Virus are dancing in my computer

[rudrax]

Hey guys, just found something funny :lol:

The virus with system file names are hidden and protected as system file. See below :

Virus total result for one of them: https://www.virustotal.com/en/file/0f98dc57658a3e5176492fd1fa3e0f28ae4ad675374a95ac9b27eb2e9cd1afac/analysis/1363840768/

I didn't upload the other one because I know that it will be the same as it also has the same size and behavior.

So, DKT27, should I remove webroot?

P.S. My 102 days of personal experience with WSA - "It may detect more false positive but never compromises" and of course, it is the lightest security suit in the planet till date.

[davhag]

Not DK, but I had to reformat my computer a few times because of webroot that I swore buy.

[rudrax]

Not DK, but I had to reformat my computer a few times because of webroot that I swore buy.

It had a issue with win 8, now it's fixed.

[davhag]

Do you like WIN 8 or WIN 7 Better?

[rudrax]

Do you like WIN 8 or WIN 7 Better?

Tweaked win 8 is better than win 7. Default win 8 scuks like hell.

[davhag]

Thanks for the advice, have been wondering what to do.

[rudrax]

Not a problem. From the side of security and speed, win 8 is better than win 7 but if you consider UI and usability, win 8 scuks, really, it does.

[Ponting]

First of all,how did you manage to get these virus?Use Sandboxie free or Paid version.

[xpmule]

did you try cleaning it up ?

https://www.microsoft.com/security/portal/threat/encyclopedia/entry.aspx?Name=Worm%3AWin32%2FVB.HA&ThreatID=-2147354883

[dcs18]

First of all,how did you manage to get these virus?Use Sandboxie free or Paid version.

You ain't seen nothing, yet - wait up . . . . . . . . .

[rudrax]

First of all,how did you manage to get these virus?Use Sandboxie free or Paid version.

I think, some bad days in the past I was handling webroot menually.

[dcs18]

Do you like WIN 8 or WIN 7 Better?

Tweaked win 8 is better than win 7. Default win 8 scuks like hell.

@ davhag

That's a pretty accurate fact, coming from rudrax (despite the fact that he does not use Windows 8.) :)

• Windows 7 is the best OS - out of the box
• Windows 8 is the best OS - in the hands of an Craftsman (utterly unsuitable for the masses.)

In fact, have personally seen Windows 8 forcing a lot of Users to bite the dust. :(

[dcs18]

@ rudrax

Coming back to the topic - those 3 virii seem related to the new desktop dock that you're using.

[rudrax]

did you try cleaning it up ?

https://www.microsoft.com/security/portal/threat/encyclopedia/entry.aspx?Name=Worm%3AWin32%2FVB.HA&ThreatID=-2147354883

Webroot does the cleaning itself.

@ rudrax

Coming back to the topic - those 3 virii seem related to the new desktop dock that you're using.

Yeah, I knew that in the beginning that the crack of the dock contains infections. Webroot warned me but I forced it to compromise with that resulting the current situation.

[calguyhunk]

Yeah, I knew that in the beginning that the crack of the dock contains infections. Webroot warned me but I forced it to compromise with that resulting the current situation.

I've no idea 'bout what we're dealing with here, but Malware.Gen? LOL! That's general malware heuristics that WSA is detecting. Doesn't mean a thing necessarily ;)

I'm sure it'll also 'detect' most well known patches and activation programs as such ;)

[dcs18]

@ calguyhunk

One is not supposed to have a system.exe file in the system32 directory.

[rudrax]

Yeah, I knew that in the beginning that the crack of the dock contains infections. Webroot warned me but I forced it to compromise with that resulting the current situation.

I've no idea 'bout what we're dealing with here, but Malware.Gen? LOL! That's general malware heuristics that WSA is detecting. Doesn't mean a thing necessarily ;)

I'm sure it'll also 'detect' most well known patches and activation programs as such ;)

I've also posted the virustotal link. Check that out.

@ calguyhunk

One is not supposed to have a system.exe file in the system32 directory.

And, look at the icon. An .exe file is carrying a folder icon! But from where it has got the icon? I have modded system files replacing the icons including the folder ones. That means, it has got its own UI element for the folder icon.

[dcs18]

You've configured for file extensions to stay hidden - that's asking for trouble. :think:

[rudrax]

Nope, no trouble with that. Even if I keep file extension shown, you can't see a file which is protected as a operating system file, unless you manually do that in the folder option.

[dcs18]

Off-topic:

Just noticed that your screenshot - your Detail Pane is upside down

[dcs18]

Nope, no trouble with that. Even if I keep file extension shown, you can't see a file which is protected as a operating system file, unless you manually do that in the folder option.

The biggest screw up is you end up click a virus - just because it looked like a folder. :thumbsdown:

Edit:

Your learning curve is taking a beating due to reluctance. :(

[SnakeMasteR]

Virus total result for one of them: https://www.virustotal.com/en/file/0f98dc57658a3e5176492fd1fa3e0f28ae4ad675374a95ac9b27eb2e9cd1afac/analysis/1363840768/

P.S. My 102 days of personal experience with WSA - "It may detect more false positive but never compromises" and of course, it is the lightest security suit in the planet till date.

Detecting an autorun worm as win32 malware.gen is just silly. Especially when i see that on avast! very often when the exe has been packed or compressed but never really contained an virus but your userinit did, obviously. :lol:

[rudrax]

Off-topic:

Just noticed that your screenshot - your Detail Pane is upside down

Yeah, that's topshell. Other one is HUD Apocalypse. It has upside up :lol:

[rudrax]

Nope, no trouble with that. Even if I keep file extension shown, you can't see a file which is protected as a operating system file, unless you manually do that in the folder option.

The biggest screw up is you end up click a virus - just because it looked like a folder. :thumbsdown:

Edit:

Your learning curve is taking a beating due to reluctance. :(

That's not the only thing. It's just another aspect.

[rudrax]

Virus total result for one of them: https://www.virustotal.com/en/file/0f98dc57658a3e5176492fd1fa3e0f28ae4ad675374a95ac9b27eb2e9cd1afac/analysis/1363840768/

P.S. My 102 days of personal experience with WSA - "It may detect more false positive but never compromises" and of course, it is the lightest security suit in the planet till date.

Detecting an autorun worm as win32 malware.gen is just silly. Especially when i see that on avast! very often when the exe has been packed or compressed but never really contained an virus but your userinit did, obviously. :lol:

I won't mind if my Antivirus detects an infection as a p0rnstar :lol: but I'll care to mind if it let that in the deep.