Archived from groups: microsoft.public.win2000.security (
More info?)
As Karl mentioned there are quality free for personal use anti virus
programs. Newegg.com has a deal right now where you can download Trend
Micro PC-cillin for $9.99 after rebates and I think you can download it to
try free for 30 days from TM.
http://www.newegg.com/Product/Product.asp?Item=0-N82E1681297339SF
TM also offers a free tool that can detect AND remove many common malwares
called Sysclean. You just download it and the pattern file, unzip the
patterns file, and run from a common folder. The links below explain
ore. --- Steve
http://www.trendmicro.com/download/dcs.asp
http://www.trendmicro.com/download/pattern.asp
Microsoft has an excellent free downloadable guide called Anti Virus in
Depth if you want to learn more about malware, how to protect yourself from
it, and what to do if you get it that is geared toward system admins and
power users. --- Steve
http://www.microsoft.com/technet/security/topics/serversecurity/avdind_0.mspx
"Cacique" <cacique83@hotmail.com> wrote in message
news:d67g53$h8j$1@inews.gazeta.pl...
> Thanks, guys, for the help. I download Ad-Aware and Search and Destroy
> and
> they found all kinds of junk on the system. I have cleaned up most of the
> spyware using those two programs.
>
> I have also visited symantec.com and did an online scan it detected the
> W32.HLLW.Gaobot worm in many different files. I had already deleted the
> executables in question, but I think it's likely, based on the description
> of this virus, that it had placed them there. I am currently searching
> for
> the best antivirus tool to use to get rid of it. Symantec has a removal
> tool for some of the Gaobot variants, but unfortunately, it doesn't clean
> off the one on my system. Maybe McAfee or Trend has something. I'll
> keep
> searching. At any rate, I guess I'll bite the bullet and buy an AV
> program
> to keep these things under control, and run the adware programs regularly.
>
> Thanks again.
>
>
>
> "Karl Levinson, mvp" <levinson_k@despammed.com> wrote in message
> news:OS7oFsMWFHA.2472@TK2MSFTNGP10.phx.gbl...
>> It could "just" be a computer on your network infected with a virus that
> has
>> the ability to spread via Windows NetBIOS file shares. Such viruses
>> commonly put malware executables on the root of a Windows server file
> share,
>> and the file names below can be common. To know for sure, scan them with
> an
>> up to date antivirus scanner and then look up how that virus spreads in
> the
>> virus encyclopedia on your antivirus vendor's web site. The easiest way
> is
>> to go to www.virustotal.com and submit the files there, you get an answer
>> back immediately using a dozen different scanners.
>>
http://housecall.antivirus.com should also be able to identify those
>> files
>> using TrendMicro AV.
>>
>>
>> "Cacique" <cacique83@hotmail.com> wrote in message
>> news:d64jsu$1q1$1@inews.gazeta.pl...
>> > I have a Win2K box behind a router, networked with an iMac and a Linux
>> box.
>> > I have 4 shared folders on the Win2K box that I access from the iMac
>> > and
>> the
>> > Linux box.
>> >
>> > The other day I checked the contents of my shared folders and saw that
> in
>> > the root directory of each shared folder there were a bunch of
> executable
>> > files. I didn't put them there. The files were:
>> >
>> > casvc.exe, ggtb32.exe, hqisvc32.exe, macdwXM.exe, prcview.exe,
>> regsvc32.exe,
>> > testfile, wmp9.exe, mssqlXP16.exe, srtsr32.exe, crss.exe, svchost.exe,
>> > sdvhost.exe, stisvc32.exe, znksvc32.exe
>> >
>> > Has someone broken into my system and placed these files in my shared
>> > directories? If so for what purpose? I thought the router would keep
> the
>> > hackers out, but what I should I do now if people can get into my
> system?
>> >
>> > Thanks.
>> >
>> >
>>
>>
>
>