Smtmp Virus
|
Dosya Uzantısı: | .smtmp |
Geliştirici: | N/A |
Views: | 119301 |
Updated: | 2012-02-05 17:29:32 |
Hex: | N/A |
ASCII: | N/A |
|
|
Smtmp is the file extension used for folders that are created by the rogue Antispyware Software FakeHDD which offer the user help but actually infect the computer.
This virus changes the attributes of files found on the hard drives in the computer to hidden, another thing it does is to do this to folder and files in the start menu which causes the Start Menu, Taskbar and Quick launch to appear empty.
The files and folders in question are not deleted but have been moved to a hidden backup folder which can be found in %Temp%\smtmp, this backup can be used to put the files and folders back where they belong unless you happen to run any programs that will empty the contents of the temporary file folders.
There are some programs created that can unhide the hidden files but they then unhide all files that are hidden and not only those that need to be unhidden, so that care must be taken when using such tools otherwise your computer will no longer run, these programs can only unhide files if they are still in the %Temp%\smtmp folder.
To manually restore the files and folders you will need to copy the contents of files and folders found in the Smtmp folder to the corresponding folder where it should be, here is a list showing them.
%Temp%\smtmp\1:
Windows XP: C:\Documents and Settings\All Users\Start Menu
Windows Vista and Windows 7: C:\ProgramData\Microsoft\Windows\Start Menu
%Temp%\smtmp\2\:
Windows XP: C:\Documents and Settings\<your login name here>\Application Data\Microsoft\Internet Explorer\Quick Launch\
Windows Vista and Windows 7: C:\Users\<your login name here>\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\
%Temp%\smtmp\3\:
Windows Vista and Windows 7: C:\Users\<your login name here>\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar
%Temp%\smtmp\4\:
Windows XP: C:\Documents and Settings\All Users\Desktop
Windows Vista and Windows 7: C:\Users\Public\Desktop