Virus is infected the storage. File name is totally different and not be clean

File type - CM0013 File (.cm0013)

Data folder is in shortcut and when i have check the property it show the traget path is

"C:\WINDOWS\system32\rundll32.exe ~$WWBY.FAT32,_ldr@16 desktop.ini RET TLS " ""

How to remove this virus.

Antivirus is updated and all patches are update.

Scan the torage device but not be detected.

Submit the infected file to symantec for the analysis.

https://submit.symantec.com/websubmit/gold.cgi

--Edit--

Run the threat analysis scan.

How to run the Threat Analysis Scan in Symantec Help (SymHelp)

Run the Threat Analysis Scan:

How to run the Threat Analysis Scan in Symantec Help (SymHelp)

http://www.symantec.com/docs/TECH215519

Also check these additional links:

Is your system infected? Symantec tools to help clear an infection

https://www-secure.symantec.com/connect/forums/your-system-infected-symantec-tools-help-clear-infection

Symantec Endpoint Protection – Best Practices

http://www.symantec.com/page.jsp?id=stopping_malware

Security Response recommendations for Symantec Endpoint Protection 12.1 settings

http://www.symantec.com/docs/TECH173752

Hi sunnyc_up,

What kind of storage device are you using- NAS, SAN, etc?

~$WWBY.FAT32,_ldr@16 desktop.ini RET TLS " ""

Is there any file named anything similar?  Open the desktop.ini with notepad and see if there is anything unual in there.

A few internet searches indicate that this file type may just be corruption / a matter for checkdisk rather than security.  For example: https://ph.answers.yahoo.com/question/index?qid=20140524065004AAfhXtx

Many thanks in advance for more information!

Mick

Symantec is now cleaned this virus.