Saturday, January 10, 2009   
  Search   
 
 
Register  Login  
Forums  
     Minimize  

Welcome to MeraWindows forums.

Thank you for being at the Microsoft Windows Community Site. You may have to register before posting in forums. It's absolutely free. After registering, you can get all the benefits available to our registered members, you can access our Downloads section, you can participate in contests, etc. You can post in forums in English as well as in Hindi, in fact we encourage you to use Hindi in your posts. If you have any problem with registration or login, please contact us.
     
  


 
  Microsoft Windows Forums  Other Windows V...  Windows XP  Windows Xp Problem.
Previous Previous
 
Next Next
New Post 6/19/2008 2:41 PM
User is offline Dinjo
1 posts
Member


Windows Xp Problem. 

Hi All,

I'm facing a problem where whenever i press Ctr + Alt + Del the task manager comes up and disappears and also not able to view any hidden files , even after enabling the option of show hidden files.

Is it some kind of trojan horse.

 

 
 
New Post 6/19/2008 5:06 PM
User is offline devil_himself
2 posts
Member


Re: Windows Xp Problem. 

For Hidden Files Problem Check This Out

http://forums.techguy.org/windows-nt-2000-xp/638788-hidden-files-not-showing.html

==

Download HJTInstall.exe to your Desktop.

http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe

    * Doubleclick HJTInstall.exe to install it.
    * By default it will install to C:\Program Files\Trend Micro\HijackThis .
    * Click on Install.
    * It will create a HijackThis icon on the desktop.
    * Once installed, it will launch Hijackthis.
    * Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
    * Copy/Paste the log to your next reply please.

Don't use the Analyse This button, its findings are dangerous if misinterpreted.
Don't have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.

==
 
New Post 6/19/2008 5:53 PM
User is offline Vasu Jain
3078 posts
www.cyberDimensions.blogspot.com
Distinguished Member




Re: Windows Xp Problem. 

thats a very common situation if u use infected pendrives ...they spread this trojan faster...you can use trojan cleaners avail on net and for uture usesome gud antivirus lik nod32....

"There are only '10' types of ppl in dis world. Those who understand BINARY and those who dont."

 
New Post 6/19/2008 10:38 PM
User is offline Ramesh Kumar
2872 posts
www.itsmyWindows.com
Forum Guru








Re: Windows Xp Problem. 
Modified By Ramesh Kumar on 6/19/2008 10:51:12 PM)

Welcome to MeraWindows Community


Your computer is infected with a virus Worm.P2P.generic & Trojan.generic....You must scan with an good antivirus, I recommed NOD32 and Bitdefender.
Well you can do yourself too!

Follow these steps:
1) Restart the comp in “Safe Mode with Command Prompt”
2) Now type following commands
reg delete HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v Runonce
reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL /v CheckedValue /t REG_DWORD /d 1
reg add “HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon” /v Shell /t REG_SZ /d Explorer.exe
del %windir%\autorun.inf
del %windir%\smss.exe
del %windir%\killer.exe
del "%windir%\Funny UST Scandal.exe"

Run these commands for all drives from root of drive
atttrib -h -s -a -r *
del autorun.inf
del smss.exe
del "Funny UST Scandal.avi.exe"

Delete lsass.exe from startup folder too.

it's my Windows
 
New Post 6/19/2008 11:22 PM
User is offline SuperUser Account
-23 posts
Member


Re: Windows Xp Problem. 

A killer.exe is running which kills ur taskmanager as you start it. And your hidden files are also not visible as u enable them via folder options or via cmd they automatically get hidden as soon as you unhide. Your PC is affected and a maliciouscode running which resets option of hidden files to do not show hidden files. 

First try to kill the malicious process running behind using cmd if possible ( it may not as it will be also killed) or try via "safe mode".

Then search for autorun.inf @ root of each partition o your hard drive. See name of file which it executes and delete both files from each partition by removing attributes ( hidden, read only, system file) via commad prompt:

> attrib -s -h -r autorun.inf

>type autorun.inf

Search for name of file which it executes and then delete both as:

> attrib -s -h -r "file name"

>del "file name"

>del autorun.inf

 

Search for file name in %systemroot% , %systemroot%/system , and %systemroot%/system32 and follow steps as done for autorun.inf and delete filesif found.

Search in registry in following paths:

> HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run

> HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-

> HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce

> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-

> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx

and delete entries if found for some malicious files or programs.

Also search in whole Registry and at mount points and delete entries.

Navigate to following registry path:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows

and look for String "Userinit" and check it have value :C:\Windows\system32\userinit.exe, 

and it must not have extra appending code, if have then edit it and delete only that extra part.

 

Now unhide your files:

Navigate to:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced

and set value of following strings as given:        

String                   Value

Hidden                         1

ShowSuperHidden   1

SuperHidden              0

Paste following in Notepad:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Advanced\Folder\Hidden]
"Text"="@shell32.dll,-30499"
"Type"="group"
"Bitmap"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,\
  00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,00,\
  68,00,65,00,6c,00,6c,00,33,00,32,00,2e,00,64,00,6c,00,6c,00,2c,00,34,00,00,\
  00
"HelpID"="shell.hlp#51131"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Advanced\Folder\Hidden\NOHIDDEN]
"RegPath"="Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced"
"Text"="@shell32.dll,-30501"
"Type"="radio"
"CheckedValue"=dword:00000002
"ValueName"="Hidden"
"DefaultValue"=dword:00000002
"HKeyRoot"=dword:80000001
"HelpID"="shell.hlp#51104"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Advanced\Folder\Hidden\SHOWALL]
"RegPath"="Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced"
"Text"="@shell32.dll,-30500"
"Type"="radio"
"CheckedValue"=dword:00000001
"ValueName"="Hidden"
"DefaultValue"=dword:00000002
"HKeyRoot"=dword:80000001
"HelpID"="shell.hlp#51105"

Now save it as "ak.reg" and merge it by double clicking. Now your hidden files are easily visible. Use aome good antivirus so that you will remain secure from any virus or trojan.

Try for 30 day trial: http://www.eset.com/download/free_trial_download_eav.php
 
 Page 1 of 1
Previous Previous
 
Next Next
  Microsoft Windows Forums  Other Windows V...  Windows XP  Windows Xp Problem.


   Get Your Own E-Mail Account @MeraWindows.com Minimize  
New Page 1 New Page 1
Show your cool quotient with @merawindows.com email account
     
  
 
 
Terms Of Use   Privacy Statement  
© 2008 MeraWindows.com