tempusfugit
New Member
- Reaction score
- 0
I didn't read the whole thread, just the first post and then ctrl-f'd smtmp on each page so forgive me if this was posted.
The "deleted" start menu and sometimes desktop shortcuts are usually in a folder call smtmp.. usually they are in %user\local settings\temp\smtmp if they aren't there I just 'everything search' for smtmp.
There are folders 1, 2, 4.. I think 1 is programs in the start menu, 2 is desktop and 4 is quick launch, or something close to that.
and 99% of the time, mbam + sas in safe mode + combofix and hitman pro(checks task manager disabled/proxy settings on top of viruses) in normal mode gets the virus. Then unhide.exe, dtreset.bat, copy smtmp folder.. That's my method
The "deleted" start menu and sometimes desktop shortcuts are usually in a folder call smtmp.. usually they are in %user\local settings\temp\smtmp if they aren't there I just 'everything search' for smtmp.
There are folders 1, 2, 4.. I think 1 is programs in the start menu, 2 is desktop and 4 is quick launch, or something close to that.
and 99% of the time, mbam + sas in safe mode + combofix and hitman pro(checks task manager disabled/proxy settings on top of viruses) in normal mode gets the virus. Then unhide.exe, dtreset.bat, copy smtmp folder.. That's my method
Last edited:
