Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

What Is This ?


  • Please log in to reply
4 replies to this topic

#1 sikntired

sikntired

  • Members
  • 1,068 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:12:22 PM

Posted 13 September 2015 - 09:35 AM

OS Win 7 Professional Sp 1

 

I was looking through some files  on C: Local Disc and came across C:\ ( a bunch of alpha numeric characters ) \MPSigStub.exe.

 

I tried to expand and it said something about could not find specified path and you may not have permission to open, even though I tried to open with elevated permission ( I'm the Administrator ).

 

Researching , I found that this has to do with something about "updating" and " signatures" ? Executable files can and do harbor malware. I have run MBAM with negative results.

 

Am I being overly cautious and why can't I open this with elevated privileges?



BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 56,279 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:12:22 PM

Posted 13 September 2015 - 09:47 AM

See User Comments, http://www.file.net/process/mpsigstub.exe.html .

 

Louis



#3 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,681 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:22 PM

Posted 13 September 2015 - 09:47 AM

Hi sikntired :)

Folders created on the C: drive that have a name composed of random alphanumeric characters are associated with Windows Update. Sometimes, the Windows Update service won't delete the folder where it extracted the update after their install, leaving them at the root of the C: drive. You can safely delete them. If you can't (because you're lacking permissions), you can use the "Take Ownership" Registry edit to take ownership of the folder and delete it. Also, MPSigStub.exe is a file associated with Windows Update that can be safely deleted as well.

https://answers.microsoft.com/en-us/windows/forum/windows8_1-security/how-to-get-rid-of-mpsigstub/c7077c9c-cb89-4a6a-90b4-0b5dc2cdda3e?auth=1
Take Ownership: http://www.howtogeek.com/howto/windows-vista/add-take-ownership-to-explorer-right-click-menu-in-vista/

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#4 sikntired

sikntired
  • Topic Starter

  • Members
  • 1,068 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:12:22 PM

Posted 13 September 2015 - 10:29 AM

Thanks for the link Louis.

 

@Aura, thanks to you as well. The links provided definitive info and I was able to delete that folder with your help and "howtogeek". :thumbup2:



#5 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,681 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:22 PM

Posted 13 September 2015 - 10:29 AM

No problem, you're welcome :)

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users