Security Basics mailing list archives
Re: Strange files on C:\
From: cvaleriy <cvaleriy () ugps irtel ru>
Date: Fri, 11 Jun 2004 12:04:25 +0900
DFM> -----BEGIN PGP SIGNED MESSAGE----- DFM> Hash: SHA1 DFM> Hi all, DFM> I hope this is the right list for this kind of problem; in case this DFM> is not, please forgive me and suggest me the right ML. :-) DFM> In the last few days I noticed the following strange files in C:\ DFM> (from the date and time they seem to be created regularly, like daily DFM> or more often): DFM> 06/09/2004 05:58 PM 0 tas DFM> 06/09/2004 05:58 PM 0 tas.1 DFM> 06/09/2004 07:22 PM 0 tis DFM> 06/09/2004 07:22 PM 0 tis.1 DFM> 06/09/2004 03:03 PM 0 tj8 DFM> 06/09/2004 03:03 PM 0 tj8.1 DFM> I have done some search in Google, but I didn't found anything DFM> relevant. DFM> My daily (nightly actually) scan with McAfee 7 Pro. fully patched and DFM> updated didn't complained about anything (actually I still have to DFM> see the scan with the very last virus definition released today); I DFM> also tried the web "FreeScan" (from McAfee) just in case it is even DFM> more updated than my installed version, but still nothing. DFM> I tried to scan with both AdAware and SpyBot fully updated, but DFM> nothing (some cookies until yesterday and even nothing today). DFM> I tried Hijack This, but I do not see anything suspicious (I didn't DFM> post the log to their forum as it was suggested because all the DFM> elements reported seem familiar to me - eventually I can post it here DFM> if you are interested on it). DFM> Both Windows Task Manager and Process Explorer (SysInternals) don't DFM> show anything unusual (I can post the Process Explorer list if you DFM> want). DFM> Do you have any idea from where these files came from? Is there any DFM> other tool/procedure I can try to identify them? DFM> Thank in advance. DFM> Di Fresco Marco DFM> http://home.comcast.net/~superdif/ Hello ! Sorry for my bad eng... May be files like tmp file of Half Life(counter Strike). Size ? Some bytes or kilobytes ? Zero ? It's regular create with this names or not ? cvaleriy mailto:cvaleriy () ugps irtel ru --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- Strange files on C:\ Di Fresco Marco (Jun 10)
- Re: Strange files on C:\ John Groth (Jun 11)
- Message not available
- Re: Strange files on C:\ Gautam R. Singh (Jun 11)
- Re: Strange files on C:\ cvaleriy (Jun 11)
- <Possible follow-ups>
- Re: Strange files on C:\ H Carvey (Jun 11)
- RE: Strange files on C:\ Brecrost Jones (Jun 11)