 Broken Images (multiple Browsers) |
Welcome Guest ( Log In | Click here to Register a free account now! )
Register a free account to unlock additional features at BleepingComputer.com
Welcome to Bleeping Computer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.| Important Announcement: The winners of the BC Million Post contest have been announced. You can read who the winners are at this post. - BleepingComputer Management |
  |
 Aug 7 2008, 10:58 AM
Post
#1
|
|
|
New Member  Group: Members Posts: 3 Joined: 7-August 08 Member No.: 228,269  |
Thanks in advance. Mike |
 |
 
|
|
Aug 11 2008, 09:09 AM
Post
#2
|
|
|
New Member Group: Members Posts: 3 Joined: 7-August 08 Member No.: 228,269 |
Well, doesn't look like it makes sense to anyone else either. I'll post what I found out in case it helps anyone else later on. I can't figure out what could possibly be the problem, but booting from the XP CD and running the repair doesn't fix it. The problem seems to be limited to profiles that where logged in to while the system was infected. So I logged into an account that hadn't been accessed during that time and deleted the profiles (just the data for the profile, not the user from Active Directory / Computer Management) that had the problem. I also copied the good profile over the default user, but I don't know if that step was necessary. When the user logs back in their profile is re-created from the default user, and doesn't have the problem. Make sure you backup the My Documents, Desktop, Favorites, and email from the profiles you delete, so you can restore them after the profile is re-created.
Hope that helps someone in the future Mike |
|
|
|
|
Aug 11 2008, 11:42 AM
Post
#3
|
|
 Forum Addict Group: HJT Junior Classmen Posts: 3,981 Joined: 7-January 07 From: UK Member No.: 105,123 |
Hello Mike_115,
How did you remove the malware? it is possible that it still remains on the system. -------------------- Regards
Alan |
|
|
|
|
Aug 11 2008, 02:13 PM
Post
#4
|
|
|
New Member Group: Members Posts: 3 Joined: 7-August 08 Member No.: 228,269 |
I'm pretty sure it's completely gone, all the scans come up clean now. I used a combination of Spybot S&D Ad-Aware and a Combo Fix, or something like that from this site. Plus msconfig to disable a startup item that was re-creating some registry entries on each startup. But it must have corrupted something in the profile while it was still infected.
|
|
|
|
|
Aug 11 2008, 04:24 PM
Post
#5
|
|
|
Forum Addict Group: HJT Junior Classmen Posts: 3,981 Joined: 7-January 07 From: UK Member No.: 105,123 |
It sounds like the removal of the infection has damaged an important file or the infection or part of it remains.
I would advise following this guide http://www.bleepingcomputer.com/forums/topic34773.html to make sure that the system is 100% clean. -------------------- Regards
Alan |
|
|
|
|
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:
| Lo-Fi Version | Time is now: 22nd November 2008 - 02:48 PM |
© 2003-2008 All Rights Reserved Bleeping Computer LLC.