What is this problem

Hi all
A co-worker at the next desk bought his laptop to me in a panic -- he'd let his 12 year old use it -- BAD BAD idea -- if you've got young kids you should NEVER let them use a computer you NEED (for work or any other purpose).

However he seems to have some nasty problem

Every directory and sub directory has a 68 byte file in it called "directoryname.exe or subdirectoryname.exe

So for example if he had an .EXE file in application_z called application_z.exe this file has been replaced with the 68 byte file one.

He's lost a bit of data as well.

Apparently he was running AVAST so this obviously didn't do him any good.

I've told him -- Wipe the disk totally and re-install -- I can't think of anything else.

Seems like a really nasty piece of malware here -- very tiny and innocuous until you want to execute a program and nothing happens.

I don't know if this is a new threat or the resurrection of an old one - maybe so old that it's been dropped from AVAST's database.

I tried MSE on his machine - it wouldn't install due to the .EXE problem -- think he'd better re-install everything again.

Just to re-iterate - NO AV software is 100% effective, ensure you have good backups of your DATA and don't let your kids use your personal machines.

Cheers
jimbo

Hi, jimbo45.

What a mess! It goes to show how powerful malware is getting these days. Personally, I agree that he should get rid of everything and completely reformat his hard drive. I was, however, wondering if it'd be possible for you to ask your friend what his son was doing on the computer? Maybe it'd be a start if we knew what sites/downloads/content he's dealt with. I think that'd help a lot.

I wish you all the best, good luck.