Over 1 million tech questions and answers.

Dorkbot Virus infection. It converts all files in flash drive to hidden files.

Q: Dorkbot Virus infection. It converts all files in flash drive to hidden files.

Both laptops OS : Win 7

As above. I bought a new laptop recently and stupidly went to surf the net for a short period without any AntiVirus protection.

Soonafter, I inserted some flash drives to transfer stuff to my new laptop, but I realised that all the files in my flash drives are hidden and replaced by shortcuts.

I suspected a virus and inserted my flash drive back to my old laptop, which AVG immediately detected as a Dorkbot Backdoor. I recovered all my files in the flash drives already.

I installed and ran AVG full scan on my new laptop, it removed mostly Dorkbot Backdoors , trojans and 1 corrupted executable.

However, I tried accessing most Antivirus sites such as Norton to test, but I can't connect to it.

I think the virus is still present somewhere.

Any help is appreciated. =)

RELEVANCY SCORE 200
Preferred Solution: Dorkbot Virus infection. It converts all files in flash drive to hidden files.

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: Dorkbot Virus infection. It converts all files in flash drive to hidden files.

Update :

I've decided to reformat my new laptop since it is new anyway. It isn't a painful process yet.

Will update if the traces of the virus is still present.

Read other 1 answers
RELEVANCY SCORE 104.4

Hi.

I've been experiencing a lot of problems.

For one, the computer does not show hidden files. If I tick the show hidden files option box, it would just return to Do not show hidden fiels and folders.

Another problem is that Flash Drives can't be opened with double click. The Flash Drive does not contain any Flash Drive Disinfector though.

Lastly, I can't access some websites related to antiviruses and anti malwares. Websites like Malwarebytes, Panda Security, and the like.

Hope you guys can help me with my problem.

Thanks.

DDS Log:

DDS (Ver_09-06-26.01) - NTFSx86
Run by Administrator at 8:36:42.04 on Mon 06/29/2009
Internet Explorer: 6.0.2900.2180
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.254.99 [GMT 8:00]

AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Java\jre1.6.0_07... Read more

A:Can't show hidden files, Flash Drive Virus

Hello tattoi and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the resul... Read more

Read other 17 answers
RELEVANCY SCORE 101.2

Any files I move to external drives are converted to windows system files, hidden, and have a shortcut created.  Anything in a folder is not touched.  It doesn't seem to reinfect other computers that it is subsequently plugged into.  Tried Malware Bytes and it did not remove the problem.  Running Windows 8.1.  Saw a suggestion of using Combofix on another forum, not Windows 8.1 Compatible. DSS is not compatible either it tells me.  

A:Files moves to flash drive converted to system files and hidden

Hello,it's important that you don't open one of these shortcuts from now on. This leads to a re-infection.Please run a FRST scan to begin with:Please download Farbar Recovery Scan Tool and save it to your Desktop.(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)Start FRST with administator privileges.Make sure the option Addition.txt is checked and press the Scan button.When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.Please copy and paste these logs in your next reply.

Read other 17 answers
RELEVANCY SCORE 84.4

I got a notebook with win 7 infected by a pen drive hidden file virus.
 
Someone tried to access a folder in the pen drive but the folder, in fact, was a shortcut leading to a .js script.
 
After that the notebook got infected and i can`t manage to clean it.
 
I already tried after running unhide and Rkill: Super AntiSpyware, Malwarebytes Anti-Malware, Malwarebytes Rootkit, Combofix.
 
If i try to acess the msconfig, regedit, or any of the softwares listed above without renaming the .exe file, the virus closes the program.
 
Also if i use an USB, all my folders become invisible and are replaced by a shortcut.
 
 
Need help!

A:Infected By a Pen Drive Hidden Files Virus

Welcome aboard  Since you ran Combofix.... Please follow the instructions in THIS GUIDE starting at Step 6. If you cannot complete a step, skip it and continue.Once the proper logs are created, then make a NEW TOPIC and post it HERE. Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

Read other 1 answers
RELEVANCY SCORE 81.6

Hi,
Recently my internet connection was down so i used my brother's pc to do all my assignments and videos. i didn't know that his pc is full of viruses and I ended up getting a virus called Trojan horse Generic3.GTK which caused all my files in my C,D,E & external hard drive to be hidden. Whenever I right-click the drive ??(0) comes out at the top. When I click on open, the pc doesn't know what program to open it with.
I ran the AVG anti virus 8.0 and it cleaned all the viruses but ??(0) is still showing and I can't do anything coz my filles are hidden.

Please Help Me....

I have attached my hjt log below...

Logfile of HijackThis v1.99.1
Scan saved at 11:13:18, on 10/25/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\UAService7.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\... Read more

Read other answers
RELEVANCY SCORE 80.8

hi,
i have a problem with virus, it hides my files, or have encrypted it, i dont know. even if i scan with my kaspersky antivirus still i cant see my files. my friend told me to use data recovery softwares, i tried some with no success. i can see some files but on my .pst file i can only see emails up to october 2010, what happen to my emails from that period up to april 2011? any advice?

A:Hidden files, or damged files caused by a virus.

Hello and welcome to TSF.

We want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

Please follow our pre-posting process outlined below. Use a USB flash drive to download and transfer the tools to the affected machine, if necessary. You might like to run the Flash_Disinfector.exe on the clean machine and the flash drive first to protect against any possible transfer of infection via USB.


NEW INSTRUCTIONS - Read This Before Posting For Malware Removal Help - Tech Support Forum

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

Read other 1 answers
RELEVANCY SCORE 77.2

Hi,

I am guessing this will be either incredibly easy and I am missing something, or incredibly difficult to achieve.

But what I am wanting is to setup my system so that one partition has the ability to view all of the hidden windows files and folders and also hidden system files.

However at the same time for none other partitions on my PC to have this ability.

I can set this up affecting all paritions but there are some that I do not want this feature on.

I know I can laboriously keep switching it back and forth on the drive I want but I would not like to have to do this unless absolutely necessary.

So does anyone know any method that I can achieve what I am wanting.

Thanks
Anthony

Read other answers
RELEVANCY SCORE 76.8

I'm trying to help a friend who's locked out of WIn7 Pro due to fake AV. All files are missing but I'm assuming they're hidden since I can transfer them in TeamViewer File Transfer.

I can also open Task Manager to run explorer.exe to get to Program Files to run their .exe and am running Malwarebytes now with 21 infections already found and cleaned up.

I was out of the room when Malwarebytes results came so he cleaned up the 21 infections without noting which Fake AV scan was detected. We regained no functionality after scan, so I'm running Full Scan again. Should I also run a root kit scan now?

It's strange that Program Files are there but everything in Users is missing. I'm assuming it's hidden since I can transfer needed files out using Team Viewer, so is there a way to restore them with additional Cleanup?

I'm just about to run SFC.

A:Fake AV infection - files hidden?

Quote:
All files are missing but I'm assuming they're hidden since I can transfer them in TeamViewer File Transfer.


Well, in that case, have you tried booting off your friend's pc with a live cd and recover those from there?






Quote:
so I'm running Full Scan again. Should I also run a root kit scan now?


i'd wait for the scan to finish. It wouldn't hurt to do a rootkit scan though caution should be exercised as these may produce false positives.

Read other 9 answers
RELEVANCY SCORE 75.2

Hi,am running win 7 ultimate on a stand alone computer not currently connected to the internet.I am only user and have two visible accounts,a standard admin,and the Built in admin account Recent scans have shown the existence of an account named C:\users\ADMINI~1,its files are hidden,and cannot be shown,I have tried the folder option panel,the attrib command and would like to know what else I can try. Many thanks
Activity includes hidden files that can't be unhidden Firewall disabled windows update disabled system restore disabled and access blocked to System Volume information...this appears in scans as C\:SYSTEM~1 Hidden services running at startup Access denied in various areas of registry,and permissions that can be changed revert back on reboot Built in admin denied specific permissions(seen in Process Explorer) ''Account Unknown'' appears in some file properties Malwarebytes found Trojan activity but I think there are areas that need cleaning up When I was connected to internet,credit card details were stolen,and various unknown websites were being accessed Anti virus programs appear to install but either will not run,or update,or skip hundreds of files Recycle bin is corrupted Reinstalling Windows does NOT help.
Have transferred this topic from win 7 forum,hope this is OK
Also am using tablet and have problems copying from documents so am hoping it will be alright to attach things
Have included MBAM log which was first time any security program ran properly and found s... Read more

A:Unknown Infection-Hidden Files and Access Denied

Hi and Welcome!!
 
My name is Jeff. I would be more than happy to take a look at your malware results logs and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:
 
The fixes are specific to your problem and should only be used for the issues on this machine.
It's often worth reading through these instructions and printing them for ease of reference.
If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
Please reply to this thread. Do not start a new topic.
If you happen to have a flash drive/thumb drive please have that ready in the event that we need to use it.
Please be sure to subscribe to this topic so that you can see when there are new responses.
IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your operating system and losing all your programs and data.
 
Having said that.... Let's get going!!
----------
Please download aswMBR to your desktop.
Double click the aswMBR icon to run it.
Click the Scan button to start scan.
If you are asked to update the Avast Virus database please all... Read more

Read other 44 answers
RELEVANCY SCORE 75.2

Hi everybody, I'm new to this forum and thanks in advance for any suggestion.
My laptop has been infected (I guess) and after rebooting I found a new desktop, date and time very old and all the data I had in a folder on the Desktop lost.
I checked the HD space and it looks like the data are still there somewhere.
I already turned on all the hidden files visualization check. I run malware bytes without finding any issue. However, I have problem using Ad-Aware, I don't know why. Microsoft essential security works fine and detects nothing.

Unfortunately before coming to this website I ran combofix sent to me by a friend, so I have a log, even if I should have wait to be asked for.

If you have any idea of what could have happened to my laptop and all my data it will be great. I attach to this the combofix log.

Thank you very much
 ComboFix.txt   14.44KB
  0 downloads

A:unknown infection, all personal data and files hidden

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything. We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. To help Bleeping Computer better assist you please perform the following steps:*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/418079 <<< CLICK THIS LINK If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lo... Read more

Read other 2 answers
RELEVANCY SCORE 75.2

I was surfing online and randomly this adobe flash installer caused my UAC to pop up asking to allow the install, I know it wasn't flash but it just kept coming up so I shutdown, got into safemode, files looked gone, but I just checked show hidden files. I ran combofix since i've used it numerous times before, but without a script this time. It never showed its logs, but it deleted the infected files. Then I ran hijackthis and found some suspicious stuff running.. RKill shut down some processes for me too, but I don't seem to be able to decipher them well. In conclusion I have hidden files all across my system now, my program shortcuts aren't in the start menu, except remote desktop connection.. I did have to remove the virus causing the popups and all to come. I did not record down the name, didn't even think of it.

Logs are below.
 hijackthis.log   6.09KB
  4 downloads

 rkill.log   1.05KB
  1 downloads

A:Files Hidden, System Restore files hidden/gone - Windows 7

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will ap... Read more

Read other 5 answers
RELEVANCY SCORE 73.6

Hey all,

I sent some vCard files to my PC (windows 7 ultimate) and the default bluetooth program notified it is in windows contacts. When I open it, it is in .contact format. I thought phone is sending the format, so I tried to send another contact as a message to another phone. However, at that time the message subject displayed "nameOfPerson.vcf" !!! Which means, it is sending vCards!! I don't need .contacts, I need vCards, how to achieve this in windows? Please help!
 

A:windows converts vCards to .contact files?

Hello?
 

Read other 1 answers
RELEVANCY SCORE 73.6

Hi guys everytime i try to get itunes to import a cd or convert a file that was used in ms media player, it converts about 3 songs then makes three tones from the mother board and shuts the whole computer down. really frustrating as i have a new ipod and really want to get music on it. Can anyone help !!! starting to get a bit desperate as to how to fix.
 

