I have been baffled by this for a long time. I have seen folders vanishing & could not do anything. Tried a lot of AV softwares online & offline.



I finally ended up with eScan AV and MWAV free scanning utility + AV engine/database updater from www.mwti.net to come to my rescue. Use MWAV to check for the virus/Trojans/worms/adwares/spywares on the PC. If you do find any, I strongly suggest you to uninstall all the existing Anti Virus / adware programs and install the eScan software.



Download & Run the installation as a trial version. It will remove most of the virus/trojans, etc. After completing installation, reboot and run the utility MWAV again. The virus signatures & engine are updated to the latest. select drive-> all local drives option and click on the Scan & clean. Am using this software from the past 4 months and find it to be better than any software tried previously including symantec NAV, Mcaffee, Sofos, etc



**** For your information -> the trojan drops autorun.ini & MS32DLL.vbs files on connected disks to an infected machine. The folders are hidden and additional files with the foldername.exe is created. Try opening on a clean PC, the folders have vanished & will try to infect the clean machine you have connected the infected flash disk.



Clean the infected flash disk on another PC and use on infected PC, the folders are back, but still have the infection. Hence use eScan to clean all infections (machine+flash disks) completely and then use the flash anywhere.****



Yahooooooo...All your problems are sorted out.



Have a nice day :)

2

You've got more than just that one trojan going on.... because that trojan (as you can see from the other persons pasting of it's description) does not change files.exe to folders.



If all of the files are the same size.. then that would be very suspicious to me... unless you magically had all your files the same size to begin with?



Obviously, these "folders" are not really folders...

and they are probably not your files or you could just rename them to jpegs?



If you do not beleive... download strings for windows and run strings on them to see if they contain any of your information.

You can get it here:

http://www.microsoft.com/technet/sysinternals/Miscellaneous/Strings.mspx



If you know anything about identifying a files header information you will be able to carve out your good data if it's there or can hire a forensic analyst... but I highly doubt it...



good luck.

This appears to be the most accurate info.



http://www.sophos.com/virusinfo/analyses/trojhidero.html



Quoting:

Troj/Hider-O is aTrojan for the Windows platform.



When installed Troj/Hider-O copies itself to the \isass.exe.



The file isass.exe is registered as a new system driver service named "CSNetManagerXp", with a display name of "CSNetManagerXp" and a startup type of automatic, so that it is started automatically during system startup. Registry entries are created under:



HKLM\SYSTEM\CurrentControlSet\Services\CSNetManagerXp\



I don't have any way to test whether renaming a folder as an .exe file wipes out the folder's data. I think the data is still recoverable.



Does the file size of the .exe approximately equal the folder size that it replaced?



You might be able to BLOCK isass.exe by using my rootkit blocker process. I'll post a link.



Good luck,

- CarlD



https://answersrip.com/question/index?qid=20070904044220AA2aT9l

Check your files. Perhaps, all of the folders on your drive are just on a hidden attribute. use the cmd command: attrib *.* -h -s or simply check the Show hidden files and folders in Folder Options.. in the tools menu of the Explorer.

Cleaning the register is a good way of improving the performances of your pc and eliminate malwares and trojans. A program I trust is CCleaner http://j.mp/UrAHbv

It's a very good program and easy to use.

The FIRST thing to do is DISABLE System Restore.

If enabled, this allows malware to hide in the computer and re-install itself. To disable it, RIGHT-click on "My Computer." Select "Properties" then under the 'System Restore' tab, check 'Turn off system restore' IF not already checked.

The next most helpful things that would help you are to use ONLINE scanners from websites to remove any malware on your PC. The current best online scanners I prefer are from Kaspersky antivirus and Bitdefender antivirus. Together, these 2 scanners will find ALL the bad stuff on your PC because they have the BEST detection rate.

First, use Kaspersky's. (FYI: ALL these scans require you to agree to a EULA and install an activex control which is needed to perform the scan, so agree to them all.)



*NOTE: Some scanners ONLY work with IE or may not fully remove malware



http://www.kaspersky.com/virusscanner......



Then scan with:

http://www.bitdefender.com/scan8/ie.html...





There are MANY other good online scanners which you may choose to also use (which will take longer but ensure safety):



http://onecare.live.com/site/en-us/defau... (Windows Live Onecare)



http://www.emsisoft.com/en/software/ax/.... (A-squared scanner)



http://www.ewido.net/en/onlinescan/...... (ewido)



http://www.ca.com/us/securityadvisor/pes... (Spyware scan)



http://www.ca.com/us/securityadvisor/vir... (Virus scan)



http://www.pandasecurity.com/homeusers/s... (Panda Antivirus)



http://www.housecall.trendmicro.com/...... (TrendMicro)



http://www.eset.com/onlinescan/...... (Nod32)



http://support.f-secure.com/enu/home/ols... (F-secure)





After using these, it's ESSENTIAL to install at least 3 antispywares. Do NOT use more than 1 antiVIRUS or firewall as they conflict.



The best things in life are FREE, and great free software can be found @:



Superantispyware.com (Superantispyware FREE)

lavasoft.com (Ad-aware SE)

emsisoft.com (A-squared FREE)

safer-networking.org (Spybot S&D)

javacoolsoftware.com (SpywareBlaster)

microsoft.com (Windows Defender)

free-av.com (Avira AV)

siteadvisor.com (Tells you how safe websites are)

phoenixlabs.org (Blocks malware, government, anti-p2p org's)

zonealarm.com (Top Notch Firewall)

comodo.com (Another Top Notch firewall)

iobit.com (Advanced Windows Care)

Eusing.com (Registry cleaner)

ccleaner.com (Junk file cleaner)





Now if you can afford it, the best software to BUY are:



Spy Sweeper (VERY much worth the $$$)

Security Task Manager

Norton Internet Security

Kaspersky (BEST! =D )

Bitdefender (2nd BEst!)

F-secure (Same as Kaspersky)

Linkscanner (Blocks exploits in real time)

Advanced Uninstaller



If there's ever ONE file you suspect is infected, you can try some single file scanners which use MULTIPLE engines to scan ONE file.

They are @ virusscan.jotti.org or virustotal.com



If you're PC is squeaky clean, re-enable system restore because it IS good to have but we needed to shut it off to wipe out the malware.

Just RIGHT-click on "My Computer." Select "Properties" then under the 'System Restore' tab, UN-check "Turn off system restore."





*Another thing to consider is using another browser besides Internet Explorer. It has a lot of security holes,

making it less safe. I prefer Firefox from mozilla.org.

It's easy to use, FAST, and has a lot of neat little add-ons you can toy around with. It is also safer from exploits than IE.*





As always, things will vary. I just hope the best for everybody. I'm bound to get some jealous thumbs-down but there's only one way to find things out---try it!

Keep an UPDATED Antivirus, Antispyware, & firewall and things will be fine. And always browse wisely.

As a side note, please email me any/all websites you got the infection from or if any are popping up or hijacking you so I can help further security software's measures.

Sometimes you may get a NEW and Unknown malware and I can submit it to be blacklisted/investigated to security companies.

Hope I was able to help. If I have, please consider returning & leaving a nice comment and

"Best Answer" to whomever you thinks deserves it...