WTF I HAVE VIRUS... Delete or.. wtf? MOFOOO WTF

[LOLyourFace]

Two of them..

Virus 1

Virus 2

The first solution doesn't work because the string value never changed from the first place. I just want to delete them but the infected files are both,

C:/Windows/System32/Systray32s.exe
C:Windows/System32/Shell32.exe

Aren't they vital files? I'm afraid if I delete them, windows might not boot up again, hence making me install XP from scratch.. WTF.. WTF TO DO???!?!??!?!

[EDIT]
I think I figured it out.. (which all of you have missed )

Those both Systray32s.EXE and Shell32.EXE are FAKE

because the real ones are .DLL not .EXE

I deleted the sh!t out of it.

Keep in mind those Two are the only files that are infected, I think each virus for each file.

 

Can't you have your AV program disinfect the files?

 

[LOLyourFace]

uncleansible.

must delete... and im worried.

come on, some guru get in here and give me a satisfying answer.

 

[SSP]

Hmm, I have neither of those files in my XP system. There was a shell32.exe and a systray.exe but that does not match your filenames (did you type the right files?).

 

[LOLyourFace]

yea they're spelled out perfectly.

maybe those are fake files? and I can delete them?

Shell32.exe IS a valid file you and I both have... but not Systray32s.exe

 

[bmd]

Neither of those look that malicious, I wouldn't worry about it too much.

 

[CraigRT]

rename the virus files to something else and keep them around, if the system LETS you do this, they are not in use and likely wont ever be.. if you are not allowed to do it, get a boot disk (DOS) and boot into MS-DOS like a 98 disk or something, and then rename the files that way. if the OS fails to boot after that you know they're real files that you need, and you can then act accordingly. first step is to try renaming them in windoze. it won't let you rename it, if it's an important file most of the time... which you would be lead to think those are..

 

[LOLyourFace]

it prevents me from running WinXP disk clean up wizard.

and I sure ain't hell gonna leave them alone in my comp.

 

[HappyPuppy]

Write down the path to each of the files. Rename both files and reboot. If it fires up and runs right then you know they aren't necessary files and you can delete them. If it won't reboot back into windows, or doesn't run properly, then reboot to a bootable DOS disk and rename them back to what they were.

 

[bmd]

I searched for info on mcaffee.com and norton.com and neither one had any records of either virus. /shrug

 

[Talon]

Symantec link

 

[BigFatCow]

boot into safe mode and delete them, i did this in win2k when it wouldnt let me delete my explorer.exe file that was infected, when i rebooted into normal mode explorer.exe was back but it wasnt infercted...

 

[bmd]

Bah. Their search is either messed up or I missed that link .

 

[rahvin]

delete them if you can and before you reboot set "sfc" to run at the next reboot, then reboot. sfc is the system file checker and will replace corrupted or removed files.

 

[LOLyourFace]

I think I figured it out.. (which all of you have missed )

Those both Systray32s.EXE and Shell32.EXE are FAKE

because the real ones are .DLL not .EXE

I deleted the sh!t out of it.