A:System shuts down when itunes converts cds from wav files

Read other 8 answers
RELEVANCY SCORE 72.8

hi
I download RogueKiller and saved it to the desktop and performed the first scan with windows and browsers open. then realized that they should be closed so did another scan with everything closed. you can find both reports attached.
then as you instructed I used the "attrib -h -s -r -a /s /d G:\*.*"
my flash drive name is G:\
nothing seemed to happen in the command prompt as you see in the attached photo
then I checked my G:\ drive
the administrator shortcut still exists but the autorun.ini is gone for now. not sure if its permenantly gone though.
when i double click on the administrator shortcut i recevie this error: can not find script file "G:\Microsoft.exe".
at some point in the middle of these steps an unnamed folder showed up in the G:\ drive and a file with this extention: ".init" or something and one more file which sadly i can not recall its name. i shift+deleted them successfully.
after these steps I downloaded Rkill and ran scan. you can also find the report attached to this post.

I shoud also inform you that prior to these steps I used autorun exterminator for killing the autorun.ini but it did no good and kept cycling in a loop which the program deleted the autorun file but it kept regenerating itself over and over again.
oh and my anti virus does not detect any threats. it is ESET Smart Security.
there is also this wierd thing about my flash drive! the other day I inserted it into a pc at coffe net and on that pc I could see... Read more

A:autorun.ini , hidden folder and shortcut virus on flash drive

I pressed the left shift key and inserted the flash drive, no autorun poped up but the scan and fix error still shows up. did I do it right?
I ran the rougeKiller as administrator then scanned and pressed delete with lots of doubts ! when the deleting finished a notification poped up: "you must restart you computer to ??? user account settings"
should I be worried about this?
The delete report and dirlist are attached.
RKreport[0]_D_07082013_094159.txt
dirlist.txt
I also found out that I have $recycle.bin virus and system volume information on my laptop :|
should I start a new topic for that too?

Read other 4 answers
RELEVANCY SCORE 72

I recently received a virus that caused my desk top icons to disappear along with my files, which is what led me to this site. I ran the unhide.exe and my icons reappeared as well as most of my programs.
Control panel,My computer, recent documents, etc failed to return to my "All Programs" I am able to get to them in a round-about way. I would like to get them listed again in All programs. Any help would help. HMMM, Gerry

A:virus and hidden files

In "All programs" alot of programs are not showing up. My computer, control panel my documents,etc. Most of the programs listed are showing (empty) for files. After removing the virus using .
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 12/25/2006 11:29:12 AM.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Gerry Buczek at 19:08:05 on 2011-11-26
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3518.2672 [GMT -5:00]
.
AV: PC Cleaners *Disabled/Updated* {737A8864-C2D9-4337-B49A-B5E35815B9BB}
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: Norton Internet Worm Protection *Disabled*
.
============== Running Processes ===============
.
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\stsystra.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Common Files\InstallShield\UpdateService&... Read more

Read other 3 answers
RELEVANCY SCORE 72

My PC's files are all hidden! I've run 2 Malwarebytes full scans, one in safe mode and one logged in normally. I've seen an executable on this site that will unhide files. Would anyone recommend me to scan with more AntiMalware/Virus/Spyware software? I'm not completely familiar with understanding the logs and knowing what is malicious. Thanks in advance for any help!!!PS - Is AVG 2012 Free or Avast! 2012 Free better software?Edit: Moved topic from XP to the more appropriate forum. ~ Animal

A:Hidden Files Virus

Hello, DO NOT run a Temp file or Registry cleaner now.This infection family will also hide all the files on your computer from being seen. To make your files visible again, please download the following program to your desktop:Unhide.exe Once the program has been downloaded, double-click on the Unhide.exe icon on your desktop and allow the program to run. This program will remove the +H, or hidden, attribute from all the files on your hard drives. If there are any files that were purposely hidden by you, you will need to hide them again after this tool is run.Now run RKill....Download and Run RKillPlease download RKill by Grinler from one of the 4 links below and save it to your desktop.

Link 1
Link 2
Link 3
Link 4

Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
If nothing happens or if the tool does not run, please let me know in your next replyDo not reboot your computer after running rkill as the malware programs will start again. Or if rebooting is required run it again.^^If you get an alert tha... Read more

Read other 9 answers
RELEVANCY SCORE 72

Compaq Presario V6500.

I had a virus on the computer, cause all my files suddenly became hidden files. So I backed up my data, reloaded my operating system, and reloaded the files from the backup.

But they still appear as hidden, how do I unhide all of those files. I went to the folders option and checked the 'show hidden files and folders' so that the files reappeared, but they still appear as hidden (the icons are faded)The files are located in various folders, the folders themselves are not hidden just the files in them.

I know I can go to each folder, select all the files and then right click on any of the files, go to properties and uncheck hidden. But that takes way too long, is there a way to unhide all the files in all the folders quickly?

A:Files hidden by virus

So I backed up my data, reloaded my operating system, and reloaded the files from the backupIf you did just that, you possibly reloaded infected files.Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/products/malwarebytes_free to your desktop. * Double-click mbam-setup.exe and follow the prompts to install the program. * At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. * If an update is found, it will download and install the latest version. * Once the program has loaded, select Perform quick scan, then click Scan. * When the scan is complete, click OK, then Show Results to view the results. * Be sure that everything is checked, and click Remove Selected. * When completed, a log will open in Notepad. * Post the log back here.Be sure to restart the computer.The log can also be found here:C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txtOr at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt========================================================================Download aswMBR to your desktop.Double click the aswMBR.exe to run it.Click the "Scan" button to start scan:On completion of the scan click "Save log", save it to your desktop and post in your next reply:NOTE. aswMBR will create MBR.dat f... Read more

Read other 2 answers
RELEVANCY SCORE 72

Hello,

Yesterday my laptop got into trouble with a virus trying to sell me Windows 7 Anti-Virus 2011,
an obvious virus giving me all kinds of warnings and popups, rederecting my browser and hijacking the Action Center.
I scanned with MBAM and got rid of most of the symptoms. The only problem now seems to remain that I can't access
most of my folders and files, they are simply gone even though my hard drive is the same size and I can access them though winamp/other programs.
I tried a system recovery as well. This gave me access to some of my files but still they're still largely hidden.

Any ideas?

