Windows Need to get rid of this infection ASAP...

[nRiTeCh]

Yesterday I attached old hdd from my office to my pc and went clicked a music shortcut inside a folder which wasnt suspicious but then this happened...

Now in all of my partitions inside every folder this Music shortcut is present and point to this location:

C:\WINDOWS\system32\cmd.exe /c start ..\MozillaFirefox\GoogleChrome.exe /AutoIt3ExecuteScript ..\MozillaFirefox\GoogleChrome.a3x explorer ChrW(41-4) & ChrW(67) & String( ChrW(92-24) ) & ChrW(66-29) & exit

And also the same folders shortcut gets created alongside which again points to the same above location.

And these are the file responsible for infection spreading:

Mozilla Firefox folder gets created in root of every partition

TRied mamny but no antiviruses arent detecting it at all. I deleted the registry keys and all and also manually deleted all Music shortcuts from all drives but it appears auto after reboot again on all drives.

 

[nimod]

I haven't used windows for years, but you can try this:

• Get any Live Linux image. (max 1GB)
  
• Write it to a pen drive.
• Boot your PC to Linux.
• Open these partitions for read/write.
• Search for these folder/files and delete them.

If this doesn't work, back up your data and look for some other method.

 

[Marcus Fenix]

You can use Malwarebytes AntiMalware to get rid of this infection.

You don't have any AV installed right?

 

[kiranrss]

Check you mozilla FF addons if you have this browser installed , check @ in the firefox > help > troubleshooting information page

 

[ssslayer]

Did you by any chance create this in the past? Perhaps for fun?
Looks to be a "harmless" kind of AutoIT script that just replicates.

Search and delete any AutoIT script that you have on your PC.

 

[nRiTeCh]

Thanks for all replies.

Tried no. of tools ranging from malwarebytes, MS toolkits and avast av but all did their jobs upto certain level.

Then had to manually hunt for individual files and finally got rid of that shit!!!

Surprisingly there wasnt a single entry in registry.

 

[Marcus Fenix]

Why not get rid of Windows xp and get Windows 10???
Windows xp has no official support from MS.

 

[nRiTeCh]

I never cared for any support from MS and i got all OSes installed Xp, 7, 8, 10. Xp is light and best for me so mostly use it for tools and RnD.

 

[aalok]

faced almost same issue couple of days back.. MSE took care of these infections, though i had to run MSE thrice to completely remove these infections. In my case, the file was skypeee.a3x.
OS : windows xp sp3

 

[Crapmypants]

mse is pretty poor when it comes to virus detection.
malwarebytes, spybot and avira are the ones i would recommend.
i too don't care about ms support etc. and was on xp for as long as i could but after a while i really needed to shift over to a 64 bit os so skipped vista and got on win 7. it turned out to be less hassle than i thought. now i'm trying to avoid win10 for as long as possible. forced updates from ms are a deal-killer for me.
if all else fails, backup and reformat.