[Inactive] Virus setting all files to 0kb!

**buggyglint** · February 19th, 2012, 04:13 PM

I have a huge virus problem on my hands guys. Some virus is setting ALL of my files to 0 kb to make it look like my hard disk is empty. I've tried to roll back to a system restore which does work, but the virus seems to start when windows starts up so it started to do the same thing after the system restore.

I have restores left and I'm now in safe mode running scans with avast

. I'm not sure if I will find anything because the virus isn't loaded when running safe mode. I need some help badly, is there someway I can try to catch it before windows starts? I've already tried a scheduled boot-time scan with avast and no luck.

**Train** · February 19th, 2012, 04:24 PM

Follow the instructions at
http://discussions.virtualdr.com/sho...d.php?t=167915

Malwarebytes will install and update using Safe Mode with Networking.

**buggyglint** · February 19th, 2012, 04:28 PM

Is Malware-bytes a good antivirus remover? I thought it was for spyware only.

**Train** · February 19th, 2012, 04:52 PM

Yes, it is for spyware and spyware can be worse the a virus.

Fact is both can be horrible.

**buggyglint** · February 19th, 2012, 05:23 PM

Ok, I ran a scan and this is what it found. I'm now restoring again and ill post back to see if my files have been restored and virus or spyware hopefully removed.

**Train** · February 19th, 2012, 05:42 PM

Please post the logs as we have folks who will not open attachments. Plus they are easier to read.

Malwarebytes Anti-Malware (Trial) 1.60.1.1000
www.malwarebytes.org

Database version: v2012.02.19.04

Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
Nick :: NICK-PC [administrator]

Protection: Disabled

19/02/2012 3:31:39 PM
mbam-log-2012-02-19 (15-34-52).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 229613
Time elapsed: 2 minute(s), 17 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run|Nvidia (Trojan.Agent) -> Data: C:\Program Files (x86)\Defender\csrss.exe -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Realtek (Trojan.Agent) -> Data: C:\Program Files (x86)\Defender\csrss.exe -> No action taken.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 4
C:\Users\Nick\Downloads\ChromePass.exe (PUP.ChromePasswordTool) -> No action taken.
C:\Users\Nick\Downloads\Codec-C.exe (Affiliate.Downloader) -> No action taken.
C:\Users\Nick\Downloads\dvp_install.exe (Trojan.Spambot) -> No action taken.
C:\Users\Nick\AppData\Local\Temp\xxxyyyzzz.dat (Malware.Trace) -> No action taken.

(end)

**Train** · February 19th, 2012, 05:44 PM

> No action taken.

The instructions said to fix what was found. Plus, by using the restore, you just re-infected your computer.

Rerun mbam [malwarebytes, fix what it found and POST the log.

Thread: [Inactive] Virus setting all files to 0kb!

Thread Tools

Search Thread

Display

[Inactive] Virus setting all files to 0kb!

Thread Information

Users Browsing this Thread

Posting Permissions