Thanks for the help
Edit: problem solved already! Topic can be closed

Read other answers
RELEVANCY SCORE 72

Hi. I think i have the windows xp virus. All my files are missing. had a fake virus removal tool hit, tried to delete it. it said my hard drive was corrupt to reboot. I rebooted and nothing is on my desktop. my start menu is empty. I found a round about way to get on the internet. I read another post on here about a similar post. I kinda folowed along but she said that it is one on one as far as fixs go so I havent done anything but run the logs. Rootkit helper report and the OTL reports. I didnt know if i should post them on here yet or wait for someone to help. Anything you can do for me will be greatly appreciated.thank you

A:virus has hidden all my files

Hello and welcome. I think using this guide will help. Please follow our Removal Guide here Remove Windows Recovery .After reading how the malware is misleading you ...You will move to the Automated Removal InstructionsAfter you completed that, post your scan log here,let me know how things are.The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.

Read other 5 answers
RELEVANCY SCORE 72

Recently I just got a virus that will not allow me to boot in normal mode without a BSOD. I have been able to get into safe mode but even in here things are still running slow and the virus has made 99% of my files hidden so I have to go into folder options to allow myself to see the hidden files. Luckily I was able to run HijackThis.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:41:22 PM, on 4/18/2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16722)
Boot mode: Safe mode with network support

Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\... Read more

A:Hidden Files Virus

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will ap... Read more

Read other 23 answers
RELEVANCY SCORE 71.6

Greetings, BC'ians!
I have a Kingston DT 101 G2 thumb drive. Around 4 months ago, my thumb drive was infected with a horrible virus. I knew all my files were there as when I checked under "properties", the used space was as it was before. However, the files were not there. A friend of mine helped me out. He told me the files were hidden. So, he used his ESET nod32 antivirus to clean my thumb drive and he gave me these instructions:

"STEP 1:
Plug your pendrive to USB port of your computer. Make sure it is detected.

STEP 2:
Start command prompt by Click Start>>Run and type cmd then hit enter.

STEP3
Find the drive letter for the conected USB drive. For example, G:
In command prompt, type G:
Then type
attrib -s -h /s /d *.*

Make sure that you put space between each elements in the code.
hit enter, wait a moment and this should unhide all your files on your pendrive."

Then he told me to cut and copy all my files, which would then return them to normal. It worked and I was overjoyed.

(A side note; All of the above happened using my then college room mates laptop, which was what I used regularly as I at that time did not have a laptop of my own) However, last week the same thing happened again on my home PC. My thumb drive which I have not used in a few months again had the same problem. There was a virus cleaned by my ESET nod32 but I forgot to take note of the name(my apologies). I searched around and followed these instructions:

Go to Tool... Read more

A:Thumb drive files are there but hidden

To make your files visible again, please download the following program:Unhide.exe If you can copy the Unhide.exe to your removable drive and run it.If the tool is located on your C: drive and you want to unhide files in your removable drive execute this.x: unhide hit the enter key.Change the x: for the the driver letter assigned of your external drive.Allow the program to run. This program will remove the +H, or hidden, attribute from all the files on your drives. If there are any files that were purposely hidden by you, you will need to hide them again after this tool is run.This may take sometime, please let if finish.

Read other 11 answers
RELEVANCY SCORE 71.6

I have read a number of optimizing threads and thought I had taken care of most unnecessary files but I must be missing something.

My C: drive is a 60 GB OCZ SSD drive. Right click on properties tells me I have 34.5 GB of files loaded but adding them up in explorer only give me 26.4 GB. A check of all hidden files led me nowhere but I couldn't look at the "Documents and Settings" file. Could there be 8 GB in there? Can I get rid of any of it?

I have attempted Kari "User file relocate" but didn't have any luck.

appreciate the help,

Tom

A:8 GB of hidden files on 60GB SSD drive?

trbodden, welcome to seven forums. Try disabling hibernation.

Hibernate - Enable or Disable

Read other 7 answers
RELEVANCY SCORE 71.6

So I recently had an infection and after I have any virus/malware, I get really paranoid so if this is actually a really stupid question, I am sorry.

I was looking through my (C:) drive, and noticed some folders were on Hidden. Not all of them, just some. Is this supposed to be normal, or is it a virus? Because I know for certain I did not put those on Hidden myself.

I'm using Windows Vista Home Premium if that helps.

Thank you!

A:Hidden Files on (C:) Drive, Am I Infected?

Please continue in your original topic: http://www.bleepingcomputer.com/forums/topic444213.html/page__p__2612580__fromsearch__1#entry2612580

Read other 2 answers
RELEVANCY SCORE 71.6

Hi,

I have backed up all the files and emails from a faulty hard drive before inserting a new one and setting up Windows on it.

However, because the drive was in such a bad way, I did't run Outlook to extract the email account settings - and now realise that these are hidden in the registry. I have tried importing the registry files (after doing some research on this), but cannot find the registry section which contains it.

Now that the the new drive is fully running (apart from the email account settings) - Windows Vista upgraded to Windows 7 - would it be too risky to re-insert the drive in the laptop to run Outlook and get the settings recorded ? I am concerned that it will cause error messages when I re-insert the brand new drive.

I have thought about booting up a computer from the faulty drive, but think it may refuse to load because it's a different PC to one it came out of (Dell XPS M1530) - is this the case ?

I would really appreciate your advice as soon as possible.

Regards,
Julia

A:Extracting hidden files from an old drive

Hi Julia

I might be able to help you.

A few questions first
What version of Outlook (2007, 2010 or something else) for both the old install and the new (if they are different)?
What exactly do you need from the old install (accounts and logins, old mail, custom settings)?
How are you accessing the old disk?

