s30s, s38k and s3r0 files, all 30,019,808 bytes, are in the root of the G: drive. They have no extensions. They were created 10 minutes apart. No other files were created during this time period.

Any idea what they are? Should I get rid of them? How? Just delete them?

Googling has not helped.

...chris

Hello Chris Haslam,

s30s, s38k and s3r0 files, all 30,019,808 bytes, are in the root of the G: drive. They have no extensions. They were created 10 minutes apart. No other files were created during this time period.

Any idea what they are? Should I get rid of them? How? Just delete them?

Googling has not helped.

Do you have Rio Music Manager installed?

http://www.digitalnetworksna.com/support/rio/product.asp?prodID=75

Best regards,

Thanks for replying.

This is on my wife's PC.

She does not have Rio Music Manager installed.

She is running XP SP2 with updates just prior to SP3.

Kaspersky Anti-virus is up to date and did not see these files as viruses.

SS&D and Teatimer are happy.

I note that Flash Player as a directory called s30 under Documents and Settings.

...chris

Hello,



Any idea what they are? Should I get rid of them? How? Just delete them?
Not knowing the big picture yet cannot say if you should delete them. ;) Was any software installed around the time you noticed the files?

However,


She is running XP SP2 with updates just prior to SP3.


Was there a reason XP wasn't updated to SP3 when released?



Support for Windows XP is ending on April 8, 2014.
Support for Windows Vista Service Pack 1 (SP1) ended on July 12, 2011.
Support for Windows XP with Service Pack 2 (SP2) ended on July 13, 2010

If you're running one of these versions after support ends, you won't get security updates for Windows.
Support is ending for some versions of Windows (http://windows.microsoft.com/en-us/windows/help/end-support-windows-xp-sp2-windows-vista-without-service-packs)

Was any software installed around the time you noticed the files?

No. The files were created on 2012-05-25. I also checked for file and directories created on that date, across all her logical drives: very few files, and nothing suspicious. My check included system and hidden files.

My wife first noticed the files last night, when she was pruning the files to be backed up to a USB stick. She uses an AutoIt script (which I wrote) for doing periodic backups. This script is a filter; she then de-selects further files not to be backed up. So she gets to see what has been created or modified on her data drive, G:.


Was there a reason XP wasn't updated to SP3 when released?

Yes. When I partitioned the hard drive, I underestimated space needed for the drive Windows is on. If I knew how to get rid of the numerous Windows updates, I would be able to install XP SP3. I have a copy of it.

She also has a logical drive for applications. I have tried to keep applications off the Windows drive. Her data is on drive G:.

Hi there, :)

To clarify, the computer hasn't received Windows Security Updates since support for SP2 ended on July 13, 2010?

Edit
Upload suspicious files: https://www.virustotal.com/ and/or http://virusscan.jotti.org/en

I submitted the first file to virustotal. It found nothing odd.

I submitted the second file to virustotal. After computing the hashes, it said that this file has already been analyzed.

I submitted the third file to virustotal. After computing the hashes, it said that this file has already been analyzed.

I am thinking that the files must have identical contents.

Hello,


Yes. When I partitioned the hard drive, I underestimated space needed for the drive Windows is on. If I knew how to get rid of the numerous Windows updates, I would be able to install XP SP3. I have a copy of it.



Hi there, :)

To clarify, the computer hasn't received Windows Security Updates since support for SP2 ended on July 13, 2010?


Please consider backing up, and re-partitioning so that you can install SP3 or upgrade the operating system.

As it is an infection is waiting to happen. :fear:

Best regards,