2007 Jul 6 - 星 期 五 -

杜 蟲 記 ： Date set to 2005 on Windows start up

Since this could be useful to people who don't understand chinese too, so it is in English

My comp @ work, running win2K, got infected with some worm and would get the system date changed to the year 2005 everytime Windows starts. (Time, Month, Day all the same except year becomes 2005)

It is a problem because it would somehow make my antivirus stop functioning, and then the program would start inviting other Trojan horse or worm into my computer.

I cleaned up so many Trojan and worms throughout the process of fixing this date changing problem, but the date changing does not go away.

I checked the registry, where it stores the program to be loaded on start up / login, w/ nothing found

I checked autoexec.bat, it is empty

Then I go to google, and found this forum talking about it

http://forums.techguy.org/windows-nt-2000-xp/589453-windows-date-wrong-every-time.html

The guys can't solve it either, but it gives me more information about the problem

And then, I find it, in Services, there is this strange service, "AADDD866", loading a program in "C:\WINNT\System32\536E91EF.exe" as system service. I stop it from running on start up, then reboot, date doesn't get changed anymore! And I can delete the .exe file too

I was trying to post the solution back to that forum, but they want me to register before I can post a reply, get the member's email or to leave them a personal message

But then I dun wanna register for posting just 1 message... and potentially get new junk sender to get my address

should I register and help them??