger.

My advice is to save what data you can, reformat and reinstall.

By the way, did you really call your computer "BE A DEAD MACHINE" or is that something the malware has done?

then wat about the file properties which shows thE EXiSTANCE OF FiLeS!#..
..does it still give a chance/sign for rekOvery#..

realee its>> BeaDeaD*MaCHiNe!#

as stated before...

here I will write it so you understand

fOrmaT AnD ReInStAll

that will be the fastest surest way to get your system back up to functionality.

MLF

Unfortunately not. I don't know the Morpheus software, but I do have Nero. The Media Player executable is 1.7Mb and the Nero Burning executable is 3.6Mb. Both your files have been modified to 67.3Kb. All that really remains is the file name.

You could try a file/folder search for the .exe files to see if there is more than one, but I strongly believe this malware was intended to do damage, not just to annoy you.

You might also search for *.exe files modified between 31-01-07 and today. The files you posted were apparently modified on 31st January. That will probably show you the extent of the damage.

I cannot suggest anything other than to save what data files you can and do a full format and reinstall.

If file recovery is your only goal, take my advice and hook the hard drive up to another computer and pull the data off that way. All files will be viewable, just make sure to virus scan anything you move before you open it!

This is the easiest and fastest way to accomplish your goal.

..but,tut that is ma laptop pc ..how can i get its HDD this way#..

You need to buy a convertor block. This adapter lets you connect a laptop hard drive to a desktop PC.

They are quite cheap, and, if you have a laptop, you really should have one. I realise that you do not fix computers for a living, but you really should have one of these devices. ;)

..okay this pOOr guy vil try meanwhile if ne other way then nOte me up.. ..i vil b waitin#..

This is why I hate laptops and small form factor PCs. Makes work like moving hard drives that bit harder. If you really can't sort it out yourself, bite the bullet and pay PC world to fix it for you.

was it all?.. ..aahhhhh..