James

NOTE: MODS MAY WANT TO MOVE THIS THREAD TO THE "Web Browsing/Email and Other Internet Applications" SUBFORUM

Read other 6 answers
RELEVANCY SCORE 71.6

Hi gentle guys,I have been thru the guidelines in "Am I infected" forum to clean my PC which seems infected still. I was directed by the assistants there to do a Hijack and post it here. I have done Hijack using RSIT and here is the log. Please take a look and kindly advise me what to do. Thank you so much in advance.Logfile of random's system information tool 1.06 (written by random/random)Run by Don at 2009-04-11 16:53:16Microsoft Windows XP Professional Service Pack 3System drive C: has 1 GB (6%) free of 20 GBTotal RAM: 511 MB (33% free)Logfile of Trend Micro HijackThis v2.0.2Scan saved at 4:53:22 PM, on 4/11/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\vsnpstd3.exeC:\WINDOWS\system32\RUNDLL32.EXEC:\Program Files\Common Files\ACD Systems\EN\DevDetect.exeC:\Program Files\Java\jre1.6.0_05\bin\jusched.exeC:\Program Files\RK Launcher\RKLauncher.exeC:\WINDOWS\Alt+Q Hotkey.exeC:\Program Files\WinRoll\winroll.exe... Read more

A:USB drive and hidden files do not show up

Hi,I understand that you need help in order to get rid of the malware that is present on your system - But you need to help us first..I notice that you never scanned with an Antivirus previously before starting this thread - because you don't even have an Antivirus installed!This is somewhat suicidal in today's digital world.That's why I want you to install one first!!* Please install Avira Antivirus: http://www.free-av.com/This is a free Antivirus.Perform a full scan with Avira and let it delete everything it is finding.Then reboot.After reboot, open your Avira and select "reports".There doubleclick the report from the Full scan you have done. Click the "Report File" button and copy and paste this report in your next reply together with a new HijackThislog.Then we'll start from there, because it really makes no sense otherwise that we clean this up manually if an Antivirusscan is not present which should be able to deal with most and prevent further reinfection.

Read other 16 answers
RELEVANCY SCORE 71.2

Hey guys,

Recently my windows xp OS hard drive crashed on me. In desperation I installed a new HD with windows XP making my crashed drive the slave {So I can still salvage my files}. So far so good, until I tried to get into a few folders of mine that I had protected by Everstrike's Universal Shield 4.1. When I try to view these folders, I get access denied. I've tried logging in as administrator, safe mode, going through the registry to try and manual uninstall, re-downloading, installing and uninstalling Universal Shield- all to no avail. The uninstall freezes up on me every time.

What I believe is happening, is that Universal shield must still be installed on my slave drive, still protecting those folders that I had it lock.

How can I get rid of Universal shield on my slave drive, giving me access to the folders I need to back up? Any ideas?

Thanks a lot, hope we can get this figured out.

A:HD Crashed, How to find files you've hidden on old OS drive when old OS drive is now slave?

If I can't figure this out, i'm going to lose about 5 years worth of pictures and documents I've wanted to save. Anyone have any thing to help?

Read other 6 answers
RELEVANCY SCORE 71.2

Help. I came home this weekend to find a big problem on my PC which runs XP SP3. It is always rock solid ('till now).
MY wife turned to computer on and then found somehting which she describes as like a defrag going on. I have checked the log and this is the case.
Minutes later the home screen reverts to XP default, all files and folders can't be found and some software isn't present on the home screen.
I have tried a couple of things:
I can't do a system restore - this isn't a new thing.
The hard drive is still 75% full - good sign as this means the files are probably somewhere.
I have run AVG with latest virus and 3 dangerous items were found and dealt with
I ran Rkill
I ran AVG again - clear and nothing found
I ran hidden folder software
Still no files.
Please help

A:help: lost files - maybe hidden - virus

Your user profile may have become corrupted and Windows loaded a default profile. Browse to C:\Documents and Settings. You will probably see your old User Profile name folder there. If you open it up your files should be there. If so, go to Start/Run and type control userpasswords and press enter. Here create a new user profile with admin rights. Log out of the profile you are in and log in as the new user. Browse to C:\Documents and Settings and open your old profile folder, and Copy Desktop, Favorites, Start Menu, My Documents and Paste them into your new profile user folder, overwriting the empty ones.

Read other 10 answers
RELEVANCY SCORE 71.2

Hi all My files and folders're all hidden after I plugged my friend's thumbdrive to my computer, but after using combofix scan, this symptom's gone. Do I have to do anything more?I am completely a computer dummy, so look forward for experts' advice

A:my files and folders are all hidden by virus.

Hello , And to the Bleeping Computer Malware Removal Forum. My name is Elise and I'll be glad to help you with your computer problems.I will be working on your malware issues, this may or may not solve other issues you may have with your machine.Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen. Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.-----------------------------------------------------------If you have since resolved the original problem you were having, we would appreciate you let... Read more

Read other 2 answers
RELEVANCY SCORE 71.2

thanks in advance to anyone who can give me some insight.

i've finally got my computer looking the way i want and running as fast as an atom can produce, but i've run into a problem. i recently hid a bunch of folders i never access, and subsequently ran a virus scan. none of these issues appeared before the hiding of folders and the virus type appears as, "hidden file", so i'm assuming that it's because of all this hiding i've applied to various folders. these are the errors i get when running the virus scan:

file - threat - type - risk level

GDIPFONTCAC- - hidden file - rootkit - 3/3
desktop.ini - hidden file - rootkit - 3/3
desktop.ini - hidden file - rootkit - 3/3
index.dat - hidden file - rootkit - 3/3
wpdlog00.sqm - hidden file - rootkit - 3/3
wpdlog01.sqm - hidden file - rootkit - 3/3
wpdlog02.sqm - hidden file - rootkit - 3/3
desktop.ini - hidden file - rootkit - 3/3
desktop.ini - hidden file - rootkit - 3/3
desktop.ini - hidden file - rootkit - 3/3
index.dat - hidden file - rootkit - 3/3
desktop.ini - hidden file - rootkit - 3/3
desktop.ini - hidden file - rootkit - 3/3
index.dat - hidden file - rootkit - 3/3

when i attempt to fix all errors, i run another scan and they all persist to appear as viruses. when i go to folder options and check "show hidden files" and uncheck "hide protected operating system files" i am able too see them, but the files continue to appear as viruses.

should i be concerned, or is th... Read more

A:Hidden Rootkit Files... VIRUS?

Once your A/V marks them as malicious, they will always be malicious until they are deleted from the system.

If your A/V has the ability to ignore them, I would give that a whirl.

What A/V do you have for the record?

Read other 6 answers
RELEVANCY SCORE 71.2

A friend of mine had installed a crack for some software that didn't work (the fool) and as a result we have been having problems finding and removing a virus from the system. Any help would be good.

Symptoms: Slow performance on applications, at startup comes up with an error box saying "Rundll, cannot find module Ruvekifo.dll".

So we looked at the startup programs and found a program asking for three different executions, Kdglf.exe and Bijejezo.dll (which we found and deleted from the startup list.) and ruvekifo.dll, all three of these programs are hidden from the windows API so no search would work.

But Ruvekifo keeps coming up on the startup list when we restart or make changed.

We did a rootkit scan and found the registry location.

HKEY Local Machine/Software/Microsoft/Windows/Run

There was a key with rirawapola linked to the Ruvekifo.dll. Any attempts to delete this key resulted in it coming back next restart.

If anyone has any advice or help how to get rid of this please post!
 

A:Virus problem, hidden files, help!

Read other 7 answers
RELEVANCY SCORE 71.2

I recently had a Trojan of some sort (Windows Disk Fix) and I have seemed to removed it. I killed the process with Hijackthis, and found and removed it with Malwarebytes. It seems to have hidden almost all of my desktop icons, and all of my files and folders under "Downloads","My Documents" etc.. I know the files are still there since I can access them through other programs. I have tried to restart Explorer and scan the disks for errors, neither one has seemed to work. I am running Windows 7 x64
 

A:Virus has hidden most Files and Folders

Hiya izzard3,

Proceed as follows :-

To make your files visible again, please download the following program to your desktop:

Unhide tool

Once the program has been downloaded, double-click on the Unhide.exe icon on your desktop and allow the program to run. This program will remove the +H, or hidden, attribute from all the files on your hard drives. If there are any files that were purposely hidden by you, you will need to hide them again after this tool is run.
Please be patient as this may take several minutes to run, it will scan and fix all Hard drives on your system. You will see a new window with the drive being processed, typically C:\ as below:

Changing as the next drive is processed if you have more than one, as below:

You will get a success alert at the end. Re-boot and see if your files are present.

Let me know how you get on, also any issues or concerns....

Kevin
 

Read other 1 answers
RELEVANCY SCORE 71.2

A friend's computer had a virus, and as a result it 'hid' a large number of files. This meant that the desktop was left blank, the Start menu was wiped, and all documents were missing. After going to Folder Options > View > View hidden files and folders I can see them now, but they're still hidden (and therefore show up as transaprent/translucent.

I have been through all the obvious ones and manually chosen to unhide lots of them. This worked fine for all of the 'My Documents' folders etc, and there are now some icons on the Start menu, but there is still lots that must be hidden that I haven't managed to find. The desktop is still blank, and lots of the programmes now listed in the Start menu are literally just the icon - if you hover on it, (empty) is displayed.

Is there a way that I can view a list and then restore all hidden files? After a Google search I found instructions to be able to view files through running a command prompt, but the instructions referred to entering individual file names (with extension) to unhide them. As lots in the list were DIR (directories?), without extensions, I couldn't do this.

Any ideas on this one? Assistance would be much appreciated!

Hils
 

Read other answers
RELEVANCY SCORE 71.2

Hi,
I am unable to restore my computer to an earlier date. Also my MCafee OnAccess scan is not working.
After going thru various posts, I followed the instructions and ran the Combofix. As per the logs, there are some hidden files which are there in my computer and the tool was unable to delete them. The files names are listed below:

c:\windows\system32\drivers\hjgruippxmltlb.sys 69632 bytes executable
c:\windows\system32\hjgruiqptmxfmq.dll 18944 bytes executable
c:\windows\system32\hjgruitkyprtdi.dat 8696 bytes
c:\windows\system32\hjgruitlrwwuwm.dll 44032 bytes executable
c:\windows\system32\hjgruitutboniq.dat 93 bytes

Can some one help please?

Regards,
SB

A:Hidden files Virus Problem

Can some one please help? Now the google search is giving weird pages..

Read other 16 answers
RELEVANCY SCORE 71.2

I am new to the forum. Hello everybody. I have a problem because I am not able to see my Hidden files. I am including the Hijackthis log file. Please help me.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:37:41, on 27/08/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ASUS\Probe\AsusProb.exe
C:\Archivos de programa\Java\jre1.6.0_07\bin\jusched.exe
C:\Archivos de programa\Eset\nod32kui.exe
C:\Archivos de programa\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\Archivos de programa\Nokia\Nokia PC Suite 6\PCSync2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Archivos de programa\Windows Live\Messenger\msnmsgr.exe
C:\Archivos de programa\Messenger\msmsgs.exe
C:\Archivos de programa\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Archivos de programa\Belkin\Bluetooth Software\bin\btwdins.exe
C:\Archivos de programa\Eset\nod32krn.exe
C:\Archivos de programa\Archivos comunes\supportsoft\bin\sprtlisten.exe
C:\WINDOWS\system32\svchost.exe
C:\Archivos de programa\PC Connectivity Solution\ServiceLayer.exe
C:\Archivos de programa\PC Connectivity Solution\Transports\NclBCBTSrv.exe
C:\Archivos de programa\Archivos comunes\Nokia\MPAPI\MP... Read more

A:a Virus?- Hidden files can not be seen-Hijackthis log

I have found an script that solves my problem with the virus.

http://www.mygeekside.com/?p=14

Is in spanish, just download and execute the script

Regards

Read other 1 answers
RELEVANCY SCORE 71.2

Hello, all.So I got that nasty System Fix malware, and I successfully ran rkill, MBAM, and finally unhide. SF is now totally gone. However, I have another issue...after running unhide about five times now, I still have icons and files hidden. I even tried to follow the instructions wherein I temporarily turned off all my antivirus, firewall, and security software and ran the program again, and I am STILL missing Start Menu items (i.e. Control Panel, Documents), desktop icons, and taskbar (is it called taskbar? Quick taskbar? I can't remember...) icons. My documents, music, pictures, etc are visible again, though. I don't know how to get the hidden stuff back up again.. Do I keep running unhide over and over and hope they come back? Is this something I will need to redo manually? Any help anyone can give me would be GREATLY appreciated.Thanks, guys.P.S....I am using Windows Vista Home Premium.Edit: Moved topic from Vista to the more appropriate forum. ~ AnimalA

A:After System Fix Virus, files still hidden

Click on start button,go to RUN and type%temp% and click okDo you find a folder called smtmp ?

