Solved

Help!Urgent (It's about NT)

Posted on 2001-08-03
13
294 Views
Last Modified: 2010-04-11
Hi all guys

Our NT is hacked by hacker, that guys leave a no Name folder,  
its no name, just leave a folder in our server,
But we cannot delete as well as we cannot open it,
but we right click the properties is access to everybody,
When we intend to open it, it prompt a msg,
say no access right,
How can we solve it??
And How can we delete the folder ??
and Does the folder have any virus ???
Or how can we find the virus it hide ??

Thanks
0
Comment
Question by:kankan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 3
  • +3
13 Comments
 
LVL 41

Expert Comment

by:stevenlewis
ID: 6348628
Can the administrator take ownership of the folder?
also try looking at the name in a dos window (from the command prompt) it may be using alt+255 as it's name (windows does not recognize this name.
0
 
LVL 63

Expert Comment

by:SysExpert
ID: 6349514
rename it and then delete it or use
the delete from a DOS prompt.

rd /s

As specified in JSI tip 2057 I went to the command line, switched to the directory and typed -- RD /S
    "" This removed the offending directories and files (with names nt doesn't like) per and in similar
      fashion to,
   http://www.jsiinc.com/tip2000/rh2057.htm

I hope this  helps !
0
 
LVL 63

Expert Comment

by:SysExpert
ID: 6349515
rename it and then delete it or use
the delete from a DOS prompt.

rd /s

As specified in JSI tip 2057 I went to the command line, switched to the directory and typed -- RD /S
    "" This removed the offending directories and files (with names nt doesn't like) per and in similar
      fashion to,
   http://www.jsiinc.com/tip2000/rh2057.htm

I hope this  helps !
0
Secure Your WordPress Site: 5 Essential Approaches

WordPress is the web's most popular CMS, but its dominance also makes it a target for attackers. Our eBook will show you how to:

Prevent costly exploits of core and plugin vulnerabilities
Repel automated attacks
Lock down your dashboard, secure your code, and protect your users

 

Author Comment

by:kankan
ID: 6350779
But this command [RD /S ""]
Will Delete the other folder 2 ???
I mean I afarid it will infect other important folder at other directory.
0
 
LVL 63

Accepted Solution

by:
SysExpert earned 200 total points
ID: 6350795
RD is short for remove directory.

do an rs /? to see the help for it.

Just do it for the folder you want to get rid of.


I hope this helps !
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 6351052
as stevenlewis said, take ownership as administrator of the folder. Then rename it to a reasonable name.Administrator can always do it.
After renaming, i recommend to use cmd.exe and look at the folder, using dir, what else is there.
0
 

Author Comment

by:kankan
ID: 6351339
hi ahoffmann
but the ownership is admin. but when we open it, it just said we didn't have the right to open it
otherwise, i open it before.
and we can't rename the folder, even remote login as well~
but we can see the folder is 0 byte and that guys create a many many sub folder in this folder
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 6351353
kankan, did you take ownership before?
> but we can see the folder is 0 byte and that guys create a many many sub folder in this folder
how can you see subfolders in a folder which cannot be opened?
0
 
LVL 41

Expert Comment

by:stevenlewis
ID: 6351367
try a dir command from a command prompt and see what the folder is named in dos
0
 
LVL 41

Expert Comment

by:stevenlewis
ID: 6351374
again one way to create a "blank" name is to use keystrokes that windows doesn't recognize
the ALT+255 keystroke combo will do this. I have used this to mess with a friends desktop, and create a folder that he could see, but when he clicked on it, it said path not found, even though he was looking at it
0
 
LVL 55

Expert Comment

by:andyalder
ID: 6355533
What makes you think this was done by a hacker? It looks more like a filesystem corruption to me, have you run chkdsk on it to check the filesystem is clean?
0
 

Author Comment

by:kankan
ID: 6364431
but abdyyalder how's u feeling it's not ??
coz i can open the folder,
but we now try to format the drive,
but it prompt a error msg "no premission of this folder .... something like that."

and not related to ALT+255 this keystroke, coz we guess this type of folder is generate from some program,
and then run on our server
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 9017140
kankan,
No comment has been added lately (718 days), so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area for this question:

RECOMMENDATION: Award points to SysExpert http:#6349515

Please leave any comments here within 7 days.

-- Please DO NOT accept this comment as an answer ! --

Thanks,

lrmoore
EE Cleanup Volunteer
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Let’s list some of the technologies that enable smooth teleworking. 
This article is a collection of issues that people face from time to time and possible solutions to those issues. I hope you enjoy reading it.
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question