Hi! Check out what's the creation time of the mysterious profile folder -- does it correspond to any timed event in your network such as network-wide backups, anti-virus software updates or anything similar? Who owns the profile folder? (Hint: right-click on the folder, then Properties => Security => Advanced => Owner) Is the user who owns it Properties => local or a domain account? If you try to remove the folder, does the system let you do it or does it say it's in use and can't be removed? If the profile folder can be removed, try to restart the workstation (or server) and see if it's back right after startup. If it's not, Yours, Jyri >> -----Original Message----- >> From: Greg Wiedeman [mailto:gswcentralat_private] >> Sent: Thursday, February 20, 2003 6:38 AM >> To: incidentsat_private >> Subject: Weird Profile in Documents and Settings >> >> >> >> >> I have an incident where in the documents and settings in >> windows 2000 I >> have a profile show up under a number of systems where the >> name of the >> folder shows up as 3 squares. I don't know where it came from but it >> appears on my workstations and my servers. I don't know what >> it is. Does >> anyone know anything that would make this profile???? I have >> done virus >> scans and trojan scans along with scumware scans but all turn >> up negative. >> Thanks >> >> -------------------------------------------------------------- >> -------------- >> >> Do you know the base address of the Global Offset Table (GOT) >> on a Solaris 8 box? CORE IMPACT does. www.securityfocus.com/core >> >> ---------------------------------------------------------------------------- Do you know the base address of the Global Offset Table (GOT) on a Solaris 8 box? CORE IMPACT does. www.securityfocus.com/core
This archive was generated by hypermail 2b30 : Fri Feb 21 2003 - 15:36:16 PST