TechSpot

Hidden Files Problem on Laptop

By Hedon
Apr 4, 2009
  1. My laptop still has the show hidden files disabled, i ran a lot of different anti virus softwares but nothing shows up. So attached are the logs from the 8 steps.

    HELP
     

    Attached Files:

  2. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    First of all, your AVG v7 antivirus is out of date. Version 8 is the most current. However, since it's not going to be updating, I suggest you install Avira or Avast and remove AVG:

    Avira: http://www.techspot.com/downloads/41-antivir-personal-edition.html
    OR
    Avast: http://www.techspot.com/downloads/223-avast-home-edition.html

    If the system will not allow this because of the malware, See if AVG will allow an update for now.

    Source: kritius:
    P2P Warning!

    Please do this while I am reviewing your logs. you have a great deal of malware and it's going to take a while.


    This thread is for the use of Hedon only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our Virus and Malware Removal Forum
     
  3. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    This is Step 2:

    Remove bad HijackThis entries
    • Run HijackThis
    • Click on the System Scan Only button
    • Put a check beside all of the items listed below (if present):
    Close all open windows and browsers/email, etc...
    • Click on the "Fix Checked" button
    • When completed, close the application.

    Boot into Safe Mode:
    Start> Run> msconfig> enter> Selective Startup> Startup Menu> UNCHECK all of the following if present:
    Start> Run> services.msc> double click on NipSvc> change Startup type to Disabled> Close

    Control Panel> Add/Remove Programs> Strongly suggest UNINSTALL all of the following:
    Reboot into Normal Mode: NOTE: you will get a nag message that you can ignore and close after checking 'don't show this message again.' Stay in Selective Startup.

    Download SDFix HERE and save it to your Desktop.
    * Double click SDFix.exe and it will extract the files to %systemdrive%
    (Drive that contains the Windows Directory, typically C:\SDFix)

    Boot into Safe Mode
    * Restart your computer and start pressing the F8 key on your keyboard.
    * Select the Safe Mode option when the Windows Advanced Options menu appears, and then press ENTER.

    Run SDFix
    Update and rescan with HijackThis. Attach new log and SDFix Report with next reply.

    (I did my best to find something reasonable about 'Anti-Mosquito'. But according to the publisher who has no information on the website: "("This is a pro that will drive the mosquitoes away fast."
    BS Editor: This pro produces sound in the range of 16000Hz to 20000Hz which is beyond the audible range of the humans.Pets and other animals can
    This sound produces an undesirable effect on the mosquitos and other pests thus restrains them from..).
     
  4. Hedon

    Hedon TS Rookie Topic Starter Posts: 21

    thanks for the time taken to review and provide a solution, i have removed most of the software mentioned and repaired the Hijack errors, by doing which my hidden files are shown again.

    But i will continue with what you have mentioned and revert with the logs ASAP.

    Thanks again for the help.
     
  5. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Please don't start any new thread concerning this same matter. Along the way, this is what happened:
    Let's get some focus on this because at this point I have gone berserk!

    Tell me EXACTLY what you do to try and 'show hidden files and folders.'
    Give me the exact path from start to finish.


    You had an enormous amount of junk on the system! A program to emit a sound to keep mosquitoes away- ya gotta to be kidding! Plus the risky P2P and 'no file' entries. It would appear that whatever you've done, you have done wrong.
     
  6. Hedon

    Hedon TS Rookie Topic Starter Posts: 21

    that is another system and the laptop belongs to my wife which is currently having the hidden folder issue. The system mentioned on the other thread has been formatted and sold and i bought a new Aser system.

    Also the hardisk issue is in another system, a friend of mine was unable to fix it, I am in the process of trying to learn more on this stuff so i stepped in to fix it.

    So lets get to the laptop, i deleted and uninstalled all the crap you told me to.

    please find the logs attached
     
  7. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    I listed and put in BOLD the previous threads because you said you are having the same problem with hidden files on another computer.

    Well, some of the 'crap' is still there!
    1. You did not get a current updating antivirus program.
    2. You still have a program that is buzzing mosquitoes.
    3. You are still using the P2P Ares program
    4. You still have SweetIM running

    And you did not give me this information:
     
  8. Hedon

    Hedon TS Rookie Topic Starter Posts: 21

    Sorry i posted the log before i did most of that, i was able to get the mosquito thing out.

    To see the hidden folders i go to tools and folder options and check the see hidden files and folders button but the laptop hides it again automatically, i read from somewhere that this is due to a virus.

    i will post the logs again later and thank you again for your time.
     
  9. Hedon

    Hedon TS Rookie Topic Starter Posts: 21

    hello sorry for the delay, here are the logs again after i removed the items you told me to.

    please analyze and let me know what to do next, also i really appreciate the support.
     
  10. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Okay, I'd like to keep this going until you're clean. There is too much time in between and you're getting new malware.

    Mbam found and hopefully removed this:
    Worm.Brontok
    The Brontok worm is a computer worm that affects computers running Microsoft Windows. It spreads by sending itself to email addresses harvested from the affected computer.
    It arrives as an attachment of e-mail named kangen.exe ("kangen" word itself means "I miss you so much"). When Brontok is first run, it copies itself to the user's application data directory.

    You need to be aware of opening attachments. IF you don't know the attachment is coming, IF you don't know what's in it, IF you don't know someone specific is sending it, Do NOT open it.

    I think the problem(s) you having is because the system isn't configured correctly. IO may regret saying this but usually I groan when I open logs that go on for several screens. But in your case, the HijackThis log-again-doesn't look 'normal'

    You have no 016 entries: these are for Active X Objects for downloaded program files. Some of the processes that would be in these entries are:
    Java
    Shockwave flash
    Adobe
    These are "normal" entries. If you have the program installed but don't have the add-ons enabled, they won't work.

    You need to reinstall this program: Please try to reinstall over the current installation. I don't want you to do an uninstall first because the modem needs it to start. Hopefully the reinstall will correct the entry:
    I strongly suggest you delete and/or uninstall this:
    Remove bad HijackThis entries
    • Run HijackThis
    • Click on the System Scan Only button
    • Put a check beside all of the items listed below (if present):
    • Close all open windows and browsers/email, etc...
    • Click on the "Fix Checked" button
    • When completed, close the application.

    Boot into Safe Mode:
    Start> Run> msconfig> enter> Selective Startup> Startup tab> UNCHECK any of the following if present:
    Smilebox
    Control Panel> Add/Remove Programs> Uninstall any Smilebox entry

    Right click on Start> Explore> Windows system32> right click> Delete on these files if present:
    n8127
    c.bron.tok.txt
    getdomlist.tx


    Reboot into Normal Mode. Ignore the nag message and close after checking "don't show this message again." Stay in Selective Startup.

    Please review the settings for your Services using this site as you guide:
    http://www.blackviper.com/WinXP/servicecfg.htm

    There may be a slight difference as this is for SP3.

    As for the hidden files going back into hiding, it is possible the Worm is responsible. Have you run a full system scan with Avast?
     
  11. Hedon

    Hedon TS Rookie Topic Starter Posts: 21

    Thanks Bobbye, will do the needful and post again as soon as i can. The hidden file seems to be ok now after a couple of scans and cleaning. However there are still some serious issues from what i read from your post.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...