Couple of days ago I got hit with a nasty worm. I thought I had caught it in time and removed it after seeing one of it's results. I was hugely mistaken. I don't recall the virus file names, there were 2, but here is what they do.
They will write hidden folders into any and all files in your "program" directory containing an exe file no matter how deep into the the file tree that exe might be. The 2 hidden folders are called "Data\Resource" in that order. Both are not detectable by any virus checker, spyware checker, malicious software removal searcher, etc.... Plus you must set your system "folder settings" to show all system and hidden files in order to see them manually.
What the worm does when it creates these 2 hidden folders as it makes a duplicate exe file copying any exe in the folder before it. These bogus exe files are just 16 kb. They are not detectable by any search and destroy virus software because they appear ligitimate.
What they do to your system:
When you click on a shortcut it will launch the program you want to launch plus hijack the shortcut to also open the bogus exe. If you check in your Task Manager you will see 2 of the same exe running. Plus your CPU runs at 100% bogging down your system. "End Proses" of the bogus exe your CPU usage drops dramatically to it's normal rate. When the bogus exe runs it also begins to wrtie something to "free space" on your hard-drive. What it writes, I don't know. Your system still shows your "free space" as free space until you try to download a file or copy something to your drive from another source where you will get the message "Not Enough Free Space, Proses Canceled".
So when I realized I had something in my system I ran all my security software, not knowing that I was damaging my system making things worse.
I now have to empty my drive and reformat it and do a complete reinstall. In order to do that I have been going through every folder within my "Program File" directory, finding the hidden "Data\Resource" folders with the bogus exe files. So far I have deletes manually 700 bogus exe's. They are hidden in every bit of software within my Program File directory including all virus checkers, firewalls etc.. so even rebooting the system did damage.
So this is a "Head's up". If your system is slow as heck, programs taking forever to load, NS4 running extremely bad with massive lag..... look for hidden folders and check your CPU proses with nothing open and see if it's running at 100%. Chances are if it is, your infected.
ATTENTION!!! HEAD'S UP!!!
ATTENTION!!! HEAD'S UP!!!
de_slider & her cross-eyed emu
-------------
-Slave-D'Stinger
-Slave- D'BeeBop a LuLu
-------------
-Slave-D'Stinger
-Slave- D'BeeBop a LuLu
Yeah... it was bad. I cleared out the nasty exe's but what they dropped onto my HD is anyone's guess. What ever it was it's invisible so I am still in the position of having to reformat. Kind of sucks because now I have to find a home for about 65 gig of info. Cleaned a lot of it up but some needs to be written off as was the plan for it, other stuff, i have a back-up HD i can transfer to.. but it's a slow work.
To top it off, my vid card fan has decided to play with me too. It keeps the card cool enough to run my desk-top, but as soon as I log into game it goes snaky on me with all kinds of strobing indicating a hot chip set on the vid card. Took me 4 hours to find a supplier for a fan for my card. Now am on waiting time for delivery.
So sad how fast "support" for computer parts gets dropped after a couple of years, trying to push people into the newest products on the market, even though there is nothing wrong with what was purchased as "state of the art" at the time of purchase. Specially when it does exactly what you want and need it to do. Oh well.
To be on the safe side I ordered in 4 fans, hoping they will hold me for 3 to 5 years, considering how cheap they are compared to what a fan use to cost a couple of years ago. Hoping to see all of you, emmm, most of you in game real soon.
To top it off, my vid card fan has decided to play with me too. It keeps the card cool enough to run my desk-top, but as soon as I log into game it goes snaky on me with all kinds of strobing indicating a hot chip set on the vid card. Took me 4 hours to find a supplier for a fan for my card. Now am on waiting time for delivery.
So sad how fast "support" for computer parts gets dropped after a couple of years, trying to push people into the newest products on the market, even though there is nothing wrong with what was purchased as "state of the art" at the time of purchase. Specially when it does exactly what you want and need it to do. Oh well.
To be on the safe side I ordered in 4 fans, hoping they will hold me for 3 to 5 years, considering how cheap they are compared to what a fan use to cost a couple of years ago. Hoping to see all of you, emmm, most of you in game real soon.
de_slider & her cross-eyed emu
-------------
-Slave-D'Stinger
-Slave- D'BeeBop a LuLu
-------------
-Slave-D'Stinger
-Slave- D'BeeBop a LuLu
)
