Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

left limping


  • Please log in to reply
No replies to this topic

#1 nivek

nivek

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:09:14 AM

Posted 08 August 2009 - 01:31 PM

spent the last three days trying to fight the compromise of the machine all started with the file that seem to do nothing when opened the machine temporally lagged and recovered, on reboot found that all my icons were the same pointing to the samefile but cant remeber what it was . all exe and links had the .lnk extension after some investigation found that i could change programs in the prefetch folder and manged to invoke some scans using regcure ( not sure it did much) cccleaner, malware bytes and super antispy , also found that if i copied program links into prefetch i could exe them and have managed to get it to a place where the majority is working , at present i have no speed issues cpu running browser (firefox) is taking about 2% the machine is responsive programs are updating as normal have manually removed numerous malware , trojan/viruses and this a bugger to get rid of
M:\RECYCLER\S-1-5-21-1547161642-1935655697-682003330-1003 there was always two of these.
by checking my file associations i have managed to get most of the programs working as they should
i have just finished a nod 32 on demand scan taking over 5 hours and it has delt with two infections both Trojans probably win 32 or variants

ok my collateral legacy:
cant get my prefetch files back too pf
downloaded utills like tweak ui wont open as the file association is incorrect ( error message this is not a win 32 app)
i keep a folder called desktop icons which i keep all my icons and they are all have .lnk extentions any attempt to create a shortcut gives a .lnk result hijakthis has dealt with a couple of problems, during a cccleaner scan i saw my restorer file with 2 .lnk.lnk extentions but was not quick enough to see the address, oh system restore not working error message announces that it is unable to protect my machine malware bytes cant create a restore point , although if i close sys restore the machine announces the correct message

i could do with a file association list and a way of changing prefetch files back to pf the file are unclassified at present but all open with fixlink( well until the win 32 error message) have tried to copy my firefox .exe file to desktop temporally but it wont work. i get on line using some browser shortcuts that are unaffected by the .lnk i know this is long but tried to be as comprehensive as possible would send a hijak log but you will probably want me to do something 1st

BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users