-1

I recently got a virus on my computer that has hidden all my files. I've tried to get rid of the virus using unhide.exe/RKill/ Spybot Search & Destroy/HouseCall/Malwarebytes, and it may have got rid of it, but the files on my computer are still missing. I know they are there because I used IObit Uninstaller, and it shows all the files still there, but I can't find them.

I tried opening cmd as administrator and typed the attrib command suggested by somebody to unhide all the files, but it gives me access denied, even though I am administrator and right-click to run as administrator. I right-clicked cmd and went to Properties, went to the Security tab, and I can see all the files, but one user has full control and that's TrustedInstaller. Admin/users and even SYSTEM are unable to be changed, it's all grayed out.

I was wondering if someone could help me to change security with the cmd, so I can unhide all my files, or if there is an easier way to do it?

karel
  • 13,390
  • 26
  • 45
  • 52
Chase
  • 1
  • 3
    possible duplicate of [How do I get rid of malicious spyware, malware, viruses or rootkits from my PC?](http://superuser.com/questions/100360/how-do-i-get-rid-of-malicious-spyware-malware-viruses-or-rootkits-from-my-pc), [How do I clean up virus induced hidden files and disabled everything?](http://superuser.com/questions/377309/how-do-i-clean-up-virus-induced-hidden-files-and-disabled-everything) – Ƭᴇcʜιᴇ007 Nov 24 '13 at 22:37

1 Answers1

0

After a virus or Malware infection you are advised to do a system format. The reason behind this is due to uncertainty about what leftovers are left behind.

My advice is:

  1. Get a linux Live CD and backup your data.
  2. Scan your data using an antivirus from within linux.
  3. Format your affected hard drives and install your OS.
  4. After all software is installed, OS is updated with the most recent security updates and is shown to be stable, proceed to step 5.
  5. Place your data back where it was in the first place.

note: keep regular backups of your sensitive data.

Lorenzo Von Matterhorn
  • 2,295
  • 1
  • 20
  • 20
  • Hi Thanks im a bit short on funds at the moment. This laptop was purchased 2nd hand online about a year ago, all was good untill kids got on it. I have no OS disk. Do you know why I cant change security permissions in command prompt? – Chase Nov 24 '13 at 22:22
  • Your system is compromised, to what extend i do not know. in any case it is strongly adviseable to backup all you can and format it. regarding the Windows product key: is it glued to the bottom of the laptop? if it is not, there is software out there that is capable of recovering keys in use. – Lorenzo Von Matterhorn Nov 24 '13 at 22:25
  • Alright I have no idea how to format it. The windows key on the bottom says windows vista and its currently windows 8. Thanks. Also I cant access PC settings, that file has been hidden aswell. I can get into control pannel and my computer though if that helps. – Chase Nov 24 '13 at 22:30
  • In that case, download a MSDN .iso file of the Vista version described on the sticker and use that same key. Were you not supplied with a windows 8 key when you purchased the laptop? - thats a major flaw. – Lorenzo Von Matterhorn Nov 24 '13 at 22:33
  • Nope, it was a good deal for the hardware that it come with. I thought i would never need to do this but kids must have closed all the warnings from all my antiVs i have on there an downloaded whatever it is that they downloaded. But ok I will try download what you have suggested. Thanks – Chase Nov 24 '13 at 22:37