Doъ Folder???

Discussion in 'malware problems & news' started by oldshep, Jul 2, 2007.

Thread Status:
Not open for further replies.
  1. oldshep

    oldshep Registered Member

    Joined:
    Dec 19, 2006
    Posts:
    139
    I've seen this folder in my C:\ directory a few times now and I'm not sure what it is or what is creating it. I can delete it but it reappeared this am on startup. It's first 2 subdirectories are "cookies" and "local settings". There are several more subdirectories underneath. Under "local settings" there are "History" and "temporary internet files" directories so it sounds like maybe its a microsoft directory?? I scanned it with Spysweeper and Nod32 and it came back clean.

    Anyway, just thought I'd try to make sure its not being created by some kind of malware. Any comments or suggestions would be appreciated.
     
  2. pykko

    pykko Registered Member

    Joined:
    Apr 27, 2005
    Posts:
    2,236
    Location:
    Romania...and walking to heaven
    try a Bit Defender online scan. ;)
     
  3. ccsito

    ccsito Registered Member

    Joined:
    Jul 27, 2006
    Posts:
    1,579
    Location:
    Nation's Capital
  4. oldshep

    oldshep Registered Member

    Joined:
    Dec 19, 2006
    Posts:
    139
    Ran a BD 8 (Free) scan and a Nod32 "in-depth analysis" scan and a ZA AS max scan. All came back clean. So I guess if its malware, its pretty difficult to identify. I deleted the folder and rebooted a couple of times and it hasn't reappeared yet. So I guess I'll just have to continue to watch.

    Thanks
     
  5. oldshep

    oldshep Registered Member

    Joined:
    Dec 19, 2006
    Posts:
    139
    Yea - the cyrillic character was what got me concerned more than anything else. Just seems out of place. The contents of the folder just looked like some benign M$ user data. Anyways, I've scanned the P!ss out of my hard drive (as described above) and nothing. The only arrow left in my quiver is a max Spy sweeper scan... Which I'll do now.

    Thanks
     
  6. eniqmah

    eniqmah Registered Member

    Joined:
    Jul 7, 2006
    Posts:
    391
    Rootkit?

    Check and see what kind of ports are open when your computer is idle. If there's anything going out, you've probably got a rootkit.
     
Thread Status:
Not open for further replies.