Read other 22 answers
RELEVANCY SCORE 71.2

Hi, I am attaching hijackthis logs. Could you please help me with this.its eating into my processor. and the windows startup is too slowdoLogfile of Trend Micro HijackThis v2.0.2Scan saved at 19:40:21, on 22/12/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\ibmpmsvc.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Intel\Wireless\Bin\S24EvMon.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\Program Files\Common Files\Symantec Shared\ccProxy.exeC:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exeC:\Program Files\Common Files\Symantec Shared\SNDSrvc.exeC:\Program Files\IBM\Personal Communications\PCS_AGNT.EXEC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\Drivers\trcboot.exeC:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exeC:\Program Files\IBM\Mobility Client\artstartsvc.exeC:\Program Files\... Read more

A:Virus through a USB. all hidden files shown

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepagethis one looked like a virus so i cleaned it using hijackthis

Read other 2 answers
RELEVANCY SCORE 70.8

Hello-
XP drive trashed by alureon.k, trojan.fakealert, ieexplore.exe
Drive has become password protected.
Will not boot even with recovery disks
Have drive in usb housing attached to a Win7 machine.
Listing shows many files missing.
Tried to change attributes to visible but not authorized to make changes.

Need to recover some files from the drive before format and re-install.

Need help/direction on how to get at the drive thru USB to recover whatever data might still be there.

I have and am working thru the preparation guide and I spent several hours researching this site.
Do not think I can run many of these programs on USB drive.

Any suggestions or direction greatly appreciated.

Bob P

A:XP drive attacked, locked, files hidden

Try this please. You will need a USB drive.Download http://unetbootin.sourceforge.net/unetbootin-xpud-windows-latest.exe & http://noahdfear.net/downloads/bootable/xPUD/xpud-0.9.2.iso to the desktop of your clean computerInsert your USB drivePress Start > My Computer > right click your USB drive > choose Format > Quick formatDouble click the unetbootin-xpud-windows-387.exe that you just downloadedPress Run then OKSelect the DiskImage option then click the browse button located on the right side of the textbox field.Browse to and select the xpud-0.9.2.iso file you downloadedVerify the correct drive letter is selected for your USB device then click OKIt will install a little bootable OS on your USB deviceOnce the files have been written to the device you will be prompted to reboot ~ do not reboot and instead just Exit the UNetbootin interfaceAfter it has completed do not choose to reboot the clean computer simply close the installerNext download http://noahdfear.net/downloads/driver.sh to your USBAlso Download Query.exe to the USB drive. In your working computer, navigate to the USB drive and click on the Query.exe. A folder and a file, query.sh, will be extracted.Once this process is completed, download Dumpit by noahdfear to the USB drive.Remove the USB and insert it in the sick computerBoot the Sick computerThe computer must be set to boot from the USB driveIn some computers you need to tap F12 and choose to boot from the USB, in others is the Esc key. Plea... Read more

Read other 38 answers
RELEVANCY SCORE 70.8

Hi, my PC is having some problems which seem similar to quite many people's cases I have read.

It does not show USB thumbdrive in my computer though windows detects a USB plugged in.

It does not show hidden files and folders as I select the show hidden files option.

It also opens a new window whenever I click one of my 2 local disks though I have selected open each folder in the same window. I searched the solution for this "opening in a new window" problem and I got an instruction to run regedit and delete all "mountpoints2" found in the computer. So I have to repeat this activity everytime I turn on my computer.

Please give me an instruction to clean my infected PC.

Thank you before hand.

A:USB drive and hidden files do not show up/ Moved

As no logs have been posted, I am shifting this topic from the specialized HiJack This forum to the Am I Infected forum.PLEASE DO NOT NOW POST LOGS unless a log is specifically requested.What is your operating system: Windows XP, Vista, etc.?What security programs do you have installed? Please name them.Are you experiencing other issues with your computer? If so, please describe as specifically as possible.Orange Blossom

Read other 12 answers
RELEVANCY SCORE 70.8

Hello, my desktop has two very strange symptoms:
Last night Action Center was giving a maintenance warning that there is a problem with "Kitten Cannon" and I need to go to Spiral Orbit and download the latest update. That warning just disappeared a few minutes ago.
and
When I choose to show protected operating system files, there is a new folder named "...",
inside that file all the C Drive folders are replicated. They are empty and when I try to open them I get this error: "C:\...AEDiskCache refers to a location that is unavailable".

Two things happened before I noticed these problems:
I was cleaning up an external hard drive for a friend and tried to open a PDF, it threw a pop-up saying that I needed to get an update for Adobe Reader. I automatically clicked on it, and then realized that the pop-up looked suspicious, I canceled but probably too late. Stupid.

I installed a program from CNET, Wise File Hider. I uninstalled this A.M.

I scanned the ext. hard drive with Security Essentials before opening.
I have not been able to find any information on either of these issues.
Sec. Ess. reports clean - Sophos Root Kit reports clean.
AutoRuns doesn't show any suspicious services as far as I can tell...I'm stumped.

Also, there was a hidden shortcut icon in my documents folder for Remote Desktop Sharing.
I have remote sharing turned off. Is this from Team viewer?

A:C: Drive files replicated in hidden folder

You might do a full scan on your computer using Security Essentials, and I would recommend downloading and running Malwarebytes. Malwarebytes | Free Anti-Malware & Internet Security Software.

If you CCleaner, there's a Startup tab in the Tools box that will list all of the programs that start automatically with Windows. CCleaner - PC Optimization and Cleaning - Free Download

Others, more knowledgeable than I, monitor this forum. Someone is sure to come along with more suggestions.

Be Well,
R?nce

Read other 9 answers
RELEVANCY SCORE 70.4

I took my memory stick to a computer place to get something printed. When I got home, I put the memory stick into my home PC and the virus scanner removed 5 trojans and pronounced it clean.

The problem is that all the files are in a new directory that is hidden or something. I can find the directory using CMD, but it appears to be a nameless directory ... like with a space or something, so I cannot use the attrib command to remove the hidden, system, whatever flag this thing has.

I cannot find the hidden directory using windows. Yes, I've tried going to search options and clicking show hidden. I've also tried going to the control panel to click appearance and personalization. There is no such option under control panel -- there's only a personalization, and it doesn't include that option.

How can I move those files out of this hidden directory and back onto the j:\ ?

