When I attached my pen drive...it had some virus.
I use Nod32.
From its log virus names were...

Win32/Sohanad.NAK worm
VBS/Pica.NAA.virus

1/19/2008 12:23:23 AM Real-time file system protection file I:\New Folder.exe Win32/Sohanad.NAK worm cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\WINDOWS\Explorer.EXE.

1/9/2008 7:09:21 PM Real-time file system protection file I:\.MS32DLL.dll.vbs VBS/Pica.NAA virus deleted - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\WINDOWS\system32\wscript.exe.

At first when virus was detected...all my applications closed and my pc restarted.
After restarting I deleted virus from quartine....cleared temp, deleted all cookies, cache, scanned with spyware. And then again restarted and removed my pen drive.

But after that problem started...now I can't see hidden files, task manager closes within a sec. and I think there might be many more things which I didn't discovered.

Any solution?

Have you done any basic troubleshooting yet?

Turn off system restore if XP.
Boot into safemode
Scan for Viruses
etc.?

Let me try these.

man the pen drives are turning the way like the old diskettes were. Since don't need a special wrting process like CD/DVD need the virus can be picked up pretty easy on them and infect a machine

If that way in the computers at my work since are used to make graphical designs for the clients they get infected constantly I chek antivirus log and most infections are from usb pen drives even more that the NET and then they call me to fix them

You should do what was suggested scan with several porgrams in safe mode. maybe you could need to install other avs temporally to clean the virus disabling the other of course. i also have used NOD32 and somtimes detect some virusese but sometimes fail to move them to the quarentine

You if case that could be one of those virused difficult to remove And if you can realize what are the source files where the virus install you can also boot some Linux Live cd, mount you win partition and delete manualy the files from there

Have you done any basic troubleshooting yet?

Turn off system restore if XP.
Boot into safemode
Scan for Viruses
etc.?

tried these...still prob remains.

When I click on show hidden files > OK.
Again it comes to Do not show hidden and system files.
Also pressing ctrl+alt+del show windows task manager just for a sec and dissappears.:blacno

Linux is a bit longer process....I will need to download linux live cd for that.

Wonder how Nod32 couldn't stop it from spreading and affecting!:blacno

Any other idea?

It's been 14 minutes since you stated you were going to do those steps, I can't believe that the virus scan completed already. If it did, you have a VERY small harddrive, or a crappy AV program.

Go To:
free.grisoft.com
Download and install AVG.
Update
Download and install AVG AS
Update
Restart in safe mode
Run scans
Remove and make note of any infections
Restart in safe mode again (Important)
Run scans
If any infections are still there, let us know.

This should take a few hours.

I only scanned drive C: which has windows xp. I have 250gb hdd...would take hrs to complete.

Its night here 2.25 am.
Going 4 sleep. will do these steps in morning and let u know.
GN.

Its night here 2.25 am.
.
GN.

Sorry if this too offtopic and I know is not about the virus problem but man how the time changes between the regions we are from

It's 3:04 p.m here where I live

It's been 14 minutes since you stated you were going to do those steps, I can't believe that the virus scan completed already. If it did, you have a VERY small harddrive, or a crappy AV program.

Go To:
free.grisoft.com
Download and install AVG.
Update
Download and install AVG AS
Update
Restart in safe mode
Run scans
Remove and make note of any infections
Restart in safe mode again (Important)
Run scans
If any infections are still there, let us know.

This should take a few hours.

Make sure to remove the old A/V program first - otherwise, they'll fight each other and bring your computer to a crawl

I only scanned drive C: which has windows xp. I have 250gb hdd...would take hrs to complete.

Its night here 2.25 am.
Going 4 sleep. will do these steps in morning and let u know.
GN.

