Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help

Virus hid all my files, now i cant un-hide them :(

This is a discussion on Virus hid all my files, now i cant un-hide them :( within the Virus/Trojan/Spyware Help forums, part of the Tech Support Forum category. So yesterday I got the follow worms/virii: -packed.vmpbad!gen1 -trojan.gen -w32.imautorun I realized this when this Magway FC popup kept coming


Reply
 
Thread Tools Search this Thread
Old 07-12-2010, 12:27 AM   #1
Registered Member
 
Join Date: Jul 2010
Posts: 3
OS: Windows 7



So yesterday I got the follow worms/virii:
-packed.vmpbad!gen1
-trojan.gen
-w32.imautorun

I realized this when this Magway FC popup kept coming up and i was wondering what the hell it was. I tried to get to the task manager but it wasnt present as a choice when i hit ctrl+alt+delete (w7). i tried to get to msconfig and my computer restarted itself.

When it restarted all of my files (in the programs menu, all my media and pictures) almost everything in my hard drive was gone! i chekced how much space my hd had and figured out all my stuff was just hidden and not erased. I couldnt access system restore even to disable it, couldnt get to folder options, etc.

Soo since AVG failed me i d/led norton and eradicated the virii.
Then I used Malwarebytes to get rid of these registry infections:


Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8eygnigr-kxu6-3de9-1ijd-cwgvhwklmkyw} (Generic.Bot.H) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Policies\Explorer\nofolderoptions (Hijack.FolderOptions) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dows NT\SystemRestore\disableconfig (Windows.Tool.Disabled) -> Delete on reboot.

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Policies\Explorer\NoFind (Hijack.Find) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Policies\Explorer\NoFolderOptions (Hijack.FolderOptions) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Policies\System\DisableRegistryTools (Hijack.Regedit) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dows NT\SystemRestore\DisableConfig (Windows.Tool.Disabled) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Files Infected:
C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\keygen.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Program Files (x86)\hackhound.txt (Malware.Trace) -> Quarantined and deleted successfully.
__________________________________________________ ______________

Now i can get to folder options to show all hidden files, and i can see all of my hidden files (basically everything in my hard drive). however, when i right click > properties, the "hidden" check box under attributes is greyed out and i can un-hide the file (let alone any file).

What can i do?!?!

__________________
Divided Sky is offline   Reply With Quote
Old 07-12-2010, 12:28 AM   #2
Registered Member
 
Join Date: Jul 2010
Posts: 3
OS: Windows 7



here's a screen shot
__________________
Divided Sky is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2


All times are GMT -7. The time now is 06:28 AM.


Copyright 2001 - 2014, Tech Support Forum

Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts