What you call something is important. If you call the liquid in a glass water, I expect water when I drink it, and my thirst will be quenched. If instead it is Hydrochloric Acid, I still expect water, but my mouth, throat, esophagus, and stomach will be burned. It would matter to me.
Quote: Originally Posted by RobinHood
Keep well writhzin....nice talking to you bud...Just a reminder ---> "weird" i got it right to make 30+ junctions to become 3...INCLUDING backing it up...i never heard about a loop within a loop that had something in it to backup up ( im not talking about deleting the OFFICIAL junctions hey, but the "nested" ones... )....which I just managed to do...Like one guy said...it's just a different angle you go to aproach the same file...which is 100% correct ( somewhere earlier in this thread someone mentioned it )....what i did, i just made Windows "neater"....
PS: some good INFO why you get multiple "nested" junctions ----> [Gelöst] Trojan.Mayachok/1 - Seite 3 - Viren und andere Sicherheitsrisiken - Avira Support Forum
This link provides a clue as to what you are talking about. I am using Google Translate, but it is still hard for me to follow. I will specifically address the file & folder issue. Since there is no way to tell what is an actual folder and what is a Junction, I cannot know for sure what is happening. I will make an educated guess, but I could be very wrong.
The following is Windows 7 specific. There are significant differences between Windows versions, and you will hose an Windows XP machine if you do not know what you are doing.
It appears the Windows User Account is named "user". This is going to become complicated. Also, I am not going to use strict terminology. It is going to be too complicated as it is.
There are 4 files in a Temp folder:
1 & 2 are always grouped together. 1 & 2 & 3 begin to be grouped, and finally, all four files are grouped. The listing would be better if it started at the beginning of the tree and worked down. I think this would show that the tree starts with the four files, and the number of files diminishes as you go deeper into the tree. At the lowest level, only 1&2 are included.
My guess is that these are actual folders with actual files in them. It is possible that there could be a combination of Junctions and folders, but it would be an even more tangled mess. Furthermore, this was not necessarily caused by a virus, and Trojan.Mayachok/1 indicates it is a trojan not a virus. Google returned a list of sites that did not include any of the major anti-malware vendors. It was a list of mostly Russian sites, and it would take too much time to setup a Virtual Machine to investigate it.
Without knowing which, if any, are Junctions, cleaning up this mess may not work as expected. If it is actual folders you have, you could clean it up and restore the Junctions with security/permissions. "C:\ Documents and Settings" should be a Junction. If you are dealing with a nasty trojan, the creator could have stored the actual data in a different location. One of the "Application Data" folders could be a Junction pointing somewhere else. If the trojan has not been eradicated, it could recreate the Junction, and the original data would still be present.
I do not have enough knowledge of HijackThis to know what is being displayed. I would be wary of doing anything based upon the report, but you may know more. The Wikipedia and MSDN links you provided have little to do with the problem you are trying to solve. I still think you are in over your head, but as you noted, WHO CARES WHAT I THINK.
I cannot provide a single link that details the knowledge I have shared here. There is no single place where this is fully discussed, but this may have changed. I have researched this myself, but I am indebted to several people for some of this. Pulling together bits from different places, I was able to figure it out, but I am not an expert. I would encourage to research some of the "50% junk" to learn more. I would request you post a list of the junk. Even a few entries would be helpful to anybody reading this.