瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 【【【求助,高手指点迷津】】】

1   1  /  1  页   跳转

[求助] 【【【求助,高手指点迷津】】】

【【【求助,高手指点迷津】】】

我的移动硬盘【NTFS】之前中了一个病毒,文件夹全部变成.exe扩展名的了,后来被瑞星杀掉,但是所有的文件夹看不到了,我已经用过所有论坛里的去隐藏的方法,还是不行。
但是文件还在,比如我在H:\下看不到东西,但是输入H:\NET就可以打开并且使用里面的软件,到底怎么办?求高手指点迷津。

用户系统信息:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
分享到:
gototop
 

回复: 【【【求助,高手指点迷津】】】

1、下载附件;
2、解压缩;
3、看说明和附图,如果只需恢复移动硬盘中被隐藏的文件夹,就取消其他驱动器的勾选;
4、按要求运行kill_folder.exe,尝试恢复。

附件附件:

下载次数:159
文件类型:application/octet-stream
文件大小:
上传时间:2010-4-26 23:07:33
描述:rar

打酱油的……
gototop
 

回复:【【【求助,高手指点迷津】】】

已经用过所有论坛里的去隐藏的方法

不可能吧??

下载FileTools工具(支持xp系统以及Win7系统)内附操作说明图
附件:FileTools.rar (右键选择“目标另存为”下载)本链接不支持迅雷等下载工具下载
运行工具,依路径打开磁盘,找隐藏的文件夹,右键菜单内选择恢复隐藏属性试试。
百年以后,你的墓碑旁 刻着的名字不是我
gototop
 

