Urgent! Strange Files

Discuss Wi-Fi setups, cybersecurity, and network troubleshooting.
Post Reply
AmaD
Registered User
Posts: 122
Joined: August 20th, 2004, 7:37 pm

Urgent! Strange Files

Post by AmaD »

Sorry, this is rather urgent. I have found the folders 'stopmath' and 'twoatomnew' in my C:/Program Files. I can't delete them because they're apprently active, but I can't end them using the Ctrl Alt Del thing (I using Win XP pro). Also, My internet explorer are rigged with some bar on the bottom which helps me to search the internet or whatever. Also, the 'stopmath' folder contains a file called 'Admin Wipe.exe' which has me scared :(

I have Run spybot 1.3 and Ad-aware and Norton antivirus 2005 on my system but nothing shows up. Can anyone help me please? This is rather urgent, thanks.

PS - I run a whois on the files which try to load upevery now and then, esecially when I open Internet Explorer and it returned this information:


OrgName: Hurricane Electric
OrgID: HURC
Address: 760 Mission Court
City: Fremont
StateProv: CA
PostalCode: 94539
Country: US

NetRange: 64.71.128.0 - 64.71.191.255
CIDR: 64.71.128.0/18
NetName: HURRICANE-2
NetHandle: NET-64-71-128-0-1
Parent: NET-64-0-0-0-0
NetType: Direct Allocation
NameServer: NS1.HE.NET
NameServer: NS2.HE.NET
NameServer: NS3.HE.NET
Comment: ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE
RegDate: 2000-04-19
Updated: 2001-04-24

TechHandle: ZH17-ARIN
TechName: Hurricane Electric
TechPhone: +1-510-580-4100
TechEmail: [email protected]

OrgTechHandle: ZH17-ARIN
OrgTechName: Hurricane Electric
OrgTechPhone: +1-510-580-4100
OrgTechEmail: [email protected]

This is what the banner at the bottom of IE looks like if you wanted to know:

Image
[CPU] AMD Athlon 64 3000+ Venice [MOBO] DFI LanParty UT NF4 Ultra-D (s939) [CARD] ATI Radeon X800 XL (256MB) [CASE] Silverstone Temjin TJ01 - Silver [HDD] ST340016A (40 GB, 7200 RPM, Ultra-ATA/100) [HDD] WDC WD1200BB-00CJA1 (111 GB, IDE)
Top
User avatar
ccb056
Site Administrator
Posts: 981
Joined: January 14th, 2004, 11:36 pm
Location: Texas
Contact:
Contact ccb056

Post by ccb056 »

boot into safe mode and delete the folder

also, run hijackthis
Top
AmaD
Registered User
Posts: 122
Joined: August 20th, 2004, 7:37 pm

Post by AmaD »

Ok, i'll tell you if it works :D
[CPU] AMD Athlon 64 3000+ Venice [MOBO] DFI LanParty UT NF4 Ultra-D (s939) [CARD] ATI Radeon X800 XL (256MB) [CASE] Silverstone Temjin TJ01 - Silver [HDD] ST340016A (40 GB, 7200 RPM, Ultra-ATA/100) [HDD] WDC WD1200BB-00CJA1 (111 GB, IDE)
Top
Tebow2000
Registered User
Posts: 1099
Joined: January 19th, 2004, 7:56 am
Location: New Orleans, Louisiana
Contact:
Contact Tebow2000

Post by Tebow2000 »

if if you are having problems in safe mode deleting the file as a whole, change the explorer's preferences to show all icons, and then go in a delete each individual one...

Also, this might be running in your background... Run>MSCONFIG and find the file name
Redcode Hosting redcodehosting.com | Unix Shared Hosting | sales[aT]redcodehosting[dOt]com
Top
Post Reply

Return to “Networking & Security”