My USB Flash Drive got an infection from another computer. Avast, via Removable Media Scan, detected 3 files with 2 threats and quarantined them.
These 2 threats namely Win32:Downloader-TNV [Trj] and LNK:Runner-l [Trj].

I opened up Windows Explorer and found 2 directories. But when I opened up Command Prompt and running “dir/ah”, “dir/as”, “dir/ad”, I got different results.

Avast detected and removed the threats via manual scan but didn’t try to undo the damage done by the threats.

How can I unhide these other files and directories to be able to access them from Windows Explorer? I tried to set show hidden items from Windows Explorer but the files are still not visible.

How can I fix these files?

HI lets get to work

This should restore any files and quarantine the malware on the USB

Download MCShield to your desktop and install
It will initially run a scan and show the result as a toaster by the system clock
Then in the control centre select scanner and tick unhide items on flash drives

https://dl.dropbox.com/u/73555776/mcshield%20unhide.JPG

Plug in the drive and McShield will start a scan

Then get the log which will be here :

Start > all programs > MCShield > logs > all scans

And post that

NEXT

Download OTL to your Desktop
Secondary link

[*]Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.

https://dl.dropboxusercontent.com/u/73555776/OTL_Main_Tutorial.gif

[*]Select All Users
[]Select LOP and Purity
[]Under the Custom Scan box paste this in

netsvcs
BASESERVICES
%SYSTEMDRIVE%*.exe
c:\program files (x86)\Google\Desktop
c:\program files\Google\Desktop
dir “%systemdrive%*” /S /A:L /C
CREATERESTOREPOINT

[*]Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
[*]When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
[*]Attach both logs

Attached are the log files.

AllScans.txt, OTL.txt and Extras.txt.

All files and directories are now visible on Windows Explorer.
There we’re other shortcut files that were present after Avast removed the threats. I deleted them manually without going through Trash, with Alt+Delete. I know they were dangerous so I deleted them beyond recovery.

Looks good, any noticeable problems ?

Not at all. What’s with OTL? Why run OTL while MC2Shield fixed it up already?

Also, MC2Shield detected 1 more infected file and 2 infected directories that Avast didn’t.

OTL was to confirm that nothing was missed on the computer by Avast. But, it appears to have blocked it all apart from the reg change to hide files

Thanks for your help essexboy

I would recommend that you keep MCShield as it uses no resources and only activates when a USB is inserted. Run OTL and press the cleanup button to remove it