Warning

 

Close

Confirm Action

Are you sure you wish to do this?

Confirm Cancel
Member Login
Site Notices
9/22/2017 12:11:25 AM
Posted: 9/15/2005 6:45:21 PM EDT
I believe my computer has some sort of virus. I noticed when I was running Adaware (which found over 1000 objects?!?!) it scanned C:\uploads for over an hour. But when I open my C drive, there is certainly NOT a folder called uploads...what gives?

Also, I tried to run the cmd from the start>run prompt, but I get an error message. So I was going to run it straight from the system32 folder in c:\windows...but I dont have a system 32 folder.

I ran Norton, and it deleted a few things, but I never renewed my subscription, so I guess the definitions are way out of day.

What the hell is going on?

Thanks,
Jake
Link Posted: 9/15/2005 6:56:45 PM EDT
forums.majorgeeks.com/

There are peeps on there that are the best at helping you rid your system of nasties and giving you advice on what you can do to keep from getting them!

BigDozer66
Link Posted: 9/15/2005 7:01:56 PM EDT
www.free.grisoft.com

Do you have it set up to show hidden folders? System32 isn't a hidden folder, but it's a good idea any way.

Go to C:, then click on Tools, Folder Options. Click on the View tab, then check the Show Hidden Files and Folders option.
Link Posted: 9/15/2005 7:05:07 PM EDT
NO SYSTEM 32 FOLDER ????
Time for target practice
Link Posted: 9/15/2005 7:06:48 PM EDT
Methinks he resides in hidden systems folders...........
Link Posted: 9/15/2005 7:09:41 PM EDT
[Last Edit: 9/15/2005 7:13:07 PM EDT by Max_Mike]

Originally Posted By jake1978:
I ran Norton, and it deleted a few things, but I never renewed my subscription, so I guess the definitions are way out of day.

What the hell is going on?

Thanks,
Jake



What is going on is you messed up let you virus definitions lapse and now you likely have junk until you do a clean format and install.

There is no excuse to go without a current antivirus especially when there are so many free options…. You make yourself a menace to not only yourself but everybody else on the web.

Here is a link to a online virus scan try that first:
housecall.trendmicro.com/

Run CWShredder and the spyware scan from that sight as well.

Here is a link to a free anti-virus: Download it, uninstall Norton and try to install AVG Free. And run it…
free.grisoft.com/doc/2/lng/us/tpl/v5

Good luck but I suspect that machine is to far gone to run well without a fresh install.
Link Posted: 9/15/2005 8:30:35 PM EDT

Originally Posted By Burley:
www.free.grisoft.com

Do you have it set up to show hidden folders? System32 isn't a hidden folder, but it's a good idea any way.

Go to C:, then click on Tools, Folder Options. Click on the View tab, then check the Show Hidden Files and Folders option.



Hidden folders are showing...whats weird is when I run adaware, spybot, cwshredder, etc, they show to be scanning the system 32 folder, but I definitely can't see it.

BUT...I ran the online virus scan from trend micro and well........



Link Posted: 9/15/2005 8:32:10 PM EDT
Link Posted: 9/15/2005 10:56:04 PM EDT
Time to low level format and start over... you are not going to get that machine to run right even if you get the crap cleaned out.
Link Posted: 9/16/2005 5:16:32 AM EDT

Originally Posted By jake1978:

Originally Posted By Burley:
www.free.grisoft.com

Do you have it set up to show hidden folders? System32 isn't a hidden folder, but it's a good idea any way.

Go to C:, then click on Tools, Folder Options. Click on the View tab, then check the Show Hidden Files and Folders option.



Hidden folders are showing...whats weird is when I run adaware, spybot, cwshredder, etc, they show to be scanning the system 32 folder, but I definitely can't see it.

