I just scanned my computer with a squared, antivir, spybot, adaware, and a rootkit detector. Nothing came up. But then I noticed that run -> "regedit" did nothing, but "regedit.exe" works. Then, even worse, I noticed I couldn't see system32, even though hidden files were displayed.
A quick searched on the net, and it seemed like I had worm alcan a/b and its variants. Apparently it hides system32 and various .com files, such as regedit.com, etc. So I removed attributes on system32 and the files it was suppose to create, and found the following:
regedit.com
cmd.com
tasklist.com
ping.com
tracert.com
As well as 2 registry entries for regedit.com and cmd.com. All these files were created on the same date, same time. A search for all files created on this date yielded only these files.
However, these files are only 2kb. Also, I don't have any of the other symptoms or files of the worm described. Now I don't know what to think. Supposedly this worm is associated with p2p programs, such as limewire. I do have limewire installed but I rarely use it. I do't know if these files came in with it somehow, but I don't have any of the other symptoms described. Also, my computer and router are blocking all ping requests and only necessary ports are open. I use a separate, limited privilege account for every day use as well. Somehow this thing still got through. And none of my antivirus or spyware tools found it. What the heck is going on? Is this a virus, worm, or something else?
A quick searched on the net, and it seemed like I had worm alcan a/b and its variants. Apparently it hides system32 and various .com files, such as regedit.com, etc. So I removed attributes on system32 and the files it was suppose to create, and found the following:
regedit.com
cmd.com
tasklist.com
ping.com
tracert.com
As well as 2 registry entries for regedit.com and cmd.com. All these files were created on the same date, same time. A search for all files created on this date yielded only these files.
However, these files are only 2kb. Also, I don't have any of the other symptoms or files of the worm described. Now I don't know what to think. Supposedly this worm is associated with p2p programs, such as limewire. I do have limewire installed but I rarely use it. I do't know if these files came in with it somehow, but I don't have any of the other symptoms described. Also, my computer and router are blocking all ping requests and only necessary ports are open. I use a separate, limited privilege account for every day use as well. Somehow this thing still got through. And none of my antivirus or spyware tools found it. What the heck is going on? Is this a virus, worm, or something else?