Hidden files caught by TrendMicro

Discussion in 'Malware Help (A Specialist Will Reply)' started by deb3337, May 27, 2013.

  1. deb3337

    deb3337 Private E-2

    I am not a very techy kind of computer person, just an operator; so please bear with my ignorance...I ran RootKitBuster from Trendmicro and it gave me a list of hidden files that it could not fix. Will these harm my computer? I use Tuneup Utilities, Ccleaner, and Eusing Free Registry. I use Google for my browser most of the time. Here is the results of the test:

    +----------------------------------------------------
    | Trend Micro RootkitBuster
    | Module version: 5.0.0.1129
    | Computer Name: MITCH-PC
    | OS version: 6.0-6002
    | User Name: MITCH
    +----------------------------------------------------


    --== Dump Hidden MBR, Hidden Files and Alternate Data Streams on C:\ ==--
    [HIDDEN_FILE]:
    FullPath : C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\Acrobat\10.0\Replicate\Security\directories.acrodata
    FullPathLength: 277
    DesiredAccess : 0x0
    Options : 0x0
    Attributes : 0x2020
    ShareAccess : 0x0
    Type : 0x0
    [HIDDEN_FILE]:
    FullPath : C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Agnitum\Security Suite\machine.ini
    FullPathLength: 270
    DesiredAccess : 0x0
    Options : 0x0
    Attributes : 0x2020
    ShareAccess : 0x0
    Type : 0x0
    [HIDDEN_FILE]:
    FullPath : C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\213BC\{38506DEE-CBFB-4D45-9B00-F4C442C23407}.swf
    FullPathLength: 301
    DesiredAccess : 0x0
    Options : 0x0
    Attributes : 0x2020
    ShareAccess : 0x0
    Type : 0x0
    [HIDDEN_FILE]:
    FullPath : C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\27317\{C9F81BC2-5D39-4B1E-8139-0A180F19E905}.swf
    FullPathLength: 301
    DesiredAccess : 0x0
    Options : 0x0
    Attributes : 0x2020
    ShareAccess : 0x0
    Type : 0x0
    4 hidden files found.

    Hope you can help. Thanks
     
    deb3337, May 27, 2013
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    Hidden files are quite normal on PCs. It is when they are detected as malware that you need to be worried. These are not malware, but the path being reported by TrendMicro showing the recursive use of Applicaton Data seems to be rather strange. Not sure if this folder level really exists on your PC or it is just a reporting bug in RootkitBuster.

    Why are you running this scan anyway? Are you having malware problems?​
     
    chaslang, May 28, 2013
    #2
  3. deb3337

    deb3337 Private E-2

    Thanks for getting back with me so soon. You guys are really the know-alls when it comes to this stuff. So glad I found your page..

    The reason I was running it because my computer has been running especially slow and the cpu gauge was sitting at 80 to 100 percent at idle, just Google running. I have cleaned off some useless programs that I wasn't using and defragged my system, the needles have calmed down...but still doesn't seem to be running as efficient as it was a few months ago.

    Also what does the RAM mean cause it is at 54%?

    Thanks again, Deb
     
    deb3337, May 29, 2013
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You're welcome.

    If you want to know for sure whether you are having malware problems, you should run thru the below procedure an attach the requested logs ( take note that I said attach logs ;) You will see a link on how to attach logs. What you posted from RootkitBuster
    is an inline log not at attachment.).

    READ & RUN ME FIRST. Malware Removal Guide


    Not sure exactly what your question was asking? RAM means Random Access Memory. And when you say "it is at 54%", I cannot tell whether you mean you have 54% free or 54% used. Not too much difference for this particular case though since it is basically 50% either way which is really not that bad. But the numbers that are also important are:
    • how much RAM do you have
    • what version of Windows do you have
    • what is your CPU type and speed
    • what processes/prgrams are you running
    When you give us the logs from the READ & RUN ME, we will have all this info and more.
     
    chaslang, May 30, 2013
    #4

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds