Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows Xp sp3 hijacked


  • Please log in to reply
1 reply to this topic

#1 mavericktwo

mavericktwo

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:08:33 PM

Posted 09 June 2011 - 04:29 PM

Hello:

Problem start on 6/8/11, running Lenovo Think Centre, connected to a network.
When I got to the computer there were only the standard 3/4 icons on the desktop, where there should have been at least 15 to 20.
The "Start Menu" classic view goes upto "Programs" this folder is empty.
Right clicked on the Start button, went to explorer,folders are there, but nothing is displayed when they are selected.
IE 8 icon is missing, error msg that the sata drive cannot be found.
Ran:
Spybot, Malwarebyte, Ccleaner, rkill, SuperAntiSpyware, Glaries, Windows defender, they all find something but the situation of missing icons, empty folders continue.

Any help is well appreciated.

Mavericktwo

BC AdBot (Login to Remove)

 


#2 ZPrime

ZPrime

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cleveland, OH
  • Local time:10:33 PM

Posted 09 June 2011 - 04:34 PM

I am not considered an "expert" on this forum but I believe I've seen the infection you're dealing with. It takes most of the files on the machine and sets them to hidden. You can verify that they are still there by opening a command prompt, CD'ing to a directory, and doing a "dir /ah" which will show hidden files.

Not being an expert I am not going to offer advice on how to clean it, but don't panic as the files aren't gone. :)

It also takes most of the shortcuts from the Start Menu and MOVES them to a different location before hiding them - I seem to remember they go to one of the temp folders of your user profile in "Documents and Settings" or "Users" (depending on OS), so don't empty any temp folders unless directed if you don't want to lose all of those shortcuts!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users