The problem we're dealing with is a wake-up call for all of those who haven't been taking enough care of their PCs.

Preparation is the only way...

Just take a look at my post and you'll have your PC free of all threats once and for good!

1/. Anti-spyware: Get a free anti-spyware product: few years ago folks used to think spybot search & destroy and Adaware are the oustanding candidates for spy-ware removal, but these no longer are anymore. With the global evolution of malicious softwares all these years, the one that has the edge now is spywareterminator and its real-time scannning w/c can be down-ed fr here: www.spywareterminator.com

OR get the best commercial products like spyware doctor(www.spywaredoctor.com); webroot spysweeper(www.webrootspysweeper.com) and use torrent to get validation codes, serials, keygens or whatever for those*. This is kinda hard so I'll show you at the end of my post specifically*.

2/. Anti-virus: Some antivirus comes with spyware removal tool and vice-versa, but I strongly suggest you download anti-spy and anti-virus softwares SEPARATELY to ensure maximum safety with layered protections. Free popular anti-virus like AVG 7.5 Free Edition can be down-ed from www.grifsoft.com. But if you're wise enough at using torrent to get keygens and serials*, download kaspersky antivirus 6 at kaspersky.com (takes a lil bit long but is much better compared to AVG- its detection rate: more than 95% while AVG Free is only 85%)>>You can see statistics of every tests that were performed to compare many famous security products on techsupportalert.com

3/.Firewall: to completely prevent malicious softwares from entering ur PC, windows XP firewall can no longer provides enough protection in this case... Go to comodo.com and get urself a free robust Comodo firewall! Or perhaps you can just try some of these recommendations:

Ace choice: Zonealarm Internet Security Suite from zonealarm.com- download 15 days free trial then search torrents for keygen to change ur trial license to permanent license*.

Last choices: Sunbelt Kerrios and other lame stuff- i prefer not to mention all of these as my post is gettin pretty damn long- go search the internet for these if u want 2, YUCK!

4/.Intrusion prevention system: you must get one now from winpatrol.com, its free for life so dont even think about paying a dime! Never mind other commercial IPS on market.

5/.Layered protection?: It is infact true that the more anti-malicious softwares you have on ur PC( provided that they dont interfere each other) the more safe ur PC will be. Its simply called LAYERED PROTECTION folks! A layer composed of 4 things: anti-virus, anti-spyware, windows intrusion prevention and firewall is the BEST protection ON EARTH you can get for ur PC; and remember u DONT need to pay for any of those if u use jus abit of common sense!

6/.Safe surfing: Download the FREE McAfee site advisor from www.mcafee.com. It is only 6MB and helps you identify w/c is a good/bad site.

7/.Fix errors, erase unnecessary files + registries, remove traces of malwares and speed-up PC: can be done easily with ToniArts award-winning ECleaner for absolutely FREE.

Go to this site and down it, believe me this really ROCKS!!!

personal.inet.fi/business/toniarts/ecleane.htm

8/.Rootkit removal tool: is used to remove ROOTKITS w/c hide virus, trojans from anti-virus products and are "deadly" to ur PC. Get one NOW! from www.grifsoft.com (the new AVG rootkit cleaner) or world best cyberhawk machine(www.cyberhawk.com)

9/. What Im using: Webroot spysweeper, Kaspersky 6, Zone alarm Internet Security Suite, Winpatrol, AVG rootkit cleaner, BitDefender for ICQ(IMessenger), McAfee Site advisor, ToniArts ECleaner and Spywareterminator. These 8 never caused interference so far and I've had no probs whatsoever with virus, pc errors or any of those nasty stuff everybodyz complaining about.

10/. Finally the torrent-related question: Torrents are like black market software products that are uploaded by users to help others being able of using expensive commercial products for FREE. Here are the steps: download bityrant from www.bityrant.com (dinosaur symbol). It's one of the best 3 torrents-downloaders, a total speed-lord!

Go to btjunkie.org for the best torrent clients, and search for anything you like BUT keep in mind that some of these can contain virus, trojans and spywares so always b ready to scan downloaded files using the above security softwares I recommended before opening it. Spyware terminator and Kaspersky rocks at these!!^^



Thanks 4 reading!

2

I think you have XYZ virus which goes hand in hand with GOLD-BUG virus.



Try doing a free online scan here:



http://www.bitdefender.com/scan8/ie.html



Virus Name: XYZ

Aliases: X-AMINE YOUR ZIPPER

V Status: New, Research Viron

Discovery: January, 1994

Symptoms: None - Pure Stealth

Origin: USA

Eff Length: 440 Bytes

Type Code: OReE - Extended HMA Memory Resident Overwriting .EXE Infector

Detection Method: None

Removal Instructions: See Below



General Comments:



The XYZ virus is a HMA memory resident overwriting direct action

infector. The virus is a pure 100% stealth virus with no detectable

symptoms. No file length increase; overwritten .EXE files execute

properly; no interrupts are directly hooked; no change in file date or

time; no change in file attributes; no change in available memory;

INT 12 is not moved; no cross linked files from CHKDSK; when resident

the virus cleans programs on the fly; works with all 80?86 processors;

VSAFE.COM does not detect any changes; Thunder Byte's Heuristic virus

detection does not detect the virus; Windows 3.1's built in warning

about a possible virus does not detect XYZ.



The XYZ virus will only load if DOS=HIGH in the CONFIG.SYS file. The

first time an infected .EXE file is executed, the virus goes memory

resident in the HMA (High Memory Area). The hooking of INT 13 is

accomplished using a tunnelling technique, so memory mapping utilities

will not map it to the virus in memory. It then reloads the infected

.EXE file, cleans it on the fly, then executes it. After the program

has been executed, XYZ will attempt to infect 15 .EXE files in the

current directory.



If the XYZ virus is unable to install in the HMA or clean the infected

.EXE on the fly, the virus will reopen the infected .EXE file, remove

itself, and then write the cleaned code back to the .EXE file. It

then reloads the clean .EXE file and executes it. The virus can not

clean itself on the fly if the disk is compressed with DBLSPACE or

STACKER, so it will clean the infected .EXE file and write it back.

It will also clean itself on an 8086 or 8088 processor.



It will infect an .EXE if it is executed, opened for any reason or

even copied. When an uninfected .EXE is copied, both the source and

destination .EXE file are infected.



The XYZ virus overwrites the .EXE header if it meets certain criteria.

The .EXE file must be less than 62K. The file does not have an

extended .EXE header. The file is not SETVER.EXE. The .EXE header

must be all zeros from offset 72 to offset 512; this is where the XYZ

virus writes it code. The XYZ virus then changes the .EXE header to

a .COM file. Files that are READONLY can also be infected.



The text string "XYZ" and "ZYX" appear in the virus code but are not

displayed.



The XYZ virus has a companion virus that it works with. The GOLD-BUG

virus also goes memory resident in the HMA and reserves space for the

XYZ virus.



To remove the virus from your system, change DOS=HIGH to DOS=LOW in

your CONFIG.SYS file. Reboot the system. Then run each .EXE file

less than 62k. The virus will remove itself from each .EXE program

when it is executed. Or, leave DOS=HIGH in you CONFIG.SYS; execute

an infected .EXE file, then use a tape backup unit to copy all your

files. The files on the tape have had the virus removed from them.

Change DOS=HIGH to DOS=LOW in your CONFIG.SYS file. Reboot the

system. Restore from tape all the files back to your system.

Your computer is 0wn3d, cracked - somebody has broken into it. Installing antivirus on operating systems with inherently weak security is useless. Stick to good, secure OSes, like Mac OSX, Ubuntu, Fedora, PC-BSD, etc.