Scan overnight (while you sleep)

***doing it now.

Make sure to remove the old A/V program first - otherwise, they'll fight each other and bring your computer to a crawl



Scan overnight (while you sleep)


When I need more than one AV I just block the services from the other one with the msconfig.exe to avoid both running at the same time

When I need more than one AV I just block the services from the other one with the msconfig.exe to avoid both running at the same time

What's the point? Too much hassle, in my opinion - just pick one good A/V and be done with it. Avoid going to dodgy websites, and you'll be pretty set (I hardly get any malware on my computer - McAfee Enterprise 8.5i daily, Windows Defender daily, Spybot S&D weekly, and Windows Fireall).

Well I don't do it always. Only when certain av fail to detect some virus even when updated that has happened me sometimes but generally happens on of pcs of others not mine but not always and I don't see it that difficult disabling the services is generally fast to realize how

Anyways Ithis moments I shouldn't be infected of nothing wither I have't booted into Windows like in 3 weeks now

Stick to one AV and use online scans if you feel sometihng is wrong and your current never picked it up, would that not be a good idea?

That's a good idea in theory. However, no antivirus software will keep you 100% protected. Sometimes you need to us a different program.

yeah that have actully happened sometimes and happened again not so long ago with my sister's husband laptop in december

I had some behaviour that the windows explorer was constantly freezing and hanging so i though must be virus and that was And also the virus crapped off the file access permissions ( a feature Vista now has like Unix systems has since long time ) His files couldn'tbe configured the access as permit the laptop to he access and sometimes didn't permit create new folders on certain areas of his hd . The machine had NOD32 I updated it and made full scan. Nothing found. Then i used Avira Antivir instead, found a virus in \System Volume Information and other areas and i could clean the damned virus then I created and new account on his laptopn moved his personal files and the pernmissions problem finally gone

another good a/v program is spybot search & destroy (http://www.download.com/Spybot-Search-Destroy/3000-8022-10122137.html)try that.

OK now I have scanned my hdd in safe mode...took about 5hrs.
Then again I scanned in normal mode...finished in an hour.

Following viruses/trojans/worms were detected...
Win32/Sohanad.NAK worm
VBS/Pica.NAA
Backdoor.Trojan
Trojan Horse
W32.Blackmal.E@mm
W32.IRCbot
W32.Ceted

Now I can view my windows task manager which was disappearing b4 within a sec.
But I still can't see hidden files! I click on show hidden & system files > OK....it returns back to Do Not show hidden & system files.
I think its corrupted my system files.

How can I see my hidden XXX hot files again. :p

Also imp: I m worried now about my pen drive which still contains viruses. How should I clean it up. I am scared to plug it in again.

OK now I have scanned my hdd in safe mode...took about 5hrs.
Then again I scanned in normal mode...finished in an hour.

Following viruses/trojans/worms were detected...
Win32/Sohanad.NAK worm
VBS/Pica.NAA
Backdoor.Trojan
Trojan Horse
W32.Blackmal.E@mm
W32.IRCbot
W32.Ceted

Now I can view my windows task manager which was disappearing b4 within a sec.
But I still can't see hidden files! I click on show hidden & system files > OK....it returns back to Do Not show hidden & system files.
I think its corrupted my system files.

How can I see my hidden XXX hot files again. :p

Also imp: I m worried now about my pen drive which still contains viruses. How should I clean it up. I am scared to plug it in again.

Take my advice man If you are so afraid get some Linux Live CD mount your usb pen drive. viruses rarely gonna do something there.. Copy ONLy your personal files (doc jpg music,etc taking care of not copy the files tat could have the virus those virus could be generally .exe, bat,inf etc another memory or something. Then with all need backed up format the pen drive to FAT32 and virus gonefor example I have some I have a pen drive that some guy wanted i restore some deleted documents thepen drive have some files that had virus r the name of the virus but the files were something u.bat, autorun.inf. a fthings like that when put that pen drive on my Linux partition they didn't do nothing to me or you could simply delete those files from the memory just write in a paper virus filenames the av detected and deleted themn if you still are afraid just do the first advice formating the pen drive and done

Not something that difficult

And for hidden files problem maybe the virus messed something in the registry. Try making a new account with admin privilegies If works after that move your personal files to that account

Your "hidden XXX files" are probably the source of your viruses.

