PDA

View Full Version : Cannon delete folders



Guych
2010-07-04, 13:00
Hello Spybot forum,

I've recently (just a few days ago) switched from Windows XP to Windows 7 on my laptop. There are two folders in the root directory of my external hard drive (named: 9629dd7c66f33c8cce254974ff47cb and b78674017074cd6d22545cb49f7614ec) that I cannot delete. I think these folders kinda relate to Windows XP I used to have. The first folder has gencomp.dll inside. The second folder has two more folders inside: amd64 and i386. I'm not allowed to open either of these last two.

I've run the Erunt, but in the process of saving the registry it told me a few times that such and such file could not be saved (maybe it is not compatible with Windows 7).
I've run DDS and here are the logs:

DDS txt:

DDS (Ver_10-03-17.01) - NTFSx86
Run by Guych&Jennet at 10:50:11.73 on 04/07/2010
Internet Explorer: 8.0.7600.16385
Microsoft Windows 7 Professional 6.1.7600.0.1252.44.1049.18.2046.1322 [GMT 1:00]


============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\rundll32.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\mswinext.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Users\Guych&Jennet\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Guych&Jennet\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Guych&Jennet\Desktop\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn toolbar\platform\5.0.1423.0\npwinext.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: @c:\program files\msn toolbar\platform\5.0.1423.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn toolbar\platform\5.0.1423.0\npwinext.dll
uRun: [Google Update] "c:\users\guych&jennet\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NVHotkey] rundll32.exe c:\windows\system32\nvHotkey.dll,Start
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [Bing Bar] "c:\program files\msn toolbar\platform\5.0.1423.0\mswinext.exe"
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
StartupFolder: c:\users\guych&~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

============= SERVICES / DRIVERS ===============

R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2010-6-29 135336]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-6-29 267432]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-6-29 60936]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]

=============== Created Last 30 ================

2010-07-03 22:50:20 65536 --sha-w- c:\users\guych&jennet\NTUSER.DAT{d1f09583-86f3-11df-809f-0019b95be2a9}.TM.blf
2010-07-03 22:50:20 524288 --sha-w- c:\users\guych&jennet\NTUSER.DAT{d1f09583-86f3-11df-809f-0019b95be2a9}.TMContainer00000000000000000002.regtrans-ms
2010-07-03 22:50:20 524288 --sha-w- c:\users\guych&jennet\NTUSER.DAT{d1f09583-86f3-11df-809f-0019b95be2a9}.TMContainer00000000000000000001.regtrans-ms
2010-07-03 22:39:50 65536 --sha-w- c:\users\guych&jennet\NTUSER.DAT{d19a44f2-86f2-11df-88af-0019b95be2a9}.TM.blf
2010-07-03 22:39:50 524288 --sha-w- c:\users\guych&jennet\NTUSER.DAT{d19a44f2-86f2-11df-88af-0019b95be2a9}.TMContainer00000000000000000002.regtrans-ms
2010-07-03 22:39:50 524288 --sha-w- c:\users\guych&jennet\NTUSER.DAT{d19a44f2-86f2-11df-88af-0019b95be2a9}.TMContainer00000000000000000001.regtrans-ms
2010-07-03 22:32:39 65536 --sha-w- c:\users\guych&jennet\NTUSER.DAT{d9a5b4ef-86f1-11df-94f1-0019b95be2a9}.TM.blf
2010-07-03 22:32:39 524288 --sha-w- c:\users\guych&jennet\NTUSER.DAT{d9a5b4ef-86f1-11df-94f1-0019b95be2a9}.TMContainer00000000000000000002.regtrans-ms
2010-07-03 22:32:39 524288 --sha-w- c:\users\guych&jennet\NTUSER.DAT{d9a5b4ef-86f1-11df-94f1-0019b95be2a9}.TMContainer00000000000000000001.regtrans-ms
2010-07-03 19:24:06 0 d-----w- c:\users\guych&~1\appdata\roaming\InfraRecorder
2010-07-03 19:23:47 0 d-----w- c:\program files\InfraRecorder
2010-07-03 16:06:19 0 ----a-w- c:\windows\PowerReg.dat
2010-07-03 15:08:18 0 d-----w- c:\users\guych&~1\appdata\roaming\Avira
2010-07-01 22:51:44 0 d-----w- c:\programdata\Test Drive Unlimited
2010-07-01 15:19:36 0 d-----w- c:\program files\JRE
2010-07-01 12:31:19 48 ---ha-w- c:\programdata\ezsidmv.dat
2010-07-01 12:30:32 0 d-----r- c:\program files\Skype
2010-07-01 12:30:29 0 d-----w- c:\programdata\Skype
2010-06-30 20:35:59 0 d-----w- c:\program files\VideoLAN
2010-06-30 20:28:20 0 d-----w- c:\program files\Microsoft
2010-06-30 20:28:19 0 d-----w- c:\program files\MSN Toolbar
2010-06-30 20:26:45 0 d-----w- c:\users\guych&~1\appdata\roaming\Win7codecs
2010-06-30 20:26:34 0 d-----w- c:\program files\Win7codecs
2010-06-30 20:25:50 0 d-----w- c:\programdata\Win7codecs
2010-06-30 18:55:47 0 d-----w- c:\programdata\SpinTop Games
2010-06-30 14:06:46 0 d-----w- c:\programdata\Trymedia
2010-06-30 13:54:12 0 d-----w- c:\program files\Your Uninstaller 2008
2010-06-30 13:27:46 0 d-----w- c:\windows\Profiles
2010-06-30 13:27:45 0 d---a-w- c:\programdata\TEMP
2010-06-30 13:27:45 0 d-----w- c:\users\guych&~1\appdata\roaming\URSoft
2010-06-30 13:26:30 0 d-----w- c:\users\guych&~1\appdata\roaming\Thinstall
2010-06-30 13:06:30 0 d-----w- c:\users\guych&~1\appdata\roaming\Stata10
2010-06-30 13:05:00 0 d-----w- c:\users\guych&~1\appdata\roaming\allTunes
2010-06-30 13:00:40 0 d-----w- c:\program files\Stata10
2010-06-30 12:56:24 0 d-----w- c:\program files\Total Video Converter
2010-06-30 00:35:56 88256 ----a-w- C:\wubildr
2010-06-30 00:35:56 8192 ----a-w- C:\wubildr.mbr
2010-06-30 00:28:53 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
2010-06-29 23:47:31 0 d-----w- c:\users\guych&~1\appdata\roaming\OpenOffice.org
2010-06-29 23:26:59 0 d-----w- c:\program files\FoxitReader30_enu
2010-06-29 23:20:16 278728 ----a-w- c:\windows\system32\drivers\atksgt.sys
2010-06-29 23:20:16 25416 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2010-06-29 22:58:31 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-06-29 22:58:14 0 d-----w- c:\program files\DAEMON Tools Lite
2010-06-29 22:57:25 0 d-----w- c:\users\guych&~1\appdata\roaming\DAEMON Tools Lite
2010-06-29 22:57:23 0 d-----w- c:\programdata\DAEMON Tools Lite
2010-06-29 22:53:03 0 d-----w- c:\program files\OpenOffice.org 3
2010-06-29 22:52:44 0 d-----w- c:\programdata\Sun
2010-06-29 22:52:34 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-06-29 22:45:54 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-06-29 22:45:54 0 d-----w- c:\programdata\Avira
2010-06-29 22:45:54 0 d-----w- c:\program files\Avira
2010-06-29 22:20:28 0 d-----w- c:\programdata\NVIDIA
2010-06-29 22:17:15 0 d-----w- c:\windows\system32\AGEIA
2010-06-29 22:17:07 0 d-sh--w- c:\windows\Installer
2010-06-29 22:17:06 0 d-----w- c:\program files\common files\Wise Installation Wizard
2010-06-29 22:16:58 797216 ----a-w- c:\windows\system32\nvcplui.exe
2010-06-29 22:16:58 420384 ----a-w- c:\windows\system32\nvcpl.cpl
2010-06-29 22:16:58 1108512 ----a-w- c:\windows\system32\nvcpluir.dll
2010-06-29 22:16:00 453152 ----a-w- c:\windows\system32\NVUNINST.EXE
2010-06-29 22:15:00 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-06-29 21:38:53 0 d-----w- c:\program files\AIDA32 - Enterprise System Information
2010-06-29 21:33:38 0 d-----w- C:\NVIDIA
2010-06-29 21:15:19 8192 ----a-w- C:\bootsect.lxe.bak
2010-06-29 21:15:19 383592 --sh--r- C:\gdrop
2010-06-29 21:15:19 171136 --sh--r- C:\xeldr
2010-06-29 21:14:44 1508162 ----a-w- c:\windows\system32\PerfStringBackup.INI
2010-06-29 21:14:18 0 d-----w- c:\windows\system32\wbem\Performance
2010-06-29 21:10:05 0 d-sh--we c:\programdata\?????????
2010-06-29 21:10:05 0 d-sh--we c:\programdata\?????????
2010-06-29 21:10:05 0 d-sh--we c:\programdata\??????? ????
2010-06-29 21:10:05 0 d-sh--we c:\programdata\??????? ????
2010-06-29 21:10:05 0 d-sh--we c:\programdata\???????
2010-06-29 19:02:08 0 d-----w- c:\windows\Panther
2010-06-29 19:01:56 8192 --sha-r- C:\BOOTSECT.BAK
2010-06-29 19:01:54 383562 --sha-r- C:\bootmgr
2010-06-29 19:01:53 0 d-sh--w- C:\Boot
2010-06-23 11:35:52 790528 ----a-w- c:\windows\system32\xvidcore.dll
2010-06-23 11:35:52 59392 ----a-w- c:\windows\system32\xvid.ax
2010-06-23 11:35:52 134144 ----a-w- c:\windows\system32\xvidvfw.dll
2010-06-21 20:04:56 2539520 ----a-w- c:\windows\system32\VSFilter.dll

==================== Find3M ====================

2010-07-04 08:56:42 679200 ----a-w- c:\windows\system32\perfh019.dat
2010-07-04 08:56:42 133146 ----a-w- c:\windows\system32\perfc019.dat
2010-05-18 00:47:52 108032 ----a-w- c:\windows\system32\ff_vfw.dll
2009-07-14 08:40:40 39446 ----a-w- c:\windows\inf\perflib\0419\perfd.dat
2009-07-14 08:40:40 39446 ----a-w- c:\windows\inf\perflib\0419\perfc.dat
2009-07-14 08:40:40 336704 ----a-w- c:\windows\inf\perflib\0419\perfi.dat
2009-07-14 08:40:40 336704 ----a-w- c:\windows\inf\perflib\0419\perfh.dat
2009-07-14 08:40:40 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2009-07-14 08:40:40 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2009-07-14 08:40:40 291294 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2009-07-14 08:40:40 291294 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2009-07-14 04:41:57 174 --sha-w- c:\program files\desktop.ini
2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-06-10 21:26:35 9633792 --sha-r- c:\windows\fonts\StaticCache.dat
2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe

============= FINISH: 10:50:53.08 ===============



Attach txt:

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 29/06/2010 22:10:08
System Uptime: 07/04/2010 09:50:11 (2113 hours ago)

Motherboard: Dell Inc. | | 0XD720
Processor: Intel(R) Core(TM)2 CPU T5200 @ 1.60GHz | Microprocessor | 1600/133mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 25 GiB total, 11.989 GiB free.
D: is FIXED (NTFS) - 87 GiB total, 74.03 GiB free.
E: is CDROM ()
F: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP32: 04/07/2010 01:17:46 - Before uninstall Sudden Strike 3

==== Installed Programs ======================

Adobe Flash Player 10 ActiveX
AIDA32 v3.93
Avira AntiVir Personal - Free Antivirus
BabasChess
Bing Bar Platform
Civilization III
Civilization III: Conquests
ERUNT 1.1j
Google Chrome
InfraRecorder
Java Auto Updater
Java(TM) 6 Update 16
Java(TM) 6 Update 20
Linux Mint
Microsoft Default Manager
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
NVIDIA Drivers
NVIDIA PhysX
OpenOffice.org 3.2
Skype™ 4.2
VLC media player 1.0.5
Win7codecs
Windows Live ID Sign-in Assistant
Your Uninstaller! 2008 Version 6.0

==== End Of File ===========================



It is not a big problem that I cannot delete those folders, but it kinda gets on my nerves.
Thank you.

shelf life
2010-07-14, 04:41
Sounds like installation folders from Windows 7. The amd64 being the 64bit installation files. They are on a external HD? If you right click on the folders you see a properties option, then some tabs?