Trying to Make Sense of Strange Folder in C:\WINDOWS

W

Will

I have a very strange looking folder under my C:\WINDOWS folder, which if it
is not a trojan then it must be some kind of device driver install that went
very bad. I would like help identifying what it might be.

The folder is named:

C:\WINDOWS\EFUZEJYDIXC1AZ4D

and it contains copies of many Windows system files. The contents of this
folder are posted here:

http://pages.uschw.com/usenet/EFUZEJ-folder/folder-contents.txt

Of special note is a logfile in that folder whose name and contents are
linked here:

http://pages.uschw.com/usenet/EFUZEJ-folder/sthdae.log

You may want to open that logfile in an editor other than NOTEPAD that can
hand LF only at the end of each line. Word 2003 opened it fine here.

In that logfile I see attempts to add device drivers, that are failing with
various messages about an invalid pin. That almost looks like Bluetooth?

What I find most suspicious about this folder is that it copies over so many
critical Windows system files. Why would any device installation need its
own private copies of those files?

--
Will
 
M

Malke

Will wrote:

> I have a very strange looking folder under my C:\WINDOWS folder, which if
> it is not a trojan then it must be some kind of device driver install that
> went
> very bad. I would like help identifying what it might be.
>
> The folder is named:
>
> C:\WINDOWS\EFUZEJYDIXC1AZ4D
>
> and it contains copies of many Windows system files. The contents of
> this folder are posted here:
>
> http://pages.uschw.com/usenet/EFUZEJ-folder/folder-contents.txt
>
> Of special note is a logfile in that folder whose name and contents are
> linked here:
>
> http://pages.uschw.com/usenet/EFUZEJ-folder/sthdae.log
>
> You may want to open that logfile in an editor other than NOTEPAD that can
> hand LF only at the end of each line. Word 2003 opened it fine here.
>
> In that logfile I see attempts to add device drivers, that are failing
> with
> various messages about an invalid pin. That almost looks like Bluetooth?
>
> What I find most suspicious about this folder is that it copies over so
> many
> critical Windows system files. Why would any device installation need
> its own private copies of those files?
>

And what results do you get when you do virus/malware removal scanning?
http://www.elephantboycomputers.com/page2.html#Removing_Malware

Malke
--
MS-MVP
Elephant Boy Computers - Don't Panic!
FAQ - http://www.elephantboycomputers.com/#FAQ
 
M

MARK TURNER

i have vista ultimate 64 bit and have trouble with CA INTERNET SECURITY
SUITE,it is a virus and spyware program from road runner you get free.it is
32 bit and i cannot get the virus protector to work right.i chatted online
with a ca helper and he said i have to upgrade to vista 32 bit.is there
another way to get it to work without upgrading?

mark0325

"Will" <westes-usc@noemail.nospam> wrote in message
news:9eWdnTEJ45bqhPXVnZ2dnUVZ_gednZ2d@giganews.com...
>I have a very strange looking folder under my C:\WINDOWS folder, which if
>it
> is not a trojan then it must be some kind of device driver install that
> went
> very bad. I would like help identifying what it might be.
>
> The folder is named:
>
> C:\WINDOWS\EFUZEJYDIXC1AZ4D
>
> and it contains copies of many Windows system files. The contents of
> this
> folder are posted here:
>
> http://pages.uschw.com/usenet/EFUZEJ-folder/folder-contents.txt
>
> Of special note is a logfile in that folder whose name and contents are
> linked here:
>
> http://pages.uschw.com/usenet/EFUZEJ-folder/sthdae.log
>
> You may want to open that logfile in an editor other than NOTEPAD that can
> hand LF only at the end of each line. Word 2003 opened it fine here.
>
> In that logfile I see attempts to add device drivers, that are failing
> with
> various messages about an invalid pin. That almost looks like Bluetooth?
>
> What I find most suspicious about this folder is that it copies over so
> many
> critical Windows system files. Why would any device installation need
> its
> own private copies of those files?
>
> --
> Will
>
>
 
D

David H. Lipman

From: "MARK TURNER" <rturner011@woh.rr.com>

| i have vista ultimate 64 bit and have trouble with CA INTERNET SECURITY
| SUITE,it is a virus and spyware program from road runner you get free.it is
| 32 bit and i cannot get the virus protector to work right.i chatted online
| with a ca helper and he said i have to upgrade to vista 32 bit.is there
| another way to get it to work without upgrading?

| mark0325


Remove it and replace it with a Win64 compliant AV solution.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
 
You must log in or register to reply here.

Similar threads

S
Encrypted Folder & Files on a Backup Hard Drive
Replies
0
Views
24
Shane Allen1
S
D
How to fix broken folder settings (accidentally merged Downloads and Users/username folder)
Replies
0
Views
19
DinaThain
D
A
Windows 10 file folder and file contents disappeared, how can I get it back?
Replies
0
Views
26
AnnaJose2024
A
J
how to pin folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs to taskbar in windows 11
Replies
0
Views
19
Jan Graarud1
J
D
Is it ok to delete "ESD" folder from hard disk C in my Windows 10?
Replies
0
Views
29
dr. ahmed azmy
D
Back
Top Bottom