[AccessD] Strange happenings (Rather OT, but Advice is appreciated)

Jim Dettman jimdettman at verizon.net
Wed Apr 25 07:34:41 CDT 2012 

 Couple of the popular rootkit's/viruses making the rounds right now are
doing this.  They actually don't delete the files, but mark them as hidden
so you think their gone.

 You then get warnings that your having a hard drive failure and a "Click
here" to repair.

 Bleeping computer has an unhide utility that works well:

http://www.bleepingcomputer.com/download/anti-virus/unhide

  I would before doing anything else make sure the options in explorer are
set to show all files and then look and see if the files are really there or
not.  Also a quick check disk to verify that your really not having a hard
drive problem (with a 4 year old machine, you are getting to the point where
HD failure is a distinct possibility).

  If you do have the files and they were hidden, then I'd get TDS Killer to
check for root kits and Rkill to check for anything in memory.

  But if you have a recent backup, you may find it easier just to wipe the
drive and start fresh.  If you haven't done that ever, then with a 4 year
old system it's a good idea anyway.

Jim. 

-----Original Message-----
From: accessd-bounces at databaseadvisors.com
[mailto:accessd-bounces at databaseadvisors.com] On Behalf Of Darryl Collins
Sent: Tuesday, April 24, 2012 08:28 PM
To: Access Developers discussion and problem solving
Subject: [AccessD] Strange happenings (Rather OT, but Advice is appreciated)

(xposted with Excel-L)

Wow...

I have a trusty HP desktop, which has worked flawlessly for about 4 years
now out of the box.  This machine is on for most of the day and night, most
days and nights. 

It is basically the family PC in the lounge room.  Last night I was at home
listening to music on iTunes thru the headphones when I noticed some of the
tracks in the list started to flag themselves as unavailable - What the???

Went to the desktop so I could check the folder and stacks of Icons are now
missing, - there were there not 10 mins ago. I check the folders - stacks of
files were missing.

I immediately shut down the whole system, rebooted and the icons and files
were still missing.  Ran a system restore which got back the programs and
their icons, but gobs of data had been deleted.

Luckily I have pretty good backups of my data, and I have also found some
software that seems to be able to restore most (if not all of the) deleted
data from the existing drive.

My question is WTF happened.  It was almost like one of those virus's from
the mid 90's that kids used to write - You know "Delete all jpgs and mp3".

Actually it was wiping a whole stack of stuff.

I am pretty tempted to wipe the drive and reinstall from scratch.  First I
will see if I can recover the system.
It is weird.  Bookmarks from the brower, shortcut buttons etc were also all
wiped.

Never seen anything like it...  
Anyone got any suggestions?

Cheers
Darryl.

-- 
AccessD mailing list
AccessD at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/accessd
Website: http://www.databaseadvisors.com

More information about the AccessD mailing list