Read other answers
RELEVANCY SCORE 70.4

Brand new to this site so excuse me if I'm not post this corretcly or in the wrong place. I got hit with a virus this week which rmeoved all desktop icons and would not let me do anything. I was able to go-back to a week earlier. Now I have the following issues (at least):1. all my data files are hidden. 2. any Google searches lead me to different sites, nothing to do with the search.3. my internet favorites are gone (least of my troubles).Any ideas as to what virus I got hit with and how to repair this?PS: I user Trend Micro Titanium Internet Security (2012)...[Moderator edit: post moved to more appropriate forum. jgw]

A:Virus help - hidden files and internet redirects

Downloadhttp://www.bleepingcomputer.com/download/anti-virus/unhideRun it and it should restored your hidden filesDownloadTDSSkillerLaunch it.Click on change parameters-Select TDLFS file systemClick on "Scan".Please post the LOG report(log file should be in your C drive) Please download GMER from here(doesnot work on 64 bit OS)http://www2.gmer.net/download.phpTemporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.Now click the Scan button. If you see a rootkit warning window, click OK.When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.Click the Copy button and paste the results into your next reply. DownloadaswMBRLaunch it, allow it to download latest Avast! virus definitionsClick the "Scan" button to start scan.After scan finishes,click on Save logPost the log results here

Read other 15 answers
RELEVANCY SCORE 70.4

Cannot see my files on my external hdd, i think because of a virus.
I tried everything i know.
Malwarebytes
Superantispyware
Avg anti virus
Spybot
Cmd attrib ...
REgistry changes
Folder options
ccleaner
auto run exterminator.


I know the files are there because it shows my external drives half full like it before and now they are just hidden.

A:Problem with virus hidden all my files on external hd tried everything

A little more information please.

* Fill in your System Spec's
* Is the Ext. Hdd USB, E-SATA, or Firewire?
* Have you been using the Hdd regularly for back ups, or is this the first time?
* How many INTERNAL Hdd's do you have?

Take a look in Device Manager; is the Hdd recognised? Then 'Computer' - 'Manage' - 'Disk management' - 'Storage' -
- Is the Ext Hdd shown by its Drive Letter? Is it shown as OK?

Read other 3 answers
RELEVANCY SCORE 70.4

So yesterday I got the follow worms/virii:
-packed.vmpbad!gen1
-trojan.gen
-w32.imautorun

I realized this when this Magway FC popup kept coming up and i was wondering what the hell it was. I tried to get to the task manager but it wasnt present as a choice when i hit ctrl+alt+delete (w7). i tried to get to msconfig and my computer restarted itself.

When it restarted all of my files (in the programs menu, all my media and pictures) almost everything in my hard drive was gone! i chekced how much space my hd had and figured out all my stuff was just hidden and not erased. I couldnt access system restore even to disable it, couldnt get to folder options, etc.

Soo since AVG failed me i d/led norton and eradicated the virii.
Then I used Malwarebytes to get rid of these registry infections:


Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8eygnigr-kxu6-3de9-1ijd-cwgvhwklmkyw} (Generic.Bot.H) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Policies\Explorer\nofolderoptions (Hijack.FolderOptions) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dows NT\SystemRestore\disableconfig (Windows.Tool.Disabled) -> Delete on reboot.

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Policies\Explorer\NoFind (Hijack.Find) -> Bad: (1) Good: (0) -> Quarantined and de... Read more

A:halp! virus set my all files to hidden and now i cant reverse it!

screens:

Read other 9 answers
RELEVANCY SCORE 70.4

DDS.txt file

.
DDS (Ver_2011-08-26.01) - NTFSAMD64 NETWORK
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_24
Run by Fortress at 10:27:28 on 2012-01-20
Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.1791.900 [GMT -6:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe
C:\Program Files (x86)\PC Tools Security\pctsSvc.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\ie... Read more

A:System Check Virus? Hidden Files

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.Do not run any other tool untill instructed to do so!Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.Run Combofix:You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<Combofix may need to reboot your computer more than once to do its job this is normal.You can download Combofix from one of these links.Link 1Link 2Link 3 1. Close any open browsers or any other programs that are open.2. Close/disable all anti virus and anti malware programs so they do not interfere with the r... Read more

Read other 3 answers
RELEVANCY SCORE 70.4

NEED HELP URGENTLY!!
Ive had a virus for the last few days that has crashed my computer several times, hidden many of my programs and files, and will not let me run some exe files. For the last few days I've been working nonstop reregistering dlls and other things just to get my computer in good enough condition that I can go online. Im not sure what caused the virus but I do have a a HiJack This logfile and a malwarebytes logfile. PLEASE HELP and THANKS in ADVANCE

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 5:48:05 PM, on 1/1/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files\Sony\VAIO Care\VCSpt.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe
C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe
C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe
C:\Program Files (x86)\DDNi\Oasis\VAIO Messenger.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\So... Read more

A:Virus has hidden most my programs and files and still wont go

Hello and welcome to TSF.

We want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and
Quote:




Having problems with spyware and pop-ups? First Steps




a link at the top of each page.

Please follow our pre-posting process outlined below.

NEW INSTRUCTIONS - Read This Before Posting For Malware Removal Help - Tech Support Forum

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

Read other 1 answers
RELEVANCY SCORE 70.4

hello all,

I got a virus last night (system check, ultradefraggerfraud, file indexation process failed). I did a system restore and now all my word docs, excel files are hidden. I have unhidden them, but they are still marked as 'hidden'. I tried to update my virus and malware programs, but I am getting errors because of access.

How can this be fixed?

I have attached a hijackthis file if it helps.

Thanks so much for your help,
RMoore2
 hijackthis.log   14.15KB
  1 downloads

A:System restore after virus and now files are hidden

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.The first thing I would like you to do is run this for me - http://download.bleepingcomputer.com/grinler/unhide.exe after it is complete restart the computer and continue with these stepsDownload and run OTLDownload OTL by Old Timer and save it to your Desktop.Double click on OTL.exe to run it.Under Output, ensure that Minimal Output is selected.Under Extra Registry section, select Use SafeList.Click the Scan All Users checkbox.Under the Custom Scan box paste this in

%TEMP%\smtmp&... Read more

Read other 3 answers