Hello Virus

 Do you receive    "HELLO"  message on the display screen while pasting some file or parts of  text  or code.
or
See "Internet Scripting Error" Message while opening drives or folders through My Computer or Network Neighborhood.

                 YOU ARE AFFECTED WITH   

WIN32.Generic.A@mm 
 
or

I-Worm/VB.TX  worm.


The new generation of  viruses, worms and Trojans are  utilizing more stealth and deep rooted attack policy to get attention. Most of these are less or medium level vulnerable to PCs but create annoying states amongst the affected users.
       The major spreading medium of these worms and trojans are the removable devices - USB FLASH DRIVES, MEMORY CARDS, MP3 PLAYERS etc.
       Amongst the latest and running worms in action the Virus - WIN32.Generic.A@mm  has been creating annoyance amongst all the affected Windows 98 users. Recently it has launched its new variant with name  I-Worm/VB.TX.
      
The virus is of low vulnerability but it causes a panic with all users.

Earlier the virus was  detected by McAfee only. Then Norton Antivirus  and SOLO got hold of it . The renowned AVG Ver 8.0 ( even spyware version) couldn't detect it anyway.

MODUS OPERANDI :

IT AFFECTS FROM ALL THE SHARED FOLDERS.
The virus embeds itself on executable files named after the parent folders, it also disguises itself with the icon of a folder. The executable file size is of just 56.0KB.

It creates :    Ghost.bat , Nethood.htm, folder.htt, desktop.ini  and sometimes temp.htt.    
All these files except ghost and nethood are hidden files.

It also creates an alfanumeric file with exe extension in the C:\Windows\Fonts folder. When the folder is accessed to view, the file disappears. The entry is found on the startup as TempCom.

Each affected folder with folder.htt when opened with My Computer or Web Browser gives the Internet Scripting error.
The files folder.htt and desktop.ini  created are not affected by any virus but are created by the virus.
The files are viewable only after making all files and folders visible under options menu in Windows Explorer.

These files ghost.bat and nethood.htm are not detected as threat by AVG but only by McAfee, Norton AV and SOLO which runs on Windows 2000 or WinXP.

The Ghost.bat file contains the Visual Basic Script which runs the whole virus code.

REMEDY :
If you are using the Windows 98 OS then use the SOLO Antivirus. Only the SOLO Antivirus  runs on Windows 98 to detect and kill this virus. It is a very small AV and doesn't affect the Computer much.
Update your antivirus regularly to keep the latest viruses away.

To detect and heal the virus manually - use the following method.

1. Delete the TempCom entry in the Startup Section of the   msconfig  at Start Menu -> Run.
2. Unhide all files and folders from the View section of the TOOLS -> Files and Folders in the Menu of the Windows Explorer.
3. In the SEARCH -> FOR FILES AND FOLDERS , search for - folder.htt, *dektop*.ini,ghost.bat,nethood.htm,temp.htt.  Delete these entries from the search result.