Hi, I already posted about this problem, but since this post I discovered some things so here is the whole story : My sister once used the PC, and when I tried to boot it again later, I got a "win.com missing" error. She made a BIG mistake, running I-don't-know-which-file-coming-from-the-net. So I put another clean hard drive in as master (the corrupted one as slave), and I ran a virus scan (with norton 2002 up to date). The virus scan crashed. I think I had the same symptom when I was infected by the Klez worm, so I ran the Klez remover. Crash too. I tried simply copying the win.com back on the disk, but it seems that all other system/config files have been corrupted/deleted. I would reformat if there were no important files on this disk, but there are. And it's impossible to copy these files to a clean disk, I got the error "File is being used or..." for every file. I discovered that, in C:/windows, there are new strange directories (named for example "al\usu~1. 0"). And there are thousands of sub-folders with strange names in these directories, with thousands of files within. Impossible to remove these folders, even from a linux system, because they seem to be creating themselves permanently, or to be too deep. I think it's these folders which are making the virus-scan crash. What could I do ? Every removal tool I try is crashed or say "not infected by this virus". Does someone has an adress of an expert ? Thanx a lot, that's very important for me !

Hello Kiss, Effectively you got something which looks like a virus, I would say something like the trojan "BadtransB", which use to create multiples wrongs files to crash your hard drive.... Before doing anything, I recommend you download a wonderful program called "Trojan Remover 4.96" specialized in the hunt of thoses particulars virus, this is a freeware for one month. You find it at the address: http://www.simplysup.com/tremover/details.html When you will have used the two scans embaded in the program, and destroy totally the virus, if there is one, (Trojan Remover restore the computer to the original configuration before the corruption) you will be able then to delete all the files in your hard drive, if it don't work, you can do that too using the DOS mode, but you need to know the commands to procede in that mode... in that case your computer don't run windows, and you can act into your computer as you wants......

Ok I found two suspect files witht he trojan remover : wyn.com and diamond.ini, and deleted them. One of the strange directories is gone, with all the subfolders. But there are still other directories with thousands of subfolders, and I have no idea about how to delete them (I have an error under windows when I try to do this, and under linux : "file system is read only" (althought it is not !)). Any suggestion ? I'll try to post more details ASAP, but now I have to go. Thanx for the help !