Solved

New Folder.exe

Posted on 2007-03-30
4
13,564 Views
Last Modified: 2013-11-22
Good Day~!

All the computers were infected with virus. I can't seem to identify the virus name. Has used Norton Anti Virus to scan the whole computer but to no avail (Zero Detection).

But what I did know about the characteristics of the virus is that it likes to create an application with an icon folder under each drive. e.g. even for USB External Mass Storage Drive. Then under each folder, it creates another application with icon folder under that folder using the name of the folder it resides in.

Example: Under D:/ it creates New Folder.exe. If I have folders under D: drive such as My Pictures, Cards...etc. the virus created My Pictures.exe, Cards.exe...etc under each of the folders it resides in. Each file that the virus created has size of 262KB.

If I have a pen drive and formatted it, and then open it, I will find New Folder.exe under the pen drive directory. One more thing, under C:/windows, there is a scvhost.exe with icon folder in every infected computer.

Then, I try to find the answers to these all confusions in www.symantec.com and type svchost in the Search Engine box. When I click one of the links, the computer restarts by itself. If run regedit, the windows will show Error Message: "The Registry Editing has been disabled by your administrator", then restarts it.

I would really appreciate it if someone can find the answers to these questions:
1.) What is the name of the virus?
2.) How to remove it completely?

Thanks~!
0
Comment
Question by:princeshawn
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 8

Accepted Solution

by:
Mshine earned 50 total points
ID: 18822543
Try this... about 7 posts down, a post by "Ellena"
http://www.bullguard.com/forum/9/Folderexe-Removal_30635.html

See if this solution will work for you! Depending on how many PC's you
have infected, it looks like you have a lot of work a head of you. Sorry.
0
 
LVL 4

Expert Comment

by:vnicolae
ID: 18823672
It may be just me, but I REALY don't like symantec. It lets a lot of viruses get by. Try avast (you can downoad the free home version) and it will find most viruses and trojans. You may have to boot in safe mode for that.

I would also run hijack this and spybot to make sure you're clean afterwards.
0
 
LVL 8

Expert Comment

by:Mshine
ID: 18826088
vnicolae I TOTALLY agree on Symantec AND McAfee both... Personally I have always
been a little paranoid about these companies.. Often suspicious that the virus
are sometimes a product of the people promising to find and protect you from them!

I have NEVER paid for antivirus software! I use AVG personally and it has always kept
my machine in tip top shape! The FREE home version even allows for Scheduled updates
and scans, which is highly unusual for a free product.

I cannot comment on Avast, because quite frankly I have been so happy with AVG, I've
had no need to look for anything else!

I recommended AVG to the company I work for, they purchased the product and it has
served us well in the corporate environment as well.

Princeshawn.. try booting into safe mode and running a scan, or try the suggestion provided
in the link I posted above and let us know how you make out. Good luck
0
 

Author Comment

by:princeshawn
ID: 18848032
Ok... I will try ur suggestion MShine...

Basically, what i did was format the computer from the scratch and reinstall everything... Haha...

It is Brontok Virus then but I thought there are two viruses... which creates all th *.exe folder under each directory.

Anyway, will get back to this post ASA I can...
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you try to extract and to view the contents of a Microsoft Update Standalone Package (MSU) for Windows Vista, you cannot extract the files from the MSU. Here we are going to explain how to extract those hotfix details without using any third pa…
A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question