1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Solved: 5 Files with NO Google Hits?!?

Discussion in 'General Security' started by missyjax, Apr 1, 2009.

Thread Status:
Not open for further replies.
Advertisement
  1. missyjax

    missyjax Thread Starter

    Joined:
    Apr 10, 2008
    Messages:
    45
    This isn't an emergency but I was just doing some basic checks and found FIVE programs dumped into my shared folders that, when googled, produced no hits at all! They all landed on the same day in October.

    I just finished a full virus and malware scan (CA Associates) and it just found the usual low-level stuff. Is this alarming? It's never happened before.
     
  2. PCcruncher

    PCcruncher

    Joined:
    Oct 24, 2007
    Messages:
    2,992
    They could be random file names, and so wouldn't be found anywhere else.

    I would upload each of them to Jotti (http://virusscan.jotti.org/) and scan them before doing anything else.

    Good luck!
     
  3. missyjax

    missyjax Thread Starter

    Joined:
    Apr 10, 2008
    Messages:
    45
    I'm doing this as I type. If they don't have value to virus trackers, I'd just as soon delete them.
     
  4. Byteman

    Byteman Gone but Never Forgotten

    Joined:
    Jan 24, 2002
    Messages:
    17,742
    The uploading to the Jotti site is for a virus scan of the file not for them to have a sample of.

    Jotti uses a bunch of the top antimalware scanners to analyze one file at a time that you can Upload.

    Use the Browse button at Jotti site, and then navigate to the file on your computer using Windows Explorer

    You may have to set these settings in order to see the files, it depends:

    If you are using XP:

    Because XP will not always show you hidden files and folders by default, Go to Start > Search>Files and Folders>> and under "More advanced search options".
    Make sure there is a check by "Search System Folders" and "Search hidden files and folders" and "Search system subfolders"

    Next click on My Computer. Go to Tools > Folder Options. Click on the View tab and make sure that "Show hidden files and folders" is checked. Also uncheck "Hide protected operating system files" and "Hide extensions for known file types" . Now click "Apply to all folders"
    Click "Apply" then "OK"
     
  5. missyjax

    missyjax Thread Starter

    Joined:
    Apr 10, 2008
    Messages:
    45
    Thanks, byteman! I had done the first several years ago, and on the second I'll go ahead and do that, but you can also see the file extension when you upload it simply by clicking on it and right arrow-ing. One turned out to be a vbs and one was reg, which is what concerned me.

    At any rate, all 5 files got scanned with no problem. I just found it odd that they landed at about the same time and the names were bizarre - one clearly Russian and another Japanese origin.

    But I'm not sure I agree that they just scan for viruses. I read the documentation before uploading, and they state that they share files with legit AV outfits for further analysis if needed.
     
  6. PCcruncher

    PCcruncher

    Joined:
    Oct 24, 2007
    Messages:
    2,992
    Yes, if it was a new file, they could share it so a fix can be found. otherwise it would be in their database.
     
  7. missyjax

    missyjax Thread Starter

    Joined:
    Apr 10, 2008
    Messages:
    45
    That's what I'm hoping. I would doubt I'm the only person on the planet with these 5 files and I sure know I didn't download them myself.

    At any rate, thanks and I'll mark this solved.
     
  8. PCcruncher

    PCcruncher

    Joined:
    Oct 24, 2007
    Messages:
    2,992
    Just for curiosity, could you post the file names? some infections have random file names, but you can figure out what they are from them.
     
  9. missyjax

    missyjax Thread Starter

    Joined:
    Apr 10, 2008
    Messages:
    45
    Sure.

    fyvujejo
    gopevar
    imysi
    itoroxoj
    tidulul
    ytav

    They arrived in 2 clumps on the 19th and 17th of October.
     
  10. Byteman

    Byteman Gone but Never Forgotten

    Joined:
    Jan 24, 2002
    Messages:
    17,742
    Hi missjax-

    When I posted:

    "The uploading to the Jotti site is for a virus scan of the file

    not for them to have a sample of. ">
    I should have said " The uploading to the Jotti site is for a virus scan of the file

    not only for them to have a sample of. "

    Obviously, they "have a sample" as the files are actually sent to the Jotti site....

    I was thinking it was not clear to you, that they would have a reply for you in just seconds....Also, sounded that you would delete them, anyway, even if they were not "infected malware , you see.


    RE: The extensions, and turning on hidden files, etc> we have to set up our replies to cover the general population, we can't write back without the basic, step by step instructions that even your grandma could follow.....(y)


    A .VBS is a script, a .REG file if made correctly, changes items in your Registry. Looking at those filenames, I would definitely have been thinking along the lines of a trojan infection, too. "Leftovers" that are not detected, do happen with the malware we see every day- usually they are .bak and .ini type file extensions, tho.

    They could have been downloaded as they are, into temp locations or Temporary Internet Files.....or, they could have been created on your machine, by a program.


    If you have Shared folders with other machines, then that is most likely way you got the files.
     
  11. missyjax

    missyjax Thread Starter

    Joined:
    Apr 10, 2008
    Messages:
    45
    Thanks, Byteman. That's the other thing that caught my eye, however. I don't share my PC at all and this might have been the first time I ever even checked my shared files. I was just doing routine system checking and clicked on them. This was all that was in there.
     
  12. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/814920

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice