Worm attack!!!
Solved/Closed
Anabastha
-
Aug 22, 2010 at 09:07 AM
jack4rall Posts 6428 Registration date Sunday June 6, 2010 Status Moderator Last seen July 16, 2020 - Apr 15, 2013 at 06:52 PM
jack4rall Posts 6428 Registration date Sunday June 6, 2010 Status Moderator Last seen July 16, 2020 - Apr 15, 2013 at 06:52 PM
Related:
- Worm attack!!!
- Timez attack - Download - Children
- Url interpretation attack - Guide
- Wall worm italy - Home - Apps & Sites
- Xvideos.com xvideoservicethief 2019 linux ddos attack online free download ✓ - Linux/Unix Forum
- Free Linux OS CD ✓ - Linux/Unix Forum
3 responses
jack4rall
Posts
6428
Registration date
Sunday June 6, 2010
Status
Moderator
Last seen
July 16, 2020
Aug 22, 2010 at 10:14 AM
Aug 22, 2010 at 10:14 AM
Hello,
Check whether the files are not in hidden mode.
Click on "Start" -->Run-->type cmd and click on OK.
Command Prompt will be opened.
Here I assume your external hard drive letter as G:
Enter this command.
attrib -h -r -s /s /d g:\*.*
Press Enter.
Note : Don't forget to replace the letter g with your external hard drive letter.
Now check for your files in external hard drive.
After that, download the Malwarebytes' Anti-Malware from the below link
https://ccm.net/downloads/security-and-maintenance/4621-malwarebytes-anti-malware/
Update it --> Perform "Full Scan"
Note : Default selected option is "Quick Scan".
Good Luck.
Check whether the files are not in hidden mode.
Click on "Start" -->Run-->type cmd and click on OK.
Command Prompt will be opened.
Here I assume your external hard drive letter as G:
Enter this command.
attrib -h -r -s /s /d g:\*.*
Press Enter.
Note : Don't forget to replace the letter g with your external hard drive letter.
Now check for your files in external hard drive.
After that, download the Malwarebytes' Anti-Malware from the below link
https://ccm.net/downloads/security-and-maintenance/4621-malwarebytes-anti-malware/
Update it --> Perform "Full Scan"
Note : Default selected option is "Quick Scan".
Good Luck.
hi jack,
firstly thank you so much for your help...
i tried everything you had told me....using d command prompt shows me all my files and folders back but the shortcuts remain. These i deleted and then did a complete scan with malware who after the scan asked me to restart, but on restarting d shortcuts were back again and my files and folders were again hidden.
So i assume that the virus/worm is still there.
firstly thank you so much for your help...
i tried everything you had told me....using d command prompt shows me all my files and folders back but the shortcuts remain. These i deleted and then did a complete scan with malware who after the scan asked me to restart, but on restarting d shortcuts were back again and my files and folders were again hidden.
So i assume that the virus/worm is still there.
jack4rall
Posts
6428
Registration date
Sunday June 6, 2010
Status
Moderator
Last seen
July 16, 2020
Aug 22, 2010 at 04:09 PM
Aug 22, 2010 at 04:09 PM
Hello,
Try this 1.
1)Disable the autoplay.
Click on Start --> Run --> type gpedit.msc and click on ok. Now navigate to this location.
Double-click on "Computer Configuration" --> Administrative Templates ---> System.
Double-click on "Turn autoplay off" option and select the option "Enabled" --> OK. close that window. Now logoff and logon into your account.
2)Copy the text starting from "REGEDIT4" upto @="@SYS:DoesNotExist" ---> open notepad -->
paste it ---> save the file as fix.reg
Note : Don't forget the extension reg.
Now double click on fix.reg ---> Click on OK.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf]
@="@SYS:DoesNotExist"
Note : After following the step 2, whenever you place any autoplay cd all you have to do is go to my computer --> open the cd drive ---> you have to double click on the setup file in future.
3)Update your antivirus and scan your PC first. Then connect your external harddrive & scan it.
Good Luck.
Try this 1.
1)Disable the autoplay.
Click on Start --> Run --> type gpedit.msc and click on ok. Now navigate to this location.
Double-click on "Computer Configuration" --> Administrative Templates ---> System.
Double-click on "Turn autoplay off" option and select the option "Enabled" --> OK. close that window. Now logoff and logon into your account.
2)Copy the text starting from "REGEDIT4" upto @="@SYS:DoesNotExist" ---> open notepad -->
paste it ---> save the file as fix.reg
Note : Don't forget the extension reg.
Now double click on fix.reg ---> Click on OK.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf]
@="@SYS:DoesNotExist"
Note : After following the step 2, whenever you place any autoplay cd all you have to do is go to my computer --> open the cd drive ---> you have to double click on the setup file in future.
3)Update your antivirus and scan your PC first. Then connect your external harddrive & scan it.
Good Luck.
asiantrd786
Posts
1
Registration date
Monday April 15, 2013
Status
Member
Last seen
April 15, 2013
Apr 15, 2013 at 03:55 PM
Apr 15, 2013 at 03:55 PM
same problem i am facing with my external hard drive. when i open my folders shows error .scr mean virus is there? i disable auto run but when i make fix.reg file and try to open that again i receive error there. cannot import d:\fix.reg: the specified file is not a registry script. you can only import binary registry files from within the registry editor.
jack4rall
Posts
6428
Registration date
Sunday June 6, 2010
Status
Moderator
Last seen
July 16, 2020
Apr 15, 2013 at 06:52 PM
Apr 15, 2013 at 06:52 PM
Hello asiantrd786,
Try this 1
Try the below given manual method.
Click on Start --> Run --> Type regedt32 and press Enter. "Registry Editor" will be opened.
First backup your registry by going to "File --> Export". Save the file with any name in your desired location. Now at the left, navigate to the below location.
HKEY_LOCAL_MACHINE --> SOFTWARE --> Microsoft --> Windows NT --> CurrentVersion --> IniFileMapping. Now under "IniFileMapping" look for the "Autorun.inf". If it doesn't exist then right-click on the "IniFileMapping" --> Click on "New" --> Key. Now enter the key name as Autorun.inf. Now make sure that "Autorun.inf" is selected, on the right side double-click on the "Default" and enter the value data as @SYS:DoesNotExist and click on OK.
Good Luck
Try this 1
Try the below given manual method.
Click on Start --> Run --> Type regedt32 and press Enter. "Registry Editor" will be opened.
First backup your registry by going to "File --> Export". Save the file with any name in your desired location. Now at the left, navigate to the below location.
HKEY_LOCAL_MACHINE --> SOFTWARE --> Microsoft --> Windows NT --> CurrentVersion --> IniFileMapping. Now under "IniFileMapping" look for the "Autorun.inf". If it doesn't exist then right-click on the "IniFileMapping" --> Click on "New" --> Key. Now enter the key name as Autorun.inf. Now make sure that "Autorun.inf" is selected, on the right side double-click on the "Default" and enter the value data as @SYS:DoesNotExist and click on OK.
Good Luck
