TechSpot

Drives acting as unknown files. help needed

By sfactor
Mar 28, 2007
  1. Hello every1


    I am new here. well i have a problem and need ur help. i am using win xp pro sp2. i had a virus or a Trojan to be precise in an exe svchost.exe in c:\windows\ . i know dat real svchost is in system32. so i tried to remove it with trend micro internet security 2007 with latest updates. instead of removing it. it was quarantined. now the problem is dat all my drives act as an unknown file. in "My Computer" when i double click on C:\ (or any other drive) "C:\ open with" pops up. they work fine when opened with windows explorer but direct opening is not possible. any help would be much appreciated.


    Thank you
    SFACTOR
     
  2. Liquidlen

    Liquidlen TechSpot Paladin Posts: 1,094

    Welcome to Techspot!
    If you are sure that you removed the virus properly(Try another brand of remover, Symantec ,etc)
    You may try to install an older system restore if you have one availible from prior to the infection.
    Otherwise a Clean re-install is probable your best alternative.
    Good time to look for, and implement a good back up plan!!!
     
  3. AnselRoe

    AnselRoe TS Rookie

    Should download and use AVG free antivirus...

    Use the System Restore to jump back to before using Trend Micro...

    or further back ... before the Virus...
     
  4. Po`Girl

    Po`Girl TS Rookie Posts: 595

    The following is a modified version of the last post HERE


    1.Open My Computer and go to Tools/FolderOptions/View tab

    and check the box "Show hidden files and folders"


    2.Go into the root folder of all the affected drives and delete

    any autorun.inf file you see there.


    3.Then navigate to this key is system registry: HKEY_CLASSES_ROOT\Drive

    Click on the Drive folder in the right pane this is what it should say

    Name---------------TYPE--------------DATA

    (Default)-----------REG_SZ----------none


    After that expand the Drive folder and click on 'Shell'.
    In the right pane it should say the same as given above.
    If it is not then modify it according to the above info and restart your system.

    Expand "Shell" and click on Find. This is what it should say

    NAME-------------------- TYPE--------------- ----DATA

    (Default)------------------ REG_SZ-------------- (value not set)

    Supressionpolicy------ REG_DWORD----- 0*00000080 (128)


    Click on the "open" folder underneath the "find " folder. This is what is should say

    NAME--------------- TYPE-------------- DATA

    (Default)------------- REG_SZ ---------(value not set)
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...