| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 84118 | 2007-10-25 01:09:00 | .exes in My Documents | mark c (247) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 605027 | 2007-10-25 01:09:00 | Hi, on a shared comp that I maintain running Win98se I noticed there were about a dozen files ending with .exe in My Documents. Never noticed this before. I thought they shouldn't be there so had a look at the Properties of some of them and they were all within the last few days. I (maybe foolishly) tried to open one and the comp froze up. I rebooted and had a look on the net for any trace of them. They all had very similar names like these three examples, 10ce6.exe 12279.exe and 14792.exe. No trace of them tho ".exe My Documents" brought up cases of trojans ending .exe but nothing like the examples I cited. I deleted them then emptied the Recycle bin, ran Ccleaner, rebooted and seem to have all gone and comp works fine. Does anyone have any idea what these might be? Am I being alarmist? Any info much appreciated. TIA..........m |
mark c (247) | ||
| 605028 | 2007-10-25 01:12:00 | Definitely wise to treat em as malicious, I personally would have deleted them instant I saw them. Have you configured it to display hidden files? And pointed your AV directly at the documents folder to do a scan? |
Metla (12) | ||
| 605029 | 2007-10-25 01:21:00 | Yes I have got hidden files on and yes what a good idea and I suppose obvious with a bit more experience to scan them, tho I didn't. Good advice, thanks, will remember that in future. :thumbs: | mark c (247) | ||
| 605030 | 2007-10-25 01:24:00 | And exe files can also run from that folder, everytime you start a PC. So, be wary of this as well. You may see this either by running ccleaner and going to startup, or in a HJT log. |
Speedy Gonzales (78) | ||
| 605031 | 2007-10-25 01:38:00 | I do run Ccleaner all the time and keep an eye on what's in my trimmed startup but these got through. A friend uses that comp every so often (not this one at home) and sometimes deviates off the straight and narrow but nothing to show in History that would suggest some site that might produce this stuff. (And I don't think he can edit the History folder.) Thanks for the tips. Much appreciated. Maybe the comp just froze rather than running the exe because malware like all other ware can be badly written. |
mark c (247) | ||
| 1 | |||||