WIERD new folders in C drive....

By HiFi ยท 7 replies
Sep 25, 2006
  1. I am getting wierded out by 2 new folders that just poofed into my C: Drive under mysterious circumstances:

    I was on my desktop minding my own business, then I clicked on My Computer (from the Start menu) and I got that "Windows Explorer has encountered an unexpected problem and has to close.." blah blah, Send, Dont Send, ETC.

    Well I had to click on something so I did, and then the entire Windows interface blinked off for a couple seconds, then came back on.

    I went into My Computer again, looked in my C: drive, and found these 2 wierd folders with HUGE hexidecimal-looking names.

    One is called: 281885f0332ff0e167, the other is called: 025de114596b2c6a813859.They each contain the same file, exactly 699KB large, just called "update" with the subtitles "Microsoft Service Pack Setup/Microsoft Corporation". In Properties it says they were created and Modified August 11, 2006 (more than a month ago).

    Could the error have poofed these files from a hidden state? or are they bad news?
    Any ideas? What should I do?

    Help.[posted an HJT log just as a standard protocol]
  2. Mictlantecuhtli

    Mictlantecuhtli TS Evangelist Posts: 4,345   +11

    Windows Update and some hotfixes create temporary directories with that kind of "random" names. You should be able to delete them without problems.
  3. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Mict is more than likely correct.

    However, just to be sure, rename HijackThis.exe to HijackThis1991.exe and post a fresh HJT log. The reason you need to rename HijackThis.exe is because certain malware can hide from that filename.

    Regards Howard :)
  4. kirock

    kirock TS Rookie Posts: 1,221

    Really? When did this start happening Howard? Good safety tip! That's right up there with, "Don't cross the beams", Ghost Busters.
    (that's not sarcasim incase it sounded like that).

  5. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    This started happening a few weeks, maybe a couple of months ago. I noticed members were saying they were still having problems, even though their HJT logs appeared to be clean.

    Once I researched the problem I quickly foundout that malware writers were targeting HijackThis.exe and that the way round this was to rename the HijackThis.exe file to something else. This then allows any malware to show up in HJT.

    I have therefore altered some of our stickies to reflect this.

    Regards Howard :)
  6. HiFi

    HiFi TS Rookie Topic Starter

    Okay, heres the new one. thanks.
  7. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Your HJT log is clean, therefore Mict is correct and you have nothing to worry about.

    Regards Howard :)
  8. Mictlantecuhtli

    Mictlantecuhtli TS Evangelist Posts: 4,345   +11

    Weee, I might have been correct!
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...