New
#1
Random Files Created in System Root Drive
Hiya,
For a while now, I don't know exactly how long, there has been always one file on my C: (system root) drive that I never made. It is a hidden system file, 479,249 bytes in size. If I delete it, on system restart, it regenerates, but with a different name. I'll proceed to delete it and see if the hash is the same after restart. Right now, the name is NDSGQ, and the SHA-256 hash is 21200fcfb2194e02058d0eb976238c66f4ad516677eea98d73a2e83a583a5d6f. The name is always 5-all caps letters. I have NTFS compression enabled, and yes, the file compresses itself. I have no idea what it is. I've uploaded it to VirusTotal, and it has come back negative, but McAfee-GW-Edition says that "Heuristic.BehavesLike.Exploit.CodeExec.O". I will post back to see if the hash is the same.
The VirusTotal scan details are here: https://www.virustotal.com/en/file/2...is/1369501005/
EDIT: Strange...the file hasn't re-generated this time...
Last edited by Brink; 05 Jul 2017 at 21:40. Reason: restored