Nope I don't download porn from internet nor do I visit such sites.

Opening new user account is good idea. Let me try this.

Can I format my pen drive from dos? I think it will be safe and easy. I mean not windows cmd...but from win98 startup disk cmd.

I can't see any hidden files with other user accounts also.:cry_ani:

Where are all the techies and Sham?

Can I format my pen drive from dos? I think it will be safe and easy. I mean not windows cmd...but from win98 startup disk cmd.

You should be able to format your USB key - just do it in My Computer ;)

Not if its the source of the viruses, the best way to do it would be to use a Live Linux bootable disc and format that way, you might also want to disconnect your harddrive if you do it that way.

In theory using DOS would work, but you would need a bootable disk with USB support and using DOS still doesn't neccesarily prevent the viruses becuase DOS can still see your harddrive which also goes for the viruses.

Using DOS? Real DOS mode you mean ? nah If some newer pen drives like kingston ones don't even have drivers for make them work on win 98 much less will have drivers to make it work on the old DOS prompt

I formatted my pen drive though normal xp...and its a success.
Now major problem still remains of hidden files not seen.
I have some of my downloads still pending...thats bcoz I m not installing new xp or backup.
I think virus affected sys files and they did there work. Now they are removed but sys files are not gone back to previous conditions. Thats why show hidden files settings permissions is not applied.
Any ideas how this can be made worked?

Try running a repair on the OS. This will reinstall all OS system files. With this method you will need to reinstall most programs.

1. Boot to Win XP CD
2. Enter Setup, NOT Recovery Console
3. When CD finds previous installation of Windows, tell it to repair installation.

I can do that but I don't want to loose my torrents which aren't completed and some other downloads...

Is there anything we can do with registry settings to make hidden folders/files view?

Not that I know of off hand. A repair only replaces the Windows system files, it won't mess with your torrents.

Hmm...I should try it.

have u tried a system restore, go back 1 or 2 days before u couldnt see the hidden files

I think somebody said turn off system restore while there was virus in pc...so I did. I can't roll back now and I don't think it would have worked as sys files are damaged.

I will repair win in 2,3 days after finishing all my downloading work.

I think somebody said turn off system restore while there was virus in pc...so I did. I can't roll back now and I don't think it would have worked as sys files are damaged.

I've successfully removed a trojan/virus by using the System Restore option :)

I will repair win in 2,3 days after finishing all my downloading work.

Personally, I think removing malware off your machine should be your #1 priority - but hey, that's just me ...

Yup I removed all malware, spywares...I know it attracts unwanted things.

Hope this helps.

Follow this link (http://www.sophos.com/security/analyses/w32sohanar.html) and go to the section that says advanced


Have info about the virus that infected you. As you the virus modify some registry entries in the system . maybe one of those is causing your hidden files problem

First remember to backup the registry first in case something goes bad


There is one that creates to run itself to run at the starttup. Delete that one from the registry

And the others((this is where i think could be affect you installation ) disables some system sotfware from windows. Try to change valor that the virus put as 1 to 0 to see if that make your system back to nornal

if it is registry related, try a reg cleaner

Ya it was a registry problem affected by virus. Cleaned and repaired registry...now sys working alright.

Thanx all of you for support.

http://img352.imageshack.us/img352/2070/thanksbj3.gif

Congrats :)

Also just for the record.
You can do these steps to repair any files changed by rouge installed files.

Step 1: Put in your windowsxp cd.
Step 2: Got to Start, then run, And type this in run.

sfc.exe /scannow

*There is a space between .exe and the /

It will take bit to run but leave it alone and it will repair any system file that is changed.
You will not have to reinstall your programs you use and windows system files are fresh again.


After this then you can continue to remove the perp.