Video Screencast Help
Search Video Help Close Back
to help
Not able to make it to Vision this year? Get a sampling in the Best of Vision on Demand group.

Folder name .exe virus

Updated: 07 Jul 2010 | 5 comments
Sayaji Navadkar's picture
Sayaji Navadkar
0 0 Votes
Login to vote

We have symantec endpoint protection Security antivirus. From last 3 months we are having problem with one virus which creates folder name with .exe files when double click on any folder.
Around 30 machines infected due to this. Our antivirus definition is updated up to date.

Please suggest how to clear this virus.

Regards
Sayaji
System Administrator
Minda Stoneridge Instruments Ltd

Discussion Filed Under:
, ,

Comments

Abhishek Pradhan's picture
24
Jun
2009
1 Vote +1
Login to vote
Abhishek Pradhan

Sounds like W32.SillyFDC /

Sounds like W32.SillyFDC / W32.SillyDC to me.

Run a scan in safe mode only to remove the virus.

Also, disable System restore before you do this as the virus alse creates entries in the System Restore Points store volumes.

Additionally, disable Autoplay for ALL DRIVES Via a GPO (If you're on a domain), and also disable SImple File Sharing if it's enabled to prevent the infection from propogating itself by binding to files.

Abhishek Pradhan, PMP, MCT
Consultant | Microsoft Corp.
Blog: http://blog.abhishekpradhan.net | SIG Lead - Pune IT Pro (Microsoft Pune User Group) | http://www.puneusergroup.org

jbmtl's picture
24
Jun
2009
1 Vote +1
Login to vote
jbmtl

.exe removal tool

hi,

If this .exe virus infected in you computer, It will Disable the following …

Task Manager, Registry Editor, Folder Options, Run in start menu

And it will create exes like the icon of folders. If this virus is running it will use more than 50 % of your processor

Download following tools to remove new folder.exe virus follow the link below to downlaod the tool

http://download.bleepingcomputer.com/sUBs/ComboFix.exe ( run tools In safe mode )

Manually remove it (new folder.exe Fix)

Delete File named svichossst.exe

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
“@”=[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“Yahoo Messengger”=

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
“Shell”=”Explorer.exe “

kokwai's picture
07
Jan
2010
0 Votes 0
Login to vote
kokwai

virus "new folder.exe" cant delete

where can Delete File named  " svichossst.exe " ?
and i already follow the step but also cant delete the virus,so any solution for me ,
Thank

Grant_Hall's picture
07
Jan
2010
0 Votes 0
Login to vote
Grant_Hall

 Hi Kokwai, You should make a

 Hi Kokwai,

You should make a new thread on this subject. This post that you replied to is very old and will most likely be ignored by most users in this forum. In your new post please provide the following information.

What version of SEP you have
How many clients are affected
More detailed information about this "svichossst.exe" such as its location and how many of them are being created ect ect

Thanks
Grant

Please don't forget to mark your thread solved with whatever answer helped you : )

kokwai's picture
07
Jan
2010
0 Votes 0
Login to vote
kokwai

virus "new folder.exe" cant delete

Hi Grant
i'm using
SEP Client Version 11.0.5002.333
SEPM Version 11.0.5002.333
around 10 user are effected ,i try to format all pc can ,but
when folder is sharing will automatic create the new foder.exe is share folder,so how ?

thank
 kok wai

Technical Support

Symantec.com

Store

Community Stats

Total Content Items
Members
270,005