Go Back  DoItYourself.com Community Forums > Electrical, AC & DC. Electronic Equipment and Computers > Computers, Internet Capable Devices and Peripherals
Reload this Page >

Dumb computer question. When told to look in %program files, where do you look?

Dumb computer question. When told to look in %program files, where do you look?

Reply

  #1  
Old 04-19-07, 04:15 PM
Member
Thread Starter
Join Date: Oct 2003
Posts: 169
Received 0 Votes on 0 Posts
Dumb computer question. When told to look in %program files, where do you look?

When you're trying to hunt down a possible malware program(s) and your research says to look in %program etc, etc. Where exactly do you look in XP. Is this just in C-program files? I've tried to google this % before program files in every possible way I can think of, and I can't find an explanation. this is all I've been able to come with..........
In the command processors COMMAND.COM (DOS) and CMD.EXE (OS/2 and Windows), %1, %2,... stand for the first, second,... parameters of a batch file. %VAR1% represents the value of an environment variable named VAR1. Thus:

set PATH=c:\;%PATH%

sets a new value for PATH, the old value preceded by "c:\;".
..............and btw, how do/can you turn on either VBcode or HTML on in this forum so you can use quote, bold, etc. thx.
 
Sponsored Links
  #2  
Old 04-19-07, 05:36 PM
HotxxxxxxxOKC's Avatar
Banned. Rule And/Or Policy Violation
Join Date: Jul 2006
Location: USA
Posts: 8,044
Received 0 Votes on 0 Posts
vbcode is turned off in the forums for some reason and cannot be turned on.

What problems are you having?

Have you ran a program like SpyBot Search & Destroy?
 
  #3  
Old 04-19-07, 06:37 PM
Member
Thread Starter
Join Date: Oct 2003
Posts: 169
Received 0 Votes on 0 Posts
""Have you ran a program like SpyBot Search & Destroy?"" --- I run all the usual anti-malware as well as nod32 AV. there's nothing unusual in these scans as well as nothing unusual in the hijackthis log. My firewall had a PU that run32dll.exe was trying to open a port to the internet, which I denied because I'd never seen it before. My research shows that this is possibly a keylogger program, pal pc spy. I haven't had any more attempts, but I'm having some unusual activity with a few udp connection attempts and Fx has been acting funny when started. They are being monitored/logged by wireshark. I'm just trying to hunt down a few files. one being %System%\PAL\CSS\run32dll.exe, before I restore the OS from a previous clean image.
 
  #4  
Old 04-19-07, 08:10 PM
tae's Avatar
tae
tae is offline
Member
Join Date: Nov 2002
Posts: 2,469
Received 0 Votes on 0 Posts
basically forget the percent sign.
the system folder will be in the windows folder....my computer/(drive letter)/Windows/system....just follow the hierarchy down the chain.
 
  #5  
Old 04-19-07, 08:41 PM
Member
Thread Starter
Join Date: Oct 2003
Posts: 169
Received 0 Votes on 0 Posts
""basically forget the percent sign.
the system folder will be in the windows folder....my computer/(drive letter)/Windows/system....just follow the hierarchy down the chain."" ---thx, -----tae. btw, are there any good malware programs or support programs to detect keyloggers?
 
  #6  
Old 04-20-07, 07:04 PM
tae's Avatar
tae
tae is offline
Member
Join Date: Nov 2002
Posts: 2,469
Received 0 Votes on 0 Posts
most malware scanners will do a pretty good job detecting them, especially if run in safe mode. There are some keyloggers that mimic real programs. I personally use a firewall to make sure nothing I dont want gets out,but this means I do a complete format and fresh install of the o.s., and then keep a close watch on the settings for the firewall. Someone can access the computer, install a keylogger, then allow the firewall to give it access. you have to know your settings.
 
  #7  
Old 04-20-07, 07:13 PM
HotxxxxxxxOKC's Avatar
Banned. Rule And/Or Policy Violation
Join Date: Jul 2006
Location: USA
Posts: 8,044
Received 0 Votes on 0 Posts
Also, these malware programs are getting really really difficult to remove. Just recently, I was fixing a friends computer who had numerous viruses and malware due to no firewall or av. There was a malware program called "winfixer" on this machine and could not be removed no matter what malware remover program I tried.
It's easier and faster for me to just reformat and reload the o.s.
 
Reply

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Thread Tools
Search this Thread
 
Ask a Question
Question Title:
Description:
Your question will be posted in: