S3L1M created a very useful program to help revert files captured by ground.exe virus. I got infected, amd noticed it fairly quickly when I noticed ground.exe running in task manager. I would like to create this updated readme with more detailed instructions for using Ground-Damage-Fixer. Of course, you already have Ground stopped and are stuck with this messy aftermath. I included how I removed Ground.exe below in case you came across this page while still searching for a way to remove the virus.
The command to manualy unhide and retsore permissions to a file/folder is
attrib -H -S *.exe /S /D
- Run
Super Unhider - Click on
Add Files - search for files with
size:534,016
3 )After search is complete, use CTRL-Ato select all, thenCTRL-Xto cut (Icons should all now be transparent)
- Click
Open - Open
Recycle Bin, thenCTRL-Vto paste the infected.exes
- Click on the top entry in
Super Unhiderand clickUnhide(runs from selected downward) - Give it a minute to finish, then select the top entry again and click
Rename
All files should now be restored.
- I recomend having Malwarebytes Anti-malware installed (free)
- Boot into
Safe Mode. This can be done by typingmsconfigin the search bar. - Select
boottab and selectSafe boot - After restarting in safe mode, go into your start menu and delete
ground.exefrom yourstart upfolder - Go to
%appdata%/Roamingand removeground.exe - Run
msconfigand uncheck safemode (but do not restart yet) - For safe measure, run Malwarebytes Anti-malware, then reboot
ORIGINAL README by S3L1M
Ground virus leaves infected undetectable files with ugly icons, this program uses simple command to remove it and restore orignal files. you can find the program in Executable folder