Taqvi11
asked on
Found.000\USB_Files.chk
I am facing some problem in my network becuse of some viruses. all foldersand thire child folders in my server have some hidden and protected files named Found.000 and Autorun.inf. While if i open Autorun.inf it has text as following...
"[Autorun]
Explore=Found.000\USB_File s.chk
shellexecute=Found.000\USB _Files.chk
shell\Explore\command=Foun d.000\USB_ Files.chk
Open=Found.000\USB_Files.c hk
shell\Open\command=Found.0 00\USB_Fil es.chk"
So Please Help Me to solve this problem.
"[Autorun]
Explore=Found.000\USB_File
shellexecute=Found.000\USB
shell\Explore\command=Foun
Open=Found.000\USB_Files.c
shell\Open\command=Found.0
So Please Help Me to solve this problem.
ASKER
I Have Tried these but failed. I have even deleted these files from one computer by booting system with ERD. but when i logged in as normal mode it was still there. I think it creates some hidden processes but i am not sure about that. Please if someone has solution for that please help me. you can see these files after enabling three options under "FOLDER OPTION" as shown in attached picture number one and two.
1.JPG
2.JPG
1.JPG
2.JPG
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
hello rpggamergirl,
i have tried it. but it creates some other undeleteable folders. but when tried in other comuter it was not working. So it's fifty fifty. Please give 100% solution if you can. thank you.
I appriciate your help.
Thanks And Regards,
Taqvi.
i have tried it. but it creates some other undeleteable folders. but when tried in other comuter it was not working. So it's fifty fifty. Please give 100% solution if you can. thank you.
I appriciate your help.
Thanks And Regards,
Taqvi.
Taqvi,
Flash_Disinfector does create autorun.inf folder but that folder is a harmless one, that's created to stop the spread of the infection.
Is that what you meant?
We've also expected you to attach the combofix log so we can check for any bad files that need to be removed using combofix script function.
You didn't have to close your question yet.
Flash_Disinfector does create autorun.inf folder but that folder is a harmless one, that's created to stop the spread of the infection.
Is that what you meant?
We've also expected you to attach the combofix log so we can check for any bad files that need to be removed using combofix script function.
You didn't have to close your question yet.
Hi Taqvi11,
What scanners have you tried using to remove the virus?
Try running these:
1. Download Malwarebytes' Anti-Malware to your desktop, check for Updates before scanning.
http://www.malwarebytes.or
2. DrWebCureIt:
http://www.freedrweb.com/c
Let us know how you go.