Videos.exe virus

My system is infected with virus.  I am not sure the nmae of the virus as the anti virus program is not detecting the virus.    What i noticed is that files videos.exe and new folder.exe is present plus a number of other executable.  The students are unable to logout and the virus is spreading.  You can see attached file for example.
virus-image.JPG
rwhittleAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

hybridrocknrollCommented:
Go to the Run Command (Start->Run) Type msconfig, press Enter. Go to the Startup tab and look down the Items. See if anything such as the Video.exe or NewFolder.exe is running. Uncheck the box, then hit apply. It will ask for a restart, so go ahead. This should disable the programs from starting up, in turn allowing you to delete the folders. After deleting, run several different anti-virus programs. One program alone usually doesn't fix the problem. AVG free is a good free program (http://free.avg.com/) or CCleaner (http://www.ccleaner.com/download). They require you to create an account, and it gives you a 30 day trial on the CCleaner. Hope this helps!
0
hybridrocknrollCommented:
http://tec-updates.blogspot.com/2007/10/new-folderexe-virus-removal-tool.html also has a removal tool if you're having the symptoms that won't let you access your Run command.
0
rwhittleAuthor Commented:
still not working. For some reason when I check registry path I don't see any of the keys that are suggested.
ANOTHERIMAGE.JPG
0
Webinar: Cyber Crime Becomes Big Business

The rising threat of malware-as-a-service is not one to be overlooked. Malware-as-a-service is growing and easily purchased from a full-service cyber-criminal store in a “Virus Depot” fashion. Join us in our upcoming webinar as we discuss how to best defend against these attacks!

rwhittleAuthor Commented:
This is another image of the malware or virus
0
rwhittleAuthor Commented:
When I check processes I realize that a lsass.exe file if running from c:\winnt\db5d\lsass.exe also services.exe is running from the same path likewise csrss.exe.  I have Mcafee on my system ver 8 fully updated and it is running over the file and no recognizing them as malware/virus/trojans.
0
rpggamergirlCommented:

Run Flash_Disinfector.exe or Combofix:
1. Download and run this tool and follow the prompts:
http://www.techsupportforum.com/sectools/sUBs/Flash_Disinfector.exe 

2.  Please download ComboFix by sUBs:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe 
You must download it to and run it from your Desktop
Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
Double click combofix.exe & follow the prompts.
When finished, it will produce a log. Please save that log and attach it in your next reply by pasting it in the "Code Snippet" or "Attach File" window.
Re-enable all the programs that were disabled during the running of ComboFix..

Note:
Do not mouse-click combofix's window while it is running. That may cause it to stall.
CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
 

You can also try Malwarebytes
Download Malwarebytes' Anti-Malware to your desktop. check for Updates before scanning.
http://www.malwarebytes.org/mbam.php
0
TekServerCommented:
You might also want to download and run HijackThis, and post the log file here.

http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download

:)
0
rwhittleAuthor Commented:
I captured the virus and sent it to Mcafee, in which they gave me an extra.dat file that fixed the problem.  The virus was key logger.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Anti-Virus Apps

From novice to tech pro — start learning today.