[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 189
  • Last Modified:

Multiple folders into c:\winnt (systemRoot)

I got over 7000 folders into my systemroot.  They are owned by different active directory user.  They are all empty.
Here is some of their name : FI20DS7KZET8L0DS FG0JYDS7KZET8L0D FK1WCR6JYDS7KZET FKZET8R6JYDS7KZE FL0JYDS7KZET8L0D FK4N2GT8L0DS7GVA

This is a windows 2000 terminal server with sp4.

Is anybody knowing what to do with those? and where they come from?
0
fatp
Asked:
fatp
1 Solution
 
Pete LongConsultantCommented:
This has got Virus wirtten all over it :)

Is this server doing FTP at all is so make sure anonymous login is disabled

Online (Free) Virus Checking can be done at

SYMANTEC (You must have ActiveX enabled on your browser for it to work!)
http://security.symantec.com/ssc/vc_scan.asp?j=1&langid=ie&venid=sym&plfid=23&pkj=ROSUPWFYJOKMFIDPMSV 

Trend Micro (Housecall)
http://housecall.trendmicro.com/

But You really Need some good quality Anti Virus Installed!

Freeware

AntiDote Lite http://www.vintage-solutions.com/English/Antivirus/Super/index.html
Avast http://www.avast.com/
F-Prot http://www.f-prot.com/products/
V-Catch http://www.vcatch.com/download.html

The BIG Boys in AV

McAfee
http://www.mcafee.com/default.asp

Symantec (or the firm formally known as Norton)
http://www.symantec.com

Sophos (This Protects My Corporate Network)
http://www.sophos.com/

Command
http://www.commandsoftware.com/
0
 
fatpAuthor Commented:
After looking into my servers, we allready use panda antivirus, I tried to scan it with trend Micro too but did not find anything....any other idea?
0
 
fatpAuthor Commented:
Problem solved, dot net framework was not updated and this was the cause of those folder everytime a user logged on...


Please close!
0
Upgrade your Question Security!

Add Premium security features to your question to ensure its privacy or anonymity. Learn more about your ability to control Question Security today.

 
fatpAuthor Commented:
If I can add something, it seems that framework needed users everyone to have full access to c:\windows(%systemroot%) in order to delete the folder that it was making....by doing this it fixed my problem.
0
 
kodiakbearCommented:
A request has been made in CS to PAQ this question.Another moderator or myself will finalize this question in 4 days if there are no objections from the participating experts.
Since the asker posted the solution it will be  PAQ/Refund of points

Thank you.
kb
Experts Exchange Moderator
0
 
moduloCommented:
Closed, 125 points refunded.

modulo
Community Support Moderator
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now