Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Possible problem found

Status
Not open for further replies.

biglebowski

Technical User
Jan 29, 2004
3,117
GB
I have run spybot S&D and it came back clean. But when I run sophos it says it was unable to open some files. I tried to find these files in explorer but it is saying that the folder is empty, but when I do a search in sophos it lists various folders that cannot be seen in explorer. the path is C:\Documents and Settings\chris\Local Settings\Temporary Internet Files\Content.IE5. The files it lists are
changesettings.html
renderforcaptchaforpasswdreset
validateforcaptchaforresetpasswd
trafic.js
gen.js
There are several more but these are the ones that look most worrying

Are you suggesting coconuts migrate?
 
Go to the ControlPanel, Internetoption, there you will find the onboard cleaning utils for the TempInternetFiles and Cookies aswell as the settings of both... Clear your Temp/TempInternetFiles as often as possible, especially after being in the NET on questionable sites...

You can always use SpyBot S&D to clear the Temp/TempIE Folder aswell... goto Settings/FileSets and check the UsageTracking... on the next scan you should be able to clear your Temp File CACHE aswell...



Ben

If it works don't fix it! If it doesn't use a sledgehammer...
 
The reason spybot didn't find it is because those files are either a) new in the wild or b) Patrick hasn't written detection algorithms for these yet, whatever they are a part of. Spybot doesn't use heuristics while AV software generally does. Obviously if something is hiding from explorer, then it is probably a virus or backdoor of some sort. If you don't mind, I'd like to see those files if you can get to them. Go to Start->Run->cmd.exe->Enter->cd <to the directory>->Enter->notepad <filename>->Enter

That should get you to view the files. Then you can save it somewhere and upload it somewhere for me to see. If you don't want to or have already deleted the files, that's fine. :)

----------------------------
"Security is like an onion" - Unknown
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top