I had this problem. In Tools> Folder options > View - hidden files and folders
The
Show hidden files and folders not working - after virus attack (heap41a svchost.exe)
This is how you get the settings back to normal.
First take
Start > Run >
Type regedit in the Run box and click OK
The Registry editor opens up (See the image below)
Follow the steps in the animation below to get back the folder options to normal to see hidden files.
Browse to HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\
CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL
Change the value of CheckedValue from 0 to 1
Cleaning the pen drive right click options :
Browse to HKEY_CURRENT_USER\Software\Microsoft\Windows\
CurrentVersion\Explorer\MountPoints2
Delete all the long keys ( which look like {DGF53-353b3gg3-353523-3g523g} ) there.
Still having problems with this “Orkut is banned” virus ” ??
First make sure that the virus is completely removed from the computer.
How to remove “Use Internet Explorer you dope, I dnt hate Mozilla but use IE`r OR ELSE…” svchost.exe heap41a virus
http://www.fundazone.com/2007
Then go to :
Start >Run >
Type regedit
Browse to HKEY_LOCAL_MACHINE\Software
CurrentVersion\Explorer
Change the value of CheckedValue from 0 to 1
Take My Computer > Tools > Folder Options
Change the setting to show hidden files and folders
Apply and check again.
If it doesn’t work, there is another setting in the registry maybe in HKEY_USERS or HKEY_CURRENT_CONFIG or even HKEY_CURRENT_USER which overrides this setting.
I’ll try to find out where it is (I came across such a problem earlier and I found that key by luck) The key is in a similar place like this \Software\Microsoft\Windows\ CurrentVersion\Explorer
only that the beginning is different.
I’ll post it here when I find it. If anybody knows where it is, please do reply http://www.fundazone.com/2007
It’s a relatively new virus, so most antivirus softwares are not able to detect and delete it.
To remove the virus completely, first you have to end the process svchost.exe belonging to the current user (i think you were able to do that and it worked). But then, the virus files are still hidden in your computer in two places.
In C:\heap41a and in temporary folder.
A trick to get to these folders :
Start > Run
Type C:\heap41a . Click OK
Now, you should be able to see and delete the virus files
Second location (temporary files)
Start > Run
Type %temp% . Click OK
Here, you see the virus files it used to enter the computer.
3 comments:
Seriously thanks for your info. This info really help me out from this problem :)
Yup, me too. thanks so much for the info. i deleted all the long keys and viola! there goes all my files i thought i have lost already. Thanks so much. You're an angel!
Hey swamy this is Pankaj
Thanks for your solutions but It didn't worked yaar.
The explorer folder is missing in Policies folder in my pc's Registry
Also the command
C:\heap41a in RUN didn't worked
error message pops up showing
windows cannot find the specified path.
Please help, I am afraid that am I hit by any virus. please mail me your possible solution at dhapolapankaj@gmail.com
I'll be more than happy.
Thanking you
Pankaj
Post a Comment