Misterious folder in the ProgramFiles won't go away

Bighunk · Post by **Bighunk** » Tue Mar 11, 2003 12:35 am

Hello,

I was wondering if anybody had an idea of why I cannot delete a folder, - I tried removing it with window washer, deleteing it, moving it to another folder, I downloaded Trojan Hunter thinking maybe it was one of those creatures in my system, and nothing.
I get an error message saying it's being used....

Any help will be greately appreciated!
~Sergio.

SICMF · Post by **SICMF** » Tue Mar 11, 2003 1:31 am

Whats the name of the folder?

Bighunk · Post by **Bighunk** » Tue Mar 11, 2003 3:54 am

Originally posted by Hybridmonolith
Whats the name of the folder?

http://hometown.aol.com/bighunk/page1.html

I hope these snagged images help in some way...

Thanks again!
-S.

Bighunk · Post by **Bighunk** » Tue Mar 11, 2003 7:55 am

Anybody??

Brk · Post by **Brk** » Tue Mar 11, 2003 8:11 am

Are there any files/programs in the folder? If so, look and see if any of the files/programs are listed in msconfig. That could be why it says it's "in use."

Start > Run > msconfig > Startup tab

If you don't recognize any files/programs there, try CTRL-ALT-DEL and see if there's one running and shut it down via "End Task."

RoundEye · Post by **RoundEye** » Tue Mar 11, 2003 8:16 am

Is your PC on all the time and do you have a firewall? I've seen folders like that where hackers uploaded files to a pc to share thier warez programs.

You can't delete it because they used a version of Linux, and Windows doesn't know the Linux commands.

It can be hard to remove, I'll try and find the instructions at Microsoft in a little while.

mountainman · Post by **mountainman** » Tue Mar 11, 2003 8:27 am

Perhaps if you selected to "view hidden files" and "show system files", you may see something else in there. If so, you might be able to delete that.

Or, you can always reinstall Windoze.

Bighunk · Post by **Bighunk** » Tue Mar 11, 2003 9:19 am

Originally posted by Burke
Are there any files/programs in the folder? If so, look and see if any of the files/programs are listed in msconfig. That could be why it says it's "in use."

Start > Run > msconfig > Startup tab

If you don't recognize any files/programs there, try CTRL-ALT-DEL and see if there's one running and shut it down via "End Task."

That's the thing though, it won't let me open it, delete it, move it, rename it.... nothing

Originally posted by RoundEye
Is your PC on all the time and do you have a firewall? I've seen folders like that where hackers uploaded files to a pc to share thier warez programs.

You can't delete it because they used a version of Linux, and Windows doesn't know the Linux commands.

It can be hard to remove, I'll try and find the instructions at Microsoft in a little while.

First of all, thanks RoundEye - I really appreciate it

My pc IS in fact on 24/7 almost, and I don't have a firewall, I disabled the xp one just like my internet provider's customer service operator told me to(said something about it being bad for them) (??) and on that note, I should probably also mention a few weeks ago I did the speed tests and they came out as marginal for a cable connection oh well

it IS the only cable company down here.

Originally posted by mountainman
Perhaps if you selected to "view hidden files" and "show system files", you may see something else in there. If so, you might be able to delete that.

Or, you can always reinstall Windoze.

And, I tried that, selected "view hidden files"/"show system files" but again, it won't let me near it, not to mention the fact that there's apparently nothing in there

Brk · Post by **Brk** » Tue Mar 11, 2003 9:26 am

You NEED a firewall immediately, whether it be software or hardware.

RoundEye · Post by **RoundEye** » Tue Mar 11, 2003 12:20 pm

If you don't have an account at movedigital.com you've been hacked into.

Here's what I think happened, your pc has been hacked into, and somebody is using your pc to host files for thier warez site. You need to run a virus and trojan scan and make sure there are no programs remotely controlling your pc.

Removing the files is real fun, they probably used a version of Linux to upload the files and that's why you can't delete them. Windows doesn't recognize the Linux commands.

You need a program called Rm.exe to remove the files. It's on the Windows 2000 server resource CD, if you can't find it online I can host it for you later on tonight. (I'm at work right now).

Here's a couple of links showing you what needs to be done. POSIX commands is what you are looking for and what you want to do.

First Link

Second Link

You need to get a firewall and make sure you have file and print sharing disabled on your pc. Also go into the properties of tcp/ip, then the advanced tab of network neighborhood, then to the Wins tab, and check off "Disable NetBIOS over TCP/IP". This will make it harder for people to get into the pc because they can't "see" the computers name.

Have Fun

mountainman · Post by **mountainman** » Wed Mar 12, 2003 12:46 pm

If he gets a good firewall program on there, will the hackers still be able to get on there ?

RoundEye · Post by **RoundEye** » Wed Mar 12, 2003 10:16 pm

There's no network that's "hack proof" but you sure as hell can make it really hard to get into. Very few hackers can get into the really secure networks. Probably 99.9% of the script kiddies can't even get past NAT.