Unfortunately, my PC got infected with the so-called Surabaya virus yesterday. It happened when my sister wanted to transfer something onto her USB removable drive from my computer. I learned afterwards that this virus spreads through USB devices, so take care when you’re using a USB drive that has been used on someone’s else computer.
The darn virus affects all drives, and hides all folders within. You cannot unhide them using the ‘Show/hide’ command in Folder options. It slows down the computer a lot. It also does the following:
- Disables Task Manager.
- Disables Regedit.
- Deletes all previous restore points in System Restore.
- Closes all processes (programs) that have the words ‘anti’, ‘spyware’,…etc.
That’s in order to prevent any attempt of removal.
You know you have this virus when you get this message on Windows start-up:
Surabaya in my birthday
Don’t kill me, I’m just send message from your computer
In addition to a paragraph of indonesian text. Surabaya is the second largest city in Indonesia, so the origin of the virus is most likely from there.
I’m now trying Windows Live OneCare safety scanner. I hope it sorts things out.