BUT...I ran the online virus scan from trend micro and well........

home.comcast.net/~jsmoth/10k_viruses.bmp




looks like its time to do a fresh install. hope you did your regular backups
Link Posted: 9/16/2005 8:19:48 AM EDT
[Last Edit: 9/16/2005 8:20:27 AM EDT by jake1978]

Originally Posted By Max_Mike:
Time to low level format and start over... you are not going to get that machine to run right even if you get the crap cleaned out.



i visited majorgeeks.com and downloaded every spyware cleaner they recommmended. downloaded a spyware preventer, the free Anti-Virus software linked to by a couple of you, and the Sygate firewall. I uninstalled Norton and disabled the Windows firewall as well.

After I cleaned everything I could, I ran the AVG and it only found 3 things. I'm just going to monitor it for a few days, running the spyware cleaners and AVG every day and see what happens.

I realized also, I had turned off the WEP on my wireless router a couple weeks ago and not turned it back on.

Thanks for the help and the links.
Link Posted: 9/16/2005 8:32:45 AM EDT
avg is not that good, IMO


try commandondemand online scanner ....... click the magnifine glass

nod32 and kaspersky are also highly effective.

ewido.net and A Squared for trojans
Link Posted: 9/16/2005 8:38:50 AM EDT

Originally Posted By cruze5:
avg is not that good, IMO


try commandondemand online scanner ....... click the magnifine glass

nod32 and kaspersky are also highly effective.

ewido.net and A Squared for trojans



I have found AVG is very good... it has tested very well against commercial software. The people I have using it are not getting viruses.
Link Posted: 9/16/2005 9:27:51 AM EDT
lol
Your infected!

The C:\uploads sounds fishy to me. I would enter a command prompt and run

netstat -a

and look for connections with ports on 6666 to 7000

common IRC trojan
Link Posted: 9/16/2005 9:30:51 AM EDT

Originally Posted By Hectic:
lol
Your infected!

The C:\uploads sounds fishy to me. I would enter a command prompt and run

netstat -a

and look for connections with ports on 6666 to 7000

common IRC trojan



My infected what?

The C:\uploads had over 5gigs of files in it that most definitely didn't come from me. All zip files, all the same size of 763k. I'm keeping a close eye on that folder.
Link Posted: 9/16/2005 9:43:10 AM EDT

Originally Posted By jake1978:
The C:\uploads had over 5gigs of files in it that most definitely didn't come from me. All zip files, all the same size of 763k. I'm keeping a close eye on that folder.



haha..really?
Link Posted: 9/16/2005 9:50:51 AM EDT
Did you get a virus?

No

Did you get four-hundred thousand viruses?

Yes, very yes.
Link Posted: 9/16/2005 10:01:18 AM EDT
Link Posted: 9/16/2005 10:07:57 AM EDT

Originally Posted By Paul:

Originally Posted By jake1978:

My infected what?

The C:\uploads had over 5gigs of files in it that most definitely didn't come from me. All zip files, all the same size of 763k. I'm keeping a close eye on that folder.



Keeping an eye on it for what - waiting for the authorities to bust down your door?

The top three files kept on owned systems are:

Spam/spam mailing lists
Illegal porn (child porn)
MP3 songs/MP2/4 Movies

At 763 Kb I'm betting porno ...



I guess waiting to see if it fills back up after I deleted it.

All the files had various filenames, and I didnt see any that were porn-related (which really doesn't mean much, I suppose).


Link Posted: 9/16/2005 10:12:56 AM EDT
Anti-Vir is available at www.free-av.com

I deal with viruses every day , Anti-Vir is one of the most agressive AV available . And the personal edition is free.

The reason you cannot see that folder is it is most likely HIDDEN from you. Easy to fix that, open any folder, click tools, then folder options. Click the view tab, then check "Show hidden file and folders". If it still doesn't show you can also Un-check hide protected system file folders.

Do a disk clean-up and make sure you delete all your system restore files. Viruses can be restored after deletion sometimes.

Run "MSCONFIG" and check your system startup, Uncheck anything that that looks Questionable. This can cause problems if you don't know what questionable is.

