Filename:
Classified.exe
Related to:
W32.Daprosy
File Directory:
%Windows%\
%UserProfile%\My Documents\
Startup Type:
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Classified.exe
Removal and Protection:
Deleting the file Classified.exe will not help in removing the threat on computer. Antivirus and Anti-Spyware Software are recommended for automatic removal and protection. To remove this malicious file, please download and run MalwareBytes Antimalware.
33 Responses for "Classified.exe"
i had tested out almost all of the known antivirus to remove the virus but they doesn’t solve the removal of the classified.exe.
any help will be much appreciated
i had the same problem too.. my first anti virus was avira.. and also i have malwarebytes.. but it only inactivate my antivirus. then i tried to download kaspersky but it can’t delete the classified.exe.. this folder is locked.. and all the sites of antivirus, malware, spyware and others are also blocked.
try downloading usb disk security…
then make your HD as a flash disk by using a IDE/SATA USB cable to scan it in another computer with the disk security…
that would work i already tried it…
“try downloading usb disk security…
then make your HD as a flash disk by using a IDE/SATA USB cable to scan it in another computer with the disk security…
that would work i already tried it…”
Nah..It won’t!
I may say, once your pc is infected with this worm, it disable or blocked your antivirus, making it useless…It replace folders with an application with the same name and icon…original folders are set by this wom as super hidden so it appears to be deleted though it is really not.
My solution scan your infected hardrive to another pc with a removal tool…i have use an updated removal tool from kaspersky and it works… here’s the links:
Download 1 (http://downloads1.kaspersky-labs.com/devbuilds/AVPTool/)
Download 2 (http://downloads2.kaspersky-labs.com/devbuilds/AVPTool/)
Download 3 (http://downloads5.kaspersky-labs.com/devbuilds/AVPTool/)
install this on a clean virus free pc then scan your infected hard drive or usb…It will detect and delete the worms…
As to restore the hidden folders, you have to set folder options to show all files and uncheck the hide protected operating system…to be able to view the hidden folders…then you may manually change its folelder attributes by right click the properties… or you may download a software called Attribute Manager 2.6 to ease the work of setting attributes…
Be sure to reset folder options for protections…when done…you may rescan to be sure worms are gone…then test the hard drive on your pc…
Its kinda long process but it works for me…
Hope It helps…God Bless!!!
Guys try this to remove Classified.exe worm
1. Download Hitman Pro 3.5 and run it to your computer
* This will remove threats in windows. Restart your computer
2. Download Kaspersk removal tool and run this in your computer.
* Run this tool after hitman. Remove all the threats that were found
3. Open regedit and do the following
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
SystemRestore\”DisableSR” = “1″
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\A
dvanced\”Hidden” = “2″
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\
Advanced\”HideFileExt” = “1″
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\
Advanced\”ShowSuperHidden” = “1″
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\
Advanced\”Hidden” = “2″
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer
Advanced\”HideFileExt” = “1″
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\
Advanced\”ShowSuperHidden” = “0″
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\
Advanced\”SuperHidden” = “1″
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
\”NoFolderOptions” = “1″
4. Show all the folders. Open run command and type this to the terminal:
attrib -h -s /s /d
*At this point the folders were back and your computer is now free from Classified.exe
5. Rescan again just to make sure your computer is safe from any threats
Oct 10 2007, 09:24 AM
Here’s a Tip on USB Devices on protecting them.. Hope you want this… Enjoy
1. Check first the Auto Insert Notification setttings. Set it to “prompt user…”.
2. Insert your USB device
3. Open “My Computer” after the USB loads
4. DON’T left-click, but right-click on the USB drive
5. Check: (very important)
if it displays:
QUOTE
Open
Explore
Search
Autoplay
then it’s safe.
if it displays:
QUOTE
Autoplay
Open
Explore
Search
or:
QUOTE
Auto
Autoplay
Open
Explore
Search
or:
QUOTE
0pen
Autoplay
Open
Explore
Search
or:
QUOTE
Open
Autoplay Folder Options. If Folder Options isn’t displayed, then proceed to step 7**
2. Go to the View tab, then enable “Show hidden files and folders”, and uncheck “Hide extensions for known file types” and “Hide protected operating files” (click yes on this part)
3. Apply and Ok
4. Click the address bar
5. Type the drive letter of your USB device (example – F:\)
6. Look for suspicious files… like EXE files that has the icon of a folder, and named after the folder it is in… or VBS files in the root folder… or krag.exe and other unnecessary executables, or the folder RECYCLER. Delete those.
7. Run Notepad
8. Go to File>Save As, go to any folder you want to save.
9. Name it as “autorun.inf”, then save.
10. Copy autorun.inf
11. Paste it on the root folder of the USB drive (example – F:\)
12.Confirm file overwrite.
13. Reconnect your USB device.
14. Finished. No more Autoplay.
**if there is no Folder Options, then it might have been disabled by the administrator, or your system also has already been infected.
===================================
Also dont Reboot PC (pressing restart button.) while your USB Device is inserted. it can corrupt data…
thanks jeff !
Thanks a lot jeff. It worked.
Hi Jeff…what if in the part below where the “Advanced” folder is missing in my case…how do i go around with this?
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\
Advanced\”Hidden” = “2?
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer
Advanced\”HideFileExt” = “1?
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\
Advanced\”ShowSuperHidden” = “0?
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\
Advanced\”SuperHidden” = “1?
Thanks for all the help i could get =)
can i just copy the “Advanced” folder from another pc and paste it on the directory on my pc?
thanks jeff!
all my foldera are gone. there is no folder options. how do i get it back? pls help jeff
how do i show all the folders????
