Hi Mike

 

I've had a look through our sample collection and can't find a file which matches this name.

 

Before we go down a more complicated root, can you ensure that you're displaying hidden files and folders? You can go this in Explorer through Tools --> Folder Options. Go to the view tab and choose the option for "Show hidden files and folders".  If you can then see the file in explorer, then please submit it to us for analysis through https://submit.symantec.com/retail.

 

Thanks

 

Orla

Symantec Security Response 

 

Hi Orla

 

Yes, I've tried showing hidden files so I could clear out the temp internet files.  I've even tried to type the folder into the path bar, but it came up as not found.  So no joy with that one I'm afraid.  I haven't been brave enough to see if I can find it through DOS.  It's been a long time since I've been in there....

 

Mike

I'm seeing quite a bit of Google discussion about fauxvirus.

General thinking is rootkit which would explain your situation. 

I have found a file named 6x8be16.cmd and I guess this is the source of the infection.

The code:

 

 

[Edit: code of possible infection removed; data still available]

---

javigast wrote:

I have found a file named 6x8be16.cmd and I guess this is the source of the infection...

---

I would recommend sending a virus submission sample here:

 

https://submit.symantec.com/websubmit/retail.cgi

 

Thanks! 

I have the same problem.  Scans hit C:\fauxvirus\carny_ride.exe and then stop.  Searches with Windows Explorer and at the command prompt come up empty even when searching system and hidden files.  Other AV and anti-spy products fail to report it.  Not seeing anything under Task Manager which seem to be it.  Some forums are saying it is a rootkit or haxdoor.  Some say it is a bug in Norton and doesn't really exist.

---

SatelliteGuy wrote:
I have the same problem.  Scans hit C:\fauxvirus\carny_ride.exe and then stop.  Searches with Windows Explorer and at the command prompt come up empty even when searching system and hidden files.  Other AV and anti-spy products fail to report it.  Not seeing anything under Task Manager which seem to be it.  Some forums are saying it is a rootkit or haxdoor.  Some say it is a bug in Norton and doesn't really exist.

---

Have you also followed the steps listed in the How To Troubleshoot a Suspected Malware Infection announcement? This is a more advanced way to troubleshoot the issue, and it sounds as if you have tried the more simple suggestions. Please let us know how this document helps. Thanks!

I noticed this today as well. The only thing Ive downloaded is Malwarebytes' Anti-Malware. Could it be a part of that software?

i have this file showing up also. can't find it in my computer anywhere. only showed up when quick scaning with norton 360 1.0. swithched to 2.0 and it doesn't show up anymore. is this a real virus or not? it isn't causing any problems.