ankitjain11 said:
whenever i am opening an folder three files.,viz desktop.ini,temp.htt and winzip_tmp.exe are being written to the folder. I fear this a virus bcoz the side panel is getting lost and whatever i do cannot delete those files. I have reinstalled my OS many times but all fails......
If anyone couls help me.
I believe it's the "Nyxem.E" virus that your system is infected with... I'm not sure though! On the 3rd of the month it will attempt to delete a lot of documents off the user's disks, including Office documents (*.doc, *.xls, *.ppt, *.pps), PDF files, .zip and .rar archives among others.
The virus will modify the Desktop.htt configuration file which controls how Active Desktop is displayed to user systems. The change is to launch a copy of the virus as C:\WinZip_Tmp.exe whenever Windows loads the Active Desktop (Windows start up). The virus appends JavaScript code to
C:\Documents and Settings\{user}\Application Data\Microsoft\Internet Explorer\Desktop.htt
The code uses an ActiveX control to reference the file "WinZip_Tmp.exe". Additionally, the virus will modify the "desktop.ini" configuration file to point to an infectious "Temp.htt" HTML file to launch the virus. The virus is coded to register the dropped ActiveX control through changes to the system registry.
