Please identify Unknown folder - Techist - Tech Forum

Go Back   Techist - Tech Forum > Computer Software > Microsoft Windows and Software
Click Here to Login
Closed Thread
 
Thread Tools Display Modes
 
Old 04-25-2004, 05:28 PM   #1 (permalink)
Blo
Junior Techie
 
Join Date: Oct 2003
Posts: 94
Default Please identify Unknown folder

I have noticed this folder - C:\7d5f66100f81e0e2293bba802d41\update ...Could anyone tell me if i could delete the file, folder or both, as i am fully up-to-date with all windows updates.
... I'm suspicious that it's an update i put there by mistake - in fact, it may even be a win 98 update i was downloading for a neighbours PC.
Any help on the issue will be greatly appreciated!
Many thanks. BLO.
__________________

Blo is offline  
Old 04-25-2004, 05:32 PM   #2 (permalink)
Ultra Techie
 
Join Date: Apr 2004
Posts: 617
Default

it doesnt look like a good folder
what is in the folder

and do this

Please do this. Click here: http://www.sherrylynn.us/HijackThis.exe to download Hijack This. Save it to it’s own folder (not temporary files or the desktop).
Close all open windows and open HIJACK THIS. Click “Scan”. When the scan is finished (it only takes a second), the scan button will change to “Save Log”. Click on “Save Log” and save it to NotePad. Copy the entire log and paste it here.

DO NOT FIX ANYTHING YET, most items that appear in the log are harmless or even needed. Wait for someone to analyze the scan and advise.
__________________

__________________
AdAware | Spybot S&D 1.4 | spyware guard & spyware blaster |

How did I get infected in the first place By Tony Klein

If you use IE I suggest using thes two programs IE Hosts & IE-SPYAD


Lobos is offline  
Old 04-26-2004, 07:37 AM   #3 (permalink)
Blo
Junior Techie
 
Join Date: Oct 2003
Posts: 94
Default

Many Thanks, Blo.

{8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb0 4.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: GraphicsPlus.lnk = C:\Program Files\Serif\GraphicsPlus\GpStart.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Si&milar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/s...irector/sw.cab
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) - http://office.microsoft.com/officeup...ntent/opuc.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/...eInstaller.exe
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.co...922.6473726852
O16 - DPF: {AE9DCB17-F804-11D2-A44A-0020182C1446} (IntraLaunch.MainControl) - file://D:\PCFormat\IntraLaunch.CAB
O16 - DPF: {C56CE781-A6FC-4706-8B32-6EB4622155DF} (MediaConnect Control) - http://plugin.euro-infomedia.com/mpv0.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/s...sh/swflash.cab
Blo is offline  
Old 04-26-2004, 09:33 AM   #4 (permalink)
Banned
 
Join Date: Apr 2004
Posts: 408
Default

looks more like a virus
cheerios is offline  
Old 04-26-2004, 09:44 AM   #5 (permalink)
Newb Techie
 
Join Date: Apr 2004
Posts: 4
Default

When you go to the WindowsUpdate website and you update your Windows S.O. it creates that folder (with a random name).
It's a temporary folder to where the update utiliy downloads the updates. But it never (or almost never) deletes it. So you're free to delete that folder. Sometimes it doesn't allow you to delete it on WinXP. That I couldn't figure it out...yet.
man_in_the_b0x is offline  
Old 04-26-2004, 06:35 PM   #6 (permalink)
Blo
Junior Techie
 
Join Date: Oct 2003
Posts: 94
Default

I'm waiting on a reply from 'LobosBlanco'...
I'm getting a bit nervous now, because LobosBlanco requested me run the above program http://www.sherrylynn.us/HijackThis.exe ... and the results are displayed above... However, You are all replying to me - giving me advice, and i've only just noticed the name of the program... HIJACK THIS... that doesn't sound good, does it !
I'm waiting patiently... On LobosBlanco... for now !
Many thanks, Blo.
Blo is offline  
Old 04-26-2004, 06:44 PM   #7 (permalink)
Ultra Techie
 
Join Date: Apr 2004
Posts: 617
Default

no i dont see anything wrong with your log
i know the name doesn't sound good but its a good diagnosing program

of course you dont have your whole log there

but what i see nothing wrong with your log

as man in the box said it could be a update of some kind

if you right click on the file what do the properties say
__________________
AdAware | Spybot S&D 1.4 | spyware guard & spyware blaster |

How did I get infected in the first place By Tony Klein

If you use IE I suggest using thes two programs IE Hosts & IE-SPYAD


Lobos is offline  
Old 04-27-2004, 03:24 AM   #8 (permalink)
Blo
Junior Techie
 
Join Date: Oct 2003
Posts: 94
Default

I'm sorry for doubting such a 'Diamond of a program'... It's obviously a good tool - to a person who knows how to use it! (not me)...
There is nothing actually in the folder, only a date of - 08 March 2004, 10:08:37 - (folder properties) when it was created...
If we decide to delete it, and store it in the recycle bin, then should i check whether it's refered to in the registry...
I won't do anything with it until you reply.
Blo is offline  
Old 04-27-2004, 09:54 AM   #9 (permalink)
Ultra Techie
 
Join Date: Apr 2004
Posts: 617
Default

id say delete it you can always restore it
__________________
AdAware | Spybot S&D 1.4 | spyware guard & spyware blaster |

How did I get infected in the first place By Tony Klein

If you use IE I suggest using thes two programs IE Hosts & IE-SPYAD


Lobos is offline  
Old 04-27-2004, 09:59 AM   #10 (permalink)
Ultra Techie
 
Join Date: Apr 2004
Posts: 617
Default

is your computer running fine

i mean besides wondering what that folder is
__________________

__________________
AdAware | Spybot S&D 1.4 | spyware guard & spyware blaster |

How did I get infected in the first place By Tony Klein

If you use IE I suggest using thes two programs IE Hosts & IE-SPYAD


Lobos is offline  
Closed Thread

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off




Copyright 2002- Social Knowledge, LLC All Rights Reserved.

All times are GMT -5. The time now is 08:41 PM.


Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.