回复: 【【【求助,高手指点迷津】】】

额。。。全用了都不好使?
怎么看你的描述看着像数据流那个呢
用附件的工具试试看

附件: U盘专杀.rar (2010-4-27 0:35:20, 499.17 K)
该附件被下载次数 146

感染不是你的错
不能修复就是你的不对了
遇到问题请附截图和sreng日志
gototop
 

回复:【【【求助,高手指点迷津】】】

使用winzip或者winrar打开试试
gototop
 

回复:【【【求助,高手指点迷津】】】

复制以下文件到文本文档里,并以reg为后缀保存之。
运行它,接着全部选是或者确定!
在工具-查看里显示隐藏文件和隐藏文件前面都打钩,确定即可!!
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"TaskbarSizeMove"=dword:00000000
"Start_ShowHelp"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder]
"Type"="group"
"Text"="@shell32.dll,-30498"
"Bitmap"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,\
  00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,53,00,\
  48,00,45,00,4c,00,4c,00,33,00,32,00,2e,00,64,00,6c,00,6c,00,2c,00,34,00,00,\
  00
"HelpID"="shell.hlp#51140"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\ClassicViewState]
"Type"="checkbox"
"Text"="@shell32.dll,-30506"
"HKeyRoot"=dword:80000001
"RegPath"="Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced"
"ValueName"="ClassicViewState"
"CheckedValue"=dword:00000000
"UncheckedValue"=dword:00000001
"DefaultValue"=dword:00000000
"HelpID"="shell.hlp#51076"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\ControlPanelInMyComputer]
"RegPath"="Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\HideMyComputerIcons"
"Text"="@shell32.dll,-30497"
"Type"="checkbox"
"ValueName"="{21EC2020-3AEA-1069-A2DD-08002B30309D}"
"CheckedValue"=dword:00000000
"UncheckedValue"=dword:00000001
"DefaultValue"=dword:00000001
"HKeyRoot"=dword:80000001
"HelpID"="shell.hlp#51150"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\DesktopProcess]
"Type"="checkbox"
"Text"="@shell32.dll,-30507"
"HKeyRoot"=dword:80000001
"RegPath"="Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced"
"ValueName"="SeparateProcess"
"CheckedValue"=dword:00000001
"UncheckedValue"=dword:00000000
"DefaultValue"=dword:00000000
"HelpID"="shell.hlp#51079"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\DesktopProcess\Policy]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\DesktopProcess\Policy\SeparateProcess]
@=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\DisableThumbCache]
"Type"="checkbox"
"Text"="@shell32.dll,-30517"
"HKeyRoot"=dword:80000001
"RegPath"="Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced"
"ValueName"="DisableThumbnailCache"
"CheckedValue"=dword:00000001
"UncheckedValue"=dword:00000000
"DefaultValue"=dword:00000000
"HelpID"="shell.hlp#51155"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\FolderSizeTip]
"Type"="checkbox"
"Text"="@shell32.dll,-30514"
"HKeyRoot"=dword:80000001
"RegPath"="Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced"
"ValueName"="FolderContentsInfoTip"
"CheckedValue"=dword:00000001
"UncheckedValue"=dword:00000000
"DefaultValue"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\FriendlyTree]
"Type"="checkbox"
"Text"="@shell32.dll,-30511"
"HKeyRoot"=dword:80000001
"RegPath"="Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced"
"ValueName"="FriendlyTree"
"CheckedValue"=dword:00000001
"UncheckedValue"=dword:00000000
"HelpID"="shell.hlp#51149"
"DefaultValue"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden]
"Text"="@shell32.dll,-30499"
"Type"="group"
"Bitmap"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,\
  00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,53,00,\
  48,00,45,00,4c,00,4c,00,33,00,32,00,2e,00,64,00,6c,00,6c,00,2c,00,34,00,00,\
  00
"HelpID"="shell.hlp#51131"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN]
"RegPath"="Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced"
"Text"="@shell32.dll,-30501"
"Type"="radio"
"CheckedValue"=dword:00000002
"ValueName"="Hidden"
"DefaultValue"=dword:00000002
"HKeyRoot"=dword:80000001
"HelpID"="shell.hlp#51104"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]
"RegPath"="Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced"
"Text"="@shell32.dll,-30500"
"Type"="radio"
"CheckedValue"=dword:00000001
"ValueName"="Hidden"
"DefaultValue"=dword:00000002
"HKeyRoot"=dword:80000001
"HelpID"="shell.hlp#51105"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\HideFileExt]
"Type"="checkbox"
"Text"="@shell32.dll,-30503"
"HKeyRoot"=dword:80000001
"RegPath"="Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced"
"ValueName"="HideFileExt"
"CheckedValue"=dword:00000001
"UncheckedValue"=dword:00000000
"DefaultValue"=dword:00000001
"HelpID"="shell.hlp#51101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\NetCrawler]
"Type"="checkbox"
"Text"="@shell32.dll,-30509"
"HKeyRoot"=dword:80000001
"RegPath"="Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced"
"ValueName"="NoNetCrawling"
"CheckedValue"=dword:00000000
"UncheckedValue"=dword:00000001
"DefaultValue"=dword:00000000
"HelpID"="shell.hlp#51147"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\NetCrawler\Policy]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\NetCrawler\Policy\NoNetCrawling]
@=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\PersistBrowsers]
"Type"="checkbox"
"Text"="@shell32.dll,-30513"
"HKeyRoot"=dword:80000001
"RegPath"="Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced"
"ValueName"="PersistBrowsers"
"CheckedValue"=dword:00000001
"UncheckedValue"=dword:00000000
"HelpID"="shell.hlp#51152"
"DefaultValue"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\ShowCompColor]
"Type"="checkbox"
"Text"="@shell32.dll,-30512"
"HKeyRoot"=dword:80000001
"RegPath"="Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced"
"ValueName"="ShowCompColor"
"CheckedValue"=dword:00000001
"UncheckedValue"=dword:00000000
"DefaultValue"=dword:00000001
"HelpID"="shell.hlp#51130"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\ShowFullPath]
"Type"="checkbox"
"Text"="@shell32.dll,-30504"
"HKeyRoot"=dword:80000001
"RegPath"="Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\CabinetState"
"ValueName"="FullPath"
"CheckedValue"=dword:00000001
"UncheckedValue"=dword:00000000
"DefaultValue"=dword:00000000
"HelpID"="shell.hlp#51100"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\ShowFullPathAddress]
"Type"="checkbox"
"Text"="@shell32.dll,-30505"
"HKeyRoot"=dword:80000001
"RegPath"="Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\CabinetState"
"ValueName"="FullPathAddress"
"CheckedValue"=dword:00000001
"UncheckedValue"=dword:00000000
"DefaultValue"=dword:00000001
"HelpID"="shell.hlp#51107"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\ShowInfoTip]
"Type"="checkbox"
"Text"="@shell32.dll,-30502"
"HKeyRoot"=dword:80000001
"RegPath"="Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced"
"ValueName"="ShowInfoTip"
"CheckedValue"=dword:00000001
"UncheckedValue"=dword:00000000
"DefaultValue"=dword:00000001
"HelpID"="shell.hlp#51102"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SimpleSharing]
"Type"="checkbox"
"Text"="@shell32.dll,-30518"
"HKeyRoot"=dword:80000002
"RegPath"="System\\CurrentControlSet\\Control\\LSA"
"ValueName"="ForceGuest"
"CheckedValue"=dword:00000001
"UncheckedValue"=dword:00000000
"HelpID"="shell.hlp#51154"
"DefaultValue"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden]
"Type"="checkbox"
"Text"="@shell32.dll,-30508"
"WarningIfNotDefault"="@shell32.dll,-28964"
"HKeyRoot"=dword:80000001
"RegPath"="Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced"
"ValueName"="ShowSuperHidden"
"CheckedValue"=dword:00000000
"UncheckedValue"=dword:00000001
"DefaultValue"=dword:00000000
"HelpID"="shell.hlp#51103"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]
@=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Thickets]
"Text"="管理网页和文件夹对"
"HelpID"="TBD"
"Type"="group"
"Bitmap"="C:\\WINDOWS\\system32\\\\SHELL32.DLL,4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Thickets\AUTO]
"CheckedValue"=dword:00000000
"Type"="radio"
"ValueName"="NoFileFolderConnection"
"HelpID"="TBD"
"Text"="作为单一文件显示和管理对"
"DefaultValue"=dword:00000000
"RegPath"="Software\\Microsoft\\Windows\\CurrentVersion\\Explorer"
"HKeyRoot"=dword:80000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Thickets\NOHIDE]
"ValueName"="NoFileFolderConnection"
"DefaultValue"=dword:00000000
"Text"="显示两部分但是作为单一文件进行管理"
"RegPath"="Software\\Microsoft\\Windows\\CurrentVersion\\Explorer"
"HelpID"="TBD"
"Type"="radio"
"CheckedValue"=dword:00000002
"HKeyRoot"=dword:80000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Thickets\NONE]
"CheckedValue"=dword:00000001
"Type"="radio"
"HKeyRoot"=dword:80000001
"RegPath"="Software\\Microsoft\\Windows\\CurrentVersion\\Explorer"
"HelpID"="TBD"
"ValueName"="NoFileFolderConnection"
"DefaultValue"=dword:00000000
"Text"="显示两部分并分别进行管理"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\WebViewBarricade]
"Type"="checkbox"
"Text"="@shell32.dll,-30510"
"HKeyRoot"=dword:80000001
"RegPath"="Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced"
"ValueName"="WebViewBarricade"
"CheckedValue"=dword:00000001
"UncheckedValue"=dword:00000000
"HelpID"="shell.hlp#51148"
"DefaultValue"=dword:00000000
gototop
 

回复:【【【求助,高手指点迷津】】】

LS正解!!
gototop
 
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT