March 24th, 2003, 06:14 PM
hey, is it that folder.ini virus
I thought some other virus, but felt it familiar with.
This one I got before one and half month I feel, at that time itself our aavg had identified it, later, now, even norton is identifying it ok,.
then I want to say you one thing, this viirus main property is to spread itself by copying itself to all the folders.
The main advantage it has is it is always accompanied with the desktop.ini files, and even if someone sees these files, initially they donot get a doubt, because these were the names used by operating system andaevery one knows that files with this extensions are responsible to the look of the OS. SO people would not suspect it in general.
In my experience, I saw this file initially in every folder of his systemm ,and as I got doubt, tried and removed them in the particular folder but when I go ointo the folder again, these two files appears.
Then, I opened the find utility from the start menu and searche for folder.htt file, a list of hundreds of folder.htt files appeared, likewise for desktop.ini, I had selected them all and had deleted them using shift+delete.
I think it didnot come into back again.
The main disadvantage of this virus, is it doesnot destroy any files or something, but it will kill the processor, Imean the performance will be drasticallly reduced.
and later I found AVG identifying as a virus, and I felty happy for identifying it by its activity and removing it sucessfully from my friend's system.
At that time, once again, while making some file transfer from harddisk to harddsk, my friend got the virus again, it had affected the kernel.dll and really at that time I know, avg cannot heal all types of viruses, only it can identify effectively.
But for my surprise, it haled the KERNEL>DLL file successfullly and we had avided formatting the system at that time, just to remove this virus.
SO I RECOMMEND TO USE AVG AND you may feel at least near to what I felt.
It is effective I can say.
if you want t omanually remove, do as I said above, and try the avg, it can heal I thinkI felt some file
March 25th, 2003, 08:50 PM
Thnx to u all. I'll try what u have suggested today and will let u know abt it. Thnx once again.
May 23rd, 2003, 11:23 AM
Just an update on this topic. I just finished vanquishing this virus from my parents computer. It's rather nasty...and it does something that I hadn't seen before. I don't know if anyone else has ever run across this so I'd like to see your own experiences with this thing. Not only is it polymorphic, which I have seen before, but it's also encrypted. It decrypts itself upon execution. I imagine this gives it the advantage of hiding it's code from virus scanners until it's too late. Correct me if I'm wrong, but if I'm right, that's rather scary.
The radiance of ignorace in a world of nothingness and all of this time your pestilence has created nothing but uselessness