How to remove this virus…
1. Boot in safe mode with command prompt. Do NOT boot on safe mode with networking. the virus will be active.
>to boot in safe mode>>>start your computer>> while restarting press F8>> then choose safe mode
2. Run regedit (Start >> Run >> cmd)
3. Delete the following registry entries:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\”WinSys” = “%Windir%\system.exe”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\”LSAShell” = “%Windir%\lsass.exe”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\”SessionMngr” = “C:\Documents and Settings\All Users\Application Data\PolariSys\dirlock.exe”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\”Shell” = “Explorer.exe \”C:\Documents and Settings\All Users\Application Data\Microsoft\Keyboard\kbdsys.exe\”
4. Edit the following entries too:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore\”DisableSR” = “1″
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\”Hidden” = “2″
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\”HideFileExt” = “1″
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\”ShowSuperHidden” = “1″
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\”Hidden” = “2″
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\”HideFileExt” = “1″
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\”ShowSuperHidden” = “0″
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\”SuperHidden” = “1″
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\”NoFolderOptions” = “1″
Note: “0″ is to disable, “1″ is to enable.
Very Important Note:
Use Attribute Changer first to fix regular folders’ attribute BEFORE fixing the registry.
________________________________________
here’s my regentry for the above:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore\”DisableSR” = “1″
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\”Hidden” = “2″
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\”HideFileExt” = “1″
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\”ShowSuperHidden” = “0″
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\”SuperHidden” = “0″
________________________________________
5. Manually delete the following files
%System%\hlpsvc1.exe
%System%\hlpsvc2.exe
%SystemDrive%\Read1st!.exe
%SystemDrive%\goats.exe
%Windir%\Classified.exe
%Windir%\system.exe
%Windir%\lsass.exe
%Windir%\shutdown.dll
%UserProfile%\My Documents\Classified.exe
C:\Documents and Settings\All Users\Application Data\Microsoft\Keyboard\kbdsys.exe
C:\Documents and Settings\All Users\Application Data\PolariSys\dirlock.exe
Also clear your startup folder
%Windir%\ is usually Windows (unless you specified a diff one upon OS installation)
%system% and %systemDrive%\ is the drive where your OS is (usually C: drive)
hi..
i have finished doing steps 1 to 4..
but i couldn’t delete the ff files in step5:
%System%\hlpsvc1.exe
%System%\hlpsvc2.exe
%SystemDrive%\Read1st!.exe
%SystemDrive%\goats.exe
%UserProfile%\My Documents\Classified.exe
C:\Documents and Settings\All Users\Application Data\Microsoft\Keyboard\kbdsys.exe
C:\Documents and Settings\All Users\Application Data\PolariSys\dirlock.exe
i need help please… thank you.
God Bless.
me too..
i coudn’t delete also.
where can i download hitman pro 3.5?? and kaspersk removal tool? ca any1 pLease give me the link. .please. .the ones dat i downloaded, were all corruplted.d.:(
please help me. .
the most classified virus removal is classified.exe by subatomica all kind of virus like classified, autorun, and try to visit the website ulop.net to more idea you want to know about pc
Best Solution ……… for classified.exe
1.login from safemode with command prompt
if explorer not loaded then type explorer.exe
2.(remove virus)
download “stinger” from macafee it’s Standalone anti-virus scanner for certain viruses.
run the virus scanner scan all local drivers including external removable disks
restart pc
3. (show hidden files)
last run this command in command prompt:
for /r c:\ %v in (.) do attrib -r -h -s “%v”
1. restart your computer…(it is an .exe file nothing will happened if you will not open it.
2. delete the clasified.exe by cmd (you must located it first)(desktop, drive d, c)
3. example(located at d:)
4.now go to cmd type this
d:
dir/w/ah
del/a/f clasified.exe
5its done restart again your computer.
I’m encountring same problem with the virus but i cant follow that suggestions…. pls… help me in most easiest way!!!! pls,,,,pls,,, asap… =pls….
What if I don’t have an internet connection?What should i do?
I still cannot remove this virus or files (classified.exe) on some directories.. keep saying “The process cannot access the file because it is being used by another process..”? Please help.. Thanks..
i dont know how to regedit?? what part will i edit files?? please? and how to show folders like that… HELP:)
- hey ..what if i can’t run my computer on safe mode.,how can i remove this daprosy virus ir itherwise you guys called it classified.exe virus
- hey ..what if i can’t run my computer on safe mode.,how can i remove this daprosy virus or otherwise you guys called it classified.exe virus
hello.. i have the same problem too… i’ve tried to do what u said jeff… but in my case… it says… couldn’t find the said location.
Try this… Classified.exe remover
USE AT YOUR OWN RISK!!!
Download:
hxxp://rapidshare.com/files/352192338/Class-X.exe.html
or visit this site http://www.trismund.net.ms
i really need help here,… how can i possibly remove the classified.exe?
Thanks JEFF. You helped us
hi guys… ive’d been experienced that problem too. thats kind of worm is very dangerous. bcoz once u clik the infected drive it will spreadout. all ur folders, system folders etc.. it will do superhide. it was displayed a same folder.
solution:
1. slave ur infected hardrive to another computer that hav an updated anti-virus. i used eScan antivirus. or u tried nod32, and malwarebytes. just download to internet.
2. scan ur infected hdd… and it will automatically remove all folders infected by clasified.exe
3. show hidden files and folders.
4. back-up ur cleaned files to free disk hdd.
5 reformat and reinstall ur computer…
hi guys,, where did i get this virus?
can you give me an easiest way to remove this classified virus,, im very annoyed,,
those recommended way was for pro,, im not sure if im going to try it im scared that if i did try ,it will worse the damage
Any Response?
Can't Find a Solution?
Start a Discussion Here!