I recently got a virus from a filesharing site. After a while, my browser became hijacked, the wallpaper changed and I started getting loads of popups. One popup was a window made to look like firefox, but wasn’t even firefox. It was somehow created by the explorer.exe process. CTRL + ALT + DEL would not work, but I managed to download a process explorer program to end any stupid processes, primarily winupdate86.exe which was part of the virus. This virus did not allow Malwarebytes to run and it would delete mbam.exe, even when I managed to get the program file renamed and moved to another directory, I would get a runtime error as well. Ad-Aware also became disabled. If you tried to go into safemode, you would get a bluescreen stop error too which would end up restarting the computer, so safemode on windows would never work.
The strange thing was that, I usually know what a virus looks like, I’m not downloading random attachments, and mp3 files are usually harmless. Also I’m not executing .exe files, so how did I get a virus? I read online that older versions of Java Runtime Environment contain vulnerabilities that can allow such a thing. Also I noticed lately a lot of Turkish hackers are hacking websites. My guess is that a hacker hacked the filesharing site to allow a java program to execute Trojan code which infected my system. Bottom line is update your Java Runtime Environment. I think the latest Version for Java at the time of writing this is version 5.
After getting this virus, I couldn’t trust the computer anymore since my passwords or other personal information might be taken. Keyloggers might be installed etc. So I ended up just reformatting the computer and starting from scratch.