What kind of files are in the folder? What names do they have?
Have you used ComboFix
? If so, be aware that it creates folders named 32788R22FWJFW
.**.tmp on drive C: after failed attempts to run the tool. The folder can contain such files as PV.cfxxe, pv.com, catchme.cfexe and Combo-Fix.sys. It will also create a folder named Qoobox
on drive C: to quarantine any infected files it found.
Other randomly alpha/numeric named folders are commonly created and used temporarily when updating Windows components or by some software programs during installation to hold setup files (.inf, .cat, .gpd, .ppd and .dlls). These files and folders are usually automatically removed as part of the update process. However, its not uncommon for them not to be cleaned up and left behind after the update has been applied. When that occurs they can be manually deleted at any time.
For example, when you run the MS Malicious Software Removal Tool
(MSRT), a temporary folder with random alpha/numeric characters (i.e. C\79f142e5e9e574d23954
) will be created on your C:\ drive that contains mrt.exe, mrtstub.exe and a file named $shtdwn$.req. Since external drives can be a hiding place for malicious files, MSRT will scan them too and you may find a left over folder in that location. Most of the time after performing a scan and you click finish or cancel, the folder will automatically be removed right away or after the next restart of the computer. If not, the folder and its contents can be manually deleted without an adverse effect on the computer.
Installation of security updates from Microsoft for MSMXL packages and hotfixes also create temporary randomly alpha/numeric named folders that contain sub-folders like amd64, i386. The creation date should match the installation date of the updates or show in the ReportingEvents.log
located in the C:\Windows\SoftwareDistribution folder. Again, finding these leftover temporary files are not uncommon after applying an update. Please see Windows Updates Leftover Files and Folders
for examples of such files.