If this doesn't help in combination with what everyone else has suggested I would be suprized. Although I have dealt with some very stubborn adware lately. Let us know how it all works.

Link Posted: 9/16/2005 10:41:36 AM EDT

Originally Posted By Max_Mike:

Originally Posted By cruze5:
avg is not that good, IMO


try commandondemand online scanner ....... click the magnifine glass

nod32 and kaspersky are also highly effective.

ewido.net and A Squared for trojans



I have found AVG is very good... it has tested very well against commercial software. The people I have using it are not getting viruses.




I scan computer's for virus's everyday that have Norton, mcafee, and AVG installed.

everyone of those computers are having spyware and pop related issues. each computer scanned comes up with at least 10-15 trojans, sometimes more.

this one was my favorite:

Link Posted: 9/16/2005 10:50:06 AM EDT
will windows even boot without windows\system32 ?
Link Posted: 9/16/2005 10:51:55 AM EDT
looks like it's a year old, but a test comparing various AV products
www.10ts.com/reviews/antivirus-test.htm
Link Posted: 9/16/2005 10:58:08 AM EDT

Originally Posted By jake1978:

Hidden folders are showing...whats weird is when I run adaware, spybot, cwshredder, etc, they show to be scanning the system 32 folder, but I definitely can't see it.

BUT...I ran the online virus scan from trend micro and well........

home.comcast.net/~jsmoth/10k_viruses.bmp




DAYUM! Time to unplug the respirator and let that patient die. Save what files you can (scrubbing all of them for virii), reformat the drive and start over.

By the way, JPEGs are your friend.
Link Posted: 9/16/2005 11:11:57 AM EDT

Originally Posted By sharky30:
will windows even boot without windows\system32 ?




one of my work systems is running xp pro the system32 dir was 650MB. let me delete it on a customers machine and ill get back to you
Link Posted: 9/16/2005 11:39:26 AM EDT
Just a quick thought. Could his C:\uploads folder be an Alternate Data Stream (ADS)
Here's a quick link about ADS's
www.windowsecurity.com/articles/Alternate_Data_Streams.html

Here is a link for a tool that should detect them.
www.heysoft.de/Frames/f_home_en.htm

I would suggest downloading DBAN
dban.sourceforge.net/
Burn anything you cannot lose to a CD (pictures, things like that) that you ABSOLUTELY cannot lose, because these files could very easily be infected.
Make the floppy or CD, and boot off of it. Do the autonuke part at the beginning.
Reload Windows and everything else that you hopefully purchased

I'm not saying that to be all high and mighty, and I don't bash P2P file sharing. But over 50% of all P2P traffic is virus/trojan/worm/spyware infected.


Good luck and keep us posted.

Link Posted: 9/16/2005 4:30:54 PM EDT
[Last Edit: 9/16/2005 4:33:04 PM EDT by jake1978]

Originally Posted By cruze5:

Originally Posted By sharky30:
will windows even boot without windows\system32 ?




one of my work systems is running xp pro the system32 dir was 650MB. let me delete it on a customers machine and ill get back to you



Got that straightened out....had the option to show hidden folders checked, but I needed to UNcheck hide system folders, or somesuch.

Is the C:\uploads folder normally there, in an uninfected machine? it only showed up when i unchecked "hide system folders", just like the system32 folder.

This was one of the first problems I noticed, but when I first tried to run the CMD command from Start<Run, it was trying to open cmd.com from the system32 folder.....is cmd.com even a real file???
Link Posted: 9/16/2005 4:56:29 PM EDT
Tag for the geek website.
Link Posted: 9/16/2005 8:25:10 PM EDT
uploads was added by something
Link Posted: 9/16/2005 8:26:05 PM EDT
You have any file sharing software? Kazaa, Bear share? stuf like that??
Link Posted: 9/16/2005 8:41:54 PM EDT
none of the free virus scans work good enough
Top Top