Page 1 of 3 123 LastLast
Results 1 to 10 of 28

Thread: h.com,i.com,ofddh.exe,ntdlr,autorun.inf

  1. #1
    Junior Member
    Join Date
    Feb 2008
    Posts
    9

    Exclamation h.com,i.com,ofddh.exe,ntdlr,autorun.inf

    Hello,
    I did a lot of looking around and the I decided to do ask the question

    My computer has two operating systems,one XP and one mandriva.

    Now my XP has avast antivirus,which was working fine.
    Recently I started reciveing error messages n my avast antivirus that my PC has been infected with a worm called autorun.inf.
    I tried deleting it ,removing it moving it...nothing would just work.
    The same message kept coming over and over again.
    I did a boot scan from avast ..but nothing really helped.After the second boot,the same message began appearing again and again.

    Now i booted in to Mandriva and read my ntfs partion ,There I found three .com files lying in he c:\ of my computer
    namely
    h.com,i.com,ofddh.exe,ntdlr,autorun.inf

    I again rebooted into windows and did a whole scan ,nothing was caught.
    I am quite sure that h.com and i.com are not windows files.
    my antivirus is upto date
    I tried googling them but that too would not help much.
    Any help from you guys will be highly appreciated

  2. #2
    AO Curmudgeon rcgreen's Avatar
    Join Date
    Nov 2001
    Posts
    2,716
    autorun.inf is a text file found on cd rom disks telling the operating
    system what to do when it autoruns the disk. Open it in a text editor
    and see what it says. I'd be suspicious of the file named ofddh.exe.
    Malware often has files with random nonsense names.
    I came in to the world with nothing. I still have most of it.

  3. #3
    Junior Member
    Join Date
    Feb 2008
    Posts
    9
    I cannot see these files from windows...and linux opens ntfs as read only

  4. #4
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867
    The following link will give you instructions on how to mount the NTFS file system with full rights, you can then try and delete the files from there.

    http://www.linux-faqs.com/faq/misc/ntfs.php#4.9

    Cheers:
    DjM

  5. #5
    The Doctor Und3ertak3r's Avatar
    Join Date
    Apr 2002
    Posts
    2,744
    Can't see the files in Windows?

    HAve you set your folder options to view hidden files..also the other for Protected operating system files.. open Win Explorer goto: Tools-folder options
    One of the tricks of malware is to set the file as Hidden - System..

    Also I would not just go about deleting files.. Start by at least just renaming them..
    I would be looking at a tool like one of the "Rootkit" detection kits like Rootkit revealer.
    "Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr

  6. #6
    Senior Member
    Join Date
    Oct 2007
    Location
    do a whois search on my ip...
    Posts
    268
    have you tried removing the files, or even trying to view them in safe mode?

    I would make a back-up, then run the files in a dos command prompt, (if you can find them with XP) after all that is the extension .com... I highly doubt it to be a virus, I can't seem to find anything on the com files.

  7. #7
    Junior Member
    Join Date
    Feb 2008
    Posts
    9
    HAve you set your folder options to view hidden files..also the other for Protected operating system files.. open Win Explorer goto: Tools-folder options
    One of the tricks of malware is to set the file as Hidden - System.
    Tried that...i still cannot see the files

    have you tried removing the files, or even trying to view them in safe mode?

    I would make a back-up, then run the files in a dos command prompt, (if you can find them with XP) after all that is the extension .com... I highly doubt it to be a virus, I can't seem to find anything on the com files.
    Yes....i have backed up my data but then i do not want to go through the pain of installing XP again and loosing all my drivers.....

    The following link will give you instructions on how to mount the NTFS file system with full rights, you can then try and delete the files from there.

    http://www.linux-faqs.com/faq/misc/ntfs.php#4.9

    Cheers:
    This is the only thing left to do ...i will try that today....

    But my question why is my antivirus so helpless,,,it just cannnot delete the virus or detect them in some case (h.exe,i.exe)

  8. #8
    Senior Member Ouroboros's Avatar
    Join Date
    Nov 2001
    Location
    Superior, WI USA
    Posts
    636
    Shenanigans.

    I can't even begin to wrap my head around all of the contradictions and absence of experience.

    autorun.inf as a virus? h.com and i.com (whatever those are) magically turn into h.exe and i.exe.

    Dude doesn't want to LOOSE his drivers, of course.

    Either incompetent or stupid.

    Shenanigans.

    O
    "entia non sunt multiplicanda praeter necessitatem"

    "entities should not be multiplied beyond necessity."

    -Occam's Razor


  9. #9
    Junior Member
    Join Date
    Feb 2008
    Posts
    9

    autorun.inf as a virus? h.com and i.com (whatever those are) magically turn into h.exe and i.exe.

    Dude doesn't want to LOOSE his drivers, of course.

    Either incompetent or stupid.

    Shenanigans.
    ya a typo ..my mistake it was supposed to be h.com and i.com

    Drivers....let me tell you a bit more about them

    My lappies lan card went boom a few months ago,i am using a usb lan card ( i next).I installed the drivers and it is working properly,but unfortunalty i lost the driver cd,what i am afraid is that if i reinstall the OS ,the usb lan card drivers will a trouble to install

    and more over reinstalling a OS every time your system gets a virus is not the answer

    If you can help please do help ,and if you are here to tell me that i am incompetent or stupid or what ever ,i bet that even your question look stupid to some one
    Last edited by alphabetagammadelta91; February 21st, 2008 at 08:23 AM. Reason: spell check

  10. #10
    The Doctor Und3ertak3r's Avatar
    Join Date
    Apr 2002
    Posts
    2,744
    then run the files in a dos command prompt
    I find that advice the same as playing russian roulette with a bullet in evey chamber..
    .. once you find those files try a hex editor on them to get an idea of what they are.. if you do execute them.. ONLY ON A Crash Test Dummy PC.. not your production PC.. especially when done from Command Prompt..

    I would.. settle down here.. Try one of the Live OS CD's be it a bart PE or UBCD .. even many *nix distros allow correct mounting of NTFS partitions for editing... ubuntu 7.1 has for me..

    My preferance has been the Bart PE and UBCD methods for Virus scans and any registry work.. but that is more familurarity
    "Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •