March 8th, 2007, 01:23 PM
ya i visited warez site.. ..ummmmm but not past 2 weeks#
March 8th, 2007, 04:41 PM
Have you tried to repair your install with the XP disc???
How about a system restore???
Why not just back up your data ....format the drive and reinstall from scratch...that should fix everything.
There is lots of great info provided here..in the links and on this site.
I suggest reading up on your issue...
If you are unable to do this...
then take the computer to your local shop...and have them back it up and reinstall....
as for warez sites..well you get what you pay for
How people treat you is their karma- how you react is yours-Wayne Dyer
March 8th, 2007, 05:57 PM
Boot into safe mode and re-run your scans.
Will it let you set the view hidden files option in safe mode?
Which applications have had their .exe files hidden? Are the part of Windows or something else?
Do these applications still work?
What are the names of the .exe files?
Try submitting some of the files here:
March 8th, 2007, 07:20 PM
Or install a second copy of XP (specify a different installation folder), boot that copy, install CA Anti-Virus (free for a year) and Defender, and run them to completion.
Hope this helps.
March 8th, 2007, 11:55 PM
Adding to Farmikol0t's idea, here is what I would personally do (Im a geek, I have lots of machines)
Turn off the infected machine, and hook up the drive to a new machine and do a virus scan from the non infected machine, hooking the hard drive up as a secondary drive. This way, nothing should be activly running and any vscan program should remove any malicous files.
After this is done, hook the hard drive back into the original machine and BOOT INTO SAFE MODE.
Do another virus scan, and spyware/malware scan, remove anything found.
This method has worked on every virus I have encountered so far, so good luck, and thank you for reposting.
March 9th, 2007, 12:37 AM
I am not entirely convinced that this is a virus, or even malware?
The reason I say that is it seems to be advertising that there is a problem, which is not typical malware behaviour.
I would expect a virus to just infect the executables, not hide them. Other malware might create a duplicate named file somewhere else and change the access path so the "fake" file is run.
I would be curious to know if the same thing happens with a new user account with administrator rights.
March 9th, 2007, 01:47 AM
Okay...lets start at the beginning, how long ago did this start to happen, if you can determine that, then try a system restore to just before the problem started, also are you sure it's a virus and not a Trojan (warez is usually Trojans), if it's a virus you got it by opening an attachment likely from an email or zip file, if it's a trojan you got it from visiting malicious websites.
This site has very good info on doing a restore.. http://bertk.mvps.org/ after you do this I would go into safe mode and run your anti-spyware and AV's or go online and get the housecall from Trend Micro, http://housecall.trendmicro.com/ sometimes a restore point will have the infected files, so unfortunately if this is the case, a restore is no good and you may have to flush the restore points and try to clean up as much as possible and set a manual restore point.
PC Registered user # 2,336,789,457...
"When the water reaches the upper level, follow the rats."
March 9th, 2007, 08:51 AM
March 9th, 2007, 09:40 AM
The malware behaviour that you are describing is that of a Vandal. These programs are not subtle, they get on your machine and cause as much damage as possible, usually targetting particular files and applications.
In this case it looks like music, films and filesharing are the targets? You will have been infected either from a file sharing/warez site or through P2P.
Can you rename one of these 67.3K files as a .txt extension and attach it to a post............. I am curious to know what it is.
I think your safest approach is to reformat and reinstall, as you don't know if it is still there, or how it works.
This time I would suggest that you download your installations and burn a copy to CD/DVD as a backup.
March 9th, 2007, 10:14 AM
Yeah, Morpheus top of the list for infection vector.
Originally Posted by nihil
I quite liked panda platinum package. Bit bulkier than some, but spyware, adware, av and firewall all in one place was handy.
I'm guessing at some point either your on-access scanning was disabled or like me you were unlucky enough to download a virus with no definition. I often disable the on-access scan for performance reasons, but whenever I'm downloading binaries I turn it back on. If its a really dodgy source I will even wait a few days before opening it now, to prevent the same "waiting 3 days for a fix" as last time.
If the world doesn't stop annoying me I will name my kids ";DROP DATABASE;" and get revenge.