I got a virus and dont know what its name is... it has made that I cant unhide files and folders from Tools---> Folder Options... every time I select Show Hidden files and folders and click to OK.. next time when i open that window it shows it unselected and also the files and folders remain hidden.... Kindly tell me the solution.... I am using symantic antivirus and it is not even detecting thay virus..... Is there any cure...
Click Start. Open My Computer. Select the Tools menu and click Folder Options. Select the View Tab. Under the Hidden files and folders heading, select Show hidden files and folders. Uncheck: Hide file extensions for known file types Uncheck the Hide protected operating system files (recommended) option. Click Yes to confirm. Click OK.
Do NOT post your problem in someone elses thread.
Start a new topic so that it may receive proper attention.
I followed all the step except following three steps
Uncheck: Hide file extensions for known file types Uncheck the Hide protected operating system files (recommended) option. Click Yes to confirm.
and with that "hiding" problem i got another problem which is , the floppy drive is trying to read/write the disk after some time intervels and the system is getting slow....
Sounds odd. Let´s see what´s running on Your computer
1. Get this version of Hijackthis from http://danborg.org/spy/hjt/alternativ.exe 2Save it in a permanent folder of your choice, such as C:\HJT\. To create this specific folder on your hard drive: Double click the 'My Computer' icon on your desktop, then under the category hard disk drives: double click Local Disk:, then select file->New -> Folder and name it HJT
3 Run hijackthis.(alternativ exe).
Choose the "Do a system scan and save a log file" option to perform your scan.
HijackThis will analyze your system, and automatically open a notepad textfile containing the HijackThis log when the scan is finished.
Open the text files containing the logs with a text editor and click Edit -> Select All, followed by Edit -> Copy. From within the browser window and with the message body text box selected, click Edit -> Paste.
Post hijackthis log here
Do NOT post your problem in someone elses thread.
Start a new topic so that it may receive proper attention.
Logfile of HijackThis v1.99.1 Scan saved at 2:00:51 PM, on 2/24/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
When you have done this, please boot into Safe Mode (Tap F8 during startup).
Rightclick on the SDFix.zip folder and choose Extract All. Open the extracted folder normally - C:\ SDFixand doubleclick on RunThis.bat to start the script.
Type Y to begin the script. It will remove the Trojan Services then make some repairs to the registry and prompt you to press any key to Reboot. When you hit any key, your computer will reboot. Your system will take longer that normal to restart as the fixtool will be running and removing files.
When your desktop loads, the utility will complete the removal and display Finished. Press any key again to end the script and load your desktop icons.
Finally open the SDFix folder on your desktop and copy and paste the contents of Report.txt back in this thread along with fresh hijackthis log,and tell how things are running
Do NOT post your problem in someone elses thread.
Start a new topic so that it may receive proper attention.
ECHO is off. Cleantouch Urdu Dictionary DivX Pro Codec DivX Player 2.1 Download Accelerator Plus Beta Equation Grapher DEMO HijackThis 1.99.1 HSP56 Modem Drivers iolo technologies' System Mechanic LabVIEW RunTimeEngine LiveUpdate 2.6 (Symantec Corporation) Mathematica 4.1 MATLAB 12-25-2005 Mozilla (1.7.3) Mozilla Firefox (1.0.1) National Instruments Software Macromedia Flash Player 8 Urdu To English Dictionary WinRAR archiver Yahoo! Messenger ZTE_USBDriver NI Distribution Information - PDS English NI LabVIEW Application Builder 7.0 NI LabVIEW 7.1 Core Essentials Google Talk (remove only) NI Example Finder 2.0 NI Instrument IO Assistant for LabVIEW 7.1 NI LabVIEW 7.0 NI LabVIEW 6.0 Symantec AntiVirus NI LabVIEW Advanced Analysis 7.0 Virtual CD v4 NI LVBrokerAux71 upapp NI LabVIEW Run-Time Engine 7.1 NI LVBroker NI LabVIEW Advanced Analysis 7.1 Matrix Calculator NI LVBrokerAux70 NI LabVIEW Run-Time Engine 7.0 NI LabVIEW CIN Tools 7.0 NI LabVIEW Professional Tools 7.1 NI LabVIEW Picture Control and CIN Tools 7.1 Microsoft Firewall Client NI LabVIEW Professional Tools 7.0 Microsoft Office Professional Edition 2003 NI LabVIEW Run-Time Engine 6.0 Microsoft Visio Professional 2002 [English] NI LabVIEW Application Builder 7.1 NI Uninstaller Adobe Reader 6.0 NI LabVIEW Picture Control Toolkit 7.0 Commandos 3 - Destination Berlin NI LabVIEW Full 7.0 MSN Messenger 7.5 NI LabVIEW 7.1 Maple 7 Shrek Activity Center NI LabVIEW Service Locator 1.0 Syberia 2 Commandos 2: Men of Courage NI LabVIEW Full 7.1 NI Instrument IO Assistant for LabVIEW 7.0
Finished
=============================================
here is hijkthis.txt....
=============================================
Logfile of HijackThis v1.99.1 Scan saved at 3:42:23 PM, on 2/24/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
My computer's performance has improved as before... and i m very thankful for that... but i am still unable to unhide my hidden files and folders.... is there any solution for that....???? and floppy drive is still trying to read disk in the drive(currently no disk in the drive)....
Install it using the Standard Install option. (You will be asked for your e-mail address, it is safe to give it.
close the program
Download and install: http://www.filehippo.com/download_ccleaner/ For a basic version of CCleaner with no Yahoo Toolbar, select the second or third install option as follows: Even if you selected Option 2 or 3, if you do not want the Yahoo Toolbar installed: Uncheck "Add CCleaner Yahoo! Toolbar", as it is checked by default during CCleaner Setup
Run Hijackthis and place a check beside each of the following. Close all other browser windows except HJT. Click fix checked:
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) R3 - URLSearchHook: (no name) - - (no file)
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
You may want to print this or save it to notepad as we will go to safe mode.
Re-start your PC in Safe mode, by holding down the F8 button during the initial start up procedure. Use the up and down arrow keys to select Start PC in safe mode and hit the enter key. This will start your PC with only essential Windows programmes running.
Please set your system to show all files. Click Start. Open My Computer. Select the Tools menu and click Folder Options. Select the View Tab. Under the Hidden files and folders heading, select Show hidden files and folders. Uncheck: Hide file extensions for known file types Uncheck the Hide protected operating system files (recommended) option. Click Yes to confirm. Click OK.
Delete the following files or folders (delete item in bold). Please do not be concerned if any of the items are not found as they may have been automatically removed by actions I had you take earlier in the cleaning process.
Delete-
Files:
C:\RavMon.exe
C:\WINDOWS\MDM.EXE
Open Ccleaner.
1.Before first use, check under Options, Advanced, and UNCHECK "Only delete files in Windows Temp folder older than 48 hours".
2.A pop up box will appear advising this process will permanently delete files from your system.
3.Then select the items you wish to clean up.
In the Windows Tab:
Clean all entries in the "Internet Explorer". If you prefer to keep your cookies, uncheck the Cookies entry. Deleting cookies will require re-entry of user names and passwords on next visit to sites that require users log in.
Clean all the entries in the "Windows Explorer" section.
Clean all entries in the "System" section.
Clean all entries in the "Advanced" section.
Clean any others that you choose.
In the Applications Tab:
Clean all (optionally, except cookies) in the Firefox/Mozilla section if you use it.
Clean all in the Opera section if you use it.
Clean Sun Java in the Internet Section.
Clean any others that you choose.
4.Then click the "Run Cleaner" button and it will scan and clean your system. Click exit.
Start Superantispyware/rightclick on the black/yellow bug in tray.
Hit - Scan Your Computer - button
Click on the drive(s) you want to scan. Put a check in - Perform Complete Scan, then next
it will scan now. When scan have finished, put a checkmark with all items it found. Next, after cleaning, allow it to Reboot
Open Superantispyware
Obtain the SuperAntiSpyware log as follows:
Click: Preferences
Click the Statistics/Logs tab
Under Scanner Logs, double-click SuperAntiSpyware Scan Log
It opens in your default text editor (such as Notepad)
Post this log along with fresh hijackthis log and tell how things are running
Do NOT post your problem in someone elses thread.
Start a new topic so that it may receive proper attention.
Here is the fresh Hijackthis log and I have also atteched an image, this image describe another problem or symptom caused by that virus... If i right click on any hard disk drive patition in my computer the upper two options in pop up manue are different cherecters.... thay are encricled... plz tell me some solution about it... thanks........
Logfile of HijackThis v1.99.1 Scan saved at 6:07:44 PM, on 2/26/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
I rebooted my system in safe mode and found out that "C:\WINDOWS\SVCHOST.EXE" do not exist, however i tried to delete, "C:\WINDOWS\System32\SVCHOST.EXE" but this is used by system and cant be delete, i tried to endtask that file but it run itself again...
I also tried to delete,"C:\WINDOWS\MDM.EXE", first time a successfully deleted it but came back again immidiatly and now delete doesnt work on it...
I still have those odd cherecters....
I found out from some where that it is Trojan Horse but dont know how to remove it... even my antivirus is not detecting it...
Logfile of HijackThis v1.99.1 Scan saved at 9:42:38 AM, on 2/28/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
I hope this works out. I have the same problem on my computer. I downloaded a program from a file share site, and now I have a trojan. Most of my files are hiden. I'm thinking I'm going to have to format my computer. Is there a program I can pay for that would remove the viruses? Could you tell me which program is the best one for removing trojans? Also what are the chances that the trojan will be removed? Am I better of just formating and getting a virus protector, firewall? Thanks for the reply.
Post Edited (astedradj) : 3/2/2007 12:09:16 AM GMT
You must extract avenger. zip to your desktop, before you run it.
Start up Avenger exe. Check the 'Input script manually' option. Click the Magnifying Glass icon. In the box that opens, copy,then paste all the text in the quote box below.
Quote:
Files to delete: C:\WINDOWS\MDM.EXE
C:\WINDOWS\SVCHOST.EXE
Then click on 'Done'. Click the Traffic Light icon to start the program. Then press OK at the prompts to reboot your PC.
After the restart, it creates a log file that should open with the results of Avenger’s actions. This log file will be located at C:\avenger.txt
Run the program. After a short time a logfile will turn up. Copy the contents of the log into the thread along with avnger log, and a fresh hijackthis log.
Do NOT post your problem in someone elses thread.
Start a new topic so that it may receive proper attention.
i have the same problem. i have managed to remove the RavMon.exe virus with Protector Plus 2007, which is free to download, but problem with unhide hidden files and folders is still there.
please let me know if you have solved that problem.
would appreciate ur and anyothers help. i m desperate.
i went to safe mode and run Xoftspy and symentec in safe mode and found
Torjan horse
W32.Rajump
in mdm.exe files and svhost
after that i restarted pc. I am not able to unhide files and
when i right click any of my partition i still see the ascii language in place of open and explore. More over when i double click on any partition a window pop up which says open with. so i am not able to enter into any of my drive partition. So i have to use folder tree option to work in my partitions.. I am soo upset..
Please i desperately need help on this issue. Plz helpp.
I downloaded and utilized all the tools you menitoned as well as MS-MSRT (tells me that these are unrecognized files but does not give you an option to remove them)..and MS-Defender...
I had issues with BOOTSAFE (superantispyware)..it would not give me an option to go into NORMAL mode.. i was stuck in SAFE MODE..
using all the tools you mentioned i was able to track down the 3 files on my system.
svchost.exe / Svchost.ini
MDM.exe
and RovMon.exe (spelling?)
and those are the files that were causing the problem.. I am pretty sure that I have eliminated them form my system.
I had to go serach for all 3 files in the WHOLE REGISTERY (there were over 30 occurances for each in idfferent places).
and delete them.. then using the software you menioned above i deleted those files from the system
I still cound not UNHIDE my folders so I went and REPAIRED MY XP.. and now i can see my hidden files..
My C:\ still shows up with the corruption and i have not been able to get rid of that...
downlod avg free edition will make it delete virus
Then ......
\ 1 / wordpad then open .. \ 2 / made save as ... \ 3 / give him the name autorun.inf \ 4 / then copy and paste made in the disc wanted ... \ 5 / reboot the pc and it's playing
Nabil alger
non pas du tout se que vous faite c'est tres simple
telecharcher avg free edition fera la faire il suprimera le virus
puis ......
\1/ ouvrez wordpad puis .. \2/ faite enregistrer sous... \3/ donner lui le non autorun.inf \4/ puis copier le ,et faite le coller dans le disque voulu ... \5/ redemare le pc et le tour est joue
Currently it is Monday, May 20, 2013 7:40 PM (GMT +3) There are a total of 59,521 posts in 13,140 threads. In the last 3 days there were 3 new threads and 6 reply posts. View Active Threads
Who's Online
This forum has 34611 registered members. Please welcome our newest member, caspied. 23 Guest(s), 0 Registered Member(s) are currently online. Details
|
Forum Help Manual
ointer;cursor:hand;}
