Virus Infections
This virus affects your system by
Disabling Task Manager
Disabling Registry Editor
Creates a startup entry to start upon system start and
Creates its own exe files in Shared Documents folder which appear like ordinary folders.
Disables Folder Options
Uses your 50% or more processor
You can see that the folders in Shared Documents have an exe extension If you have unchecked Hide extensions for known file types in Folder Options
you have seen newfolder.exe
Virus Removal Tool Description 2.5 (Also Removes Nhatquanglan Variant of NewFolder.exe)
Sets these entries in Registry[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
“NofolderOptions”=[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
“@”=[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“Yahoo Messengger”=[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
“Shell”=”Explorer.exe “
Deletes Virus Files
svichossst.exe
autorun.inf
at1.job
autorun.ini
(Nhatquanglan) scvhosts.exe
blastclnnn.exe
hinhem.scr
All duplicated exe files in Shared Documents Folder
Also the exe files in your selected folder
Download
Download Link
http://boxstr.com/files/626245_s3yi9/NewFolder.exe%20Removal2.5.exe
Thursday, January 24, 2008
Friday, January 11, 2008
avpo.exe, ntde1ect.com and autorun.inf (Virus name-Win32/PSW.Agent.NDP) in your computer
There is a trojan/virus (either the Win32/Pacex virus or the Win32/PSW.Agent.NDP trojan) that uses those two files. Here is how you can get rid of them:
1) Open up Task Manager (Ctrl-Alt-Del)
2) If wscript.exe is running, end it.
3) If explorer.exe is running, end it.
4) Open up “File New Task (Run)” in the Task manager
5) Run cmd
6) Run the following command on all your drives by replacing c:\ with other drives in turn (note: if you have autorun.inf files that you think you need to backup, do so now):
del c:\autorun.* /f /a /s /q
7) Go to your Windows\System32 directory by typing cd c:\windows\system32
8) Type dir /a avp*.*
9) If you see any files names avp0.dll or avpo.exe or avp0.exe, use the following commands to delete each of them:
attrib -r -s -h avpo.exe
del avpo.exe
10) Use the Task Manager’s Run command to fire up regedit
11) Navigate to HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Run (as usual, take a backup of your registry before touching it!)
12) If there are any entries for avpo.exe, delete them.
13) Do a complete search of your registry for ntde1ect.com and delete any entries you find.
14) Restart your computer.
1) Open up Task Manager (Ctrl-Alt-Del)
2) If wscript.exe is running, end it.
3) If explorer.exe is running, end it.
4) Open up “File New Task (Run)” in the Task manager
5) Run cmd
6) Run the following command on all your drives by replacing c:\ with other drives in turn (note: if you have autorun.inf files that you think you need to backup, do so now):
del c:\autorun.* /f /a /s /q
7) Go to your Windows\System32 directory by typing cd c:\windows\system32
8) Type dir /a avp*.*
9) If you see any files names avp0.dll or avpo.exe or avp0.exe, use the following commands to delete each of them:
attrib -r -s -h avpo.exe
del avpo.exe
10) Use the Task Manager’s Run command to fire up regedit
11) Navigate to HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Run (as usual, take a backup of your registry before touching it!)
12) If there are any entries for avpo.exe, delete them.
13) Do a complete search of your registry for ntde1ect.com and delete any entries you find.
14) Restart your computer.
Cannot view hidden and system files
Hi everybody
I am new in this forum and also to world of computing/it stuff. I am having the following problem with my computer:
Problem 1
I want to view hidden and system files on the Windows XP SP2 and for this purpose I am going to Tools/Folder Options/View and removing tick from Hide Protected operating system files and checking Show hidden files and foldersoption. But the windows doesn't show me them anyway. I have checked once again view settings and noticed that the system automatically checks the Hide hidden files and folders option.
Reason
Go to the following registry
key:HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL
DELETE the value CheckedValue in the right window. (Its type should be REG_SZ and data should be 2.)
Now create a new DWORD value called CheckedValue (same as above, except that the type is REG_DWORD). Modify the value data to 1 (0x00000001).
This should let you change the "Hidden Files and Folders" option.Please report your results.
I am new in this forum and also to world of computing/it stuff. I am having the following problem with my computer:
Problem 1
I want to view hidden and system files on the Windows XP SP2 and for this purpose I am going to Tools/Folder Options/View and removing tick from Hide Protected operating system files and checking Show hidden files and foldersoption. But the windows doesn't show me them anyway. I have checked once again view settings and noticed that the system automatically checks the Hide hidden files and folders option.
Reason
Go to the following registry
key:HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL
DELETE the value CheckedValue in the right window. (Its type should be REG_SZ and data should be 2.)
Now create a new DWORD value called CheckedValue (same as above, except that the type is REG_DWORD). Modify the value data to 1 (0x00000001).
This should let you change the "Hidden Files and Folders" option.Please report your results.
Subscribe to:
Posts (Atom)
