Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


i have a folder in my computer.... 5a476f6022962dbf6f0ca2 that I want to delete.

  • Please log in to reply
2 replies to this topic

#1 aktim79


  • Members
  • 1 posts

Posted 11 December 2015 - 04:56 AM

I think this is malware, but i'm not sure. I know that certain games I play randomly shut down for no reason...This might be the cause. can you give me advice on how to remove it?



Edited by aktim79, 11 December 2015 - 04:57 AM.

BC AdBot (Login to Remove)



#2 buddy215


  • BC Advisor
  • 12,755 posts
  • Gender:Male
  • Location:West Tennessee
  • Local time:11:17 AM

Posted 11 December 2015 - 05:55 AM

Welcome to BC...


You can submit the file to VirusTotal - Free Online Virus and Malware Scan . It will be scanned by multiple security programs. That

should give you a better idea as to whether it is malware or not.


You can run the programs below to find and remove adware, malware and clean up the computer.


Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download


Download Malwarebytes' Anti-Malware from Here

Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).

  • Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
  • Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
  • If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
  • When MBAM is finished scanning it will display a screen that displays any malware that it has detected.
  • Click the Remove Selected button.
  • MBAM will now delete all of the files and registry keys and add them to the programs quarantine. When removing the files, MBAM may require a reboot in order to remove some of them. If it displays a message stating that it needs to reboot, please allow it to do so.
  • While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.



Download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
  • download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 quietman7


    Bleepin' Janitor

  • Global Moderator
  • 50,739 posts
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:17 PM

Posted 11 December 2015 - 06:40 AM

FYI in case no malware is found after the scans...Randomly named alpha/numeric folders are commonly created and used temporarily when updating Windows components. They are also used by some software programs (i.e. Microsoft Office, Microsoft Visual Studio, etc) during update or installation to hold setup files (.inf, .cat, .gpd, .ppd and .dlls) and other information. These files and folders are usually automatically removed as part of the update process. However, its not uncommon for them not to be cleaned up and left behind after the update has been applied. When that occurs they usually can be manually deleted at any time.

Installation and updates to many programs will create randomly named folders within %AppData\Local\Temp% to store logs and setup information. Installation of service packs, security updates from Microsoft for MSMXL packages and hotfixes also create temporary randomly alpha/numeric named folders. Sometimes these folders create sub-folders as described here or contain sub-folders like amd64 and i386. The creation date should match the installation date of the updates or show in the ReportingEvents.log located in the C:\Windows\SoftwareDistribution folder. spmsg.dll is a Microsoft Service Pack file commonly found in randomly named alpha/numeric folders as shown here. SP1QFE, SP2QFE, SP3QFE and SP2GDR are also Service Pack files from Microsoft which you may encounter.

When you run the Malicious Software Removal Tool (MSRT), a temporary folder with random alpha/numeric characters (i.e. C\79f142e5e9e574d23954) will be created on your C:\ drive that contains mrt.exe, mrtstub.exe and a file named $shtdwn$.req. Since external drives can be a hiding place for malicious files, MSRT will scan them too and you may find a left over folder in that location. Usually after performing a scan and you click finish or cancel, the folder will automatically be removed right away or after the next restart of the computer. If not, Microsoft says the folder and its contents can be manually deleted without an adverse effect on the computer.

The following is an excerpt from Microsoft Windows Malicious Software Removal Tool Summary (KB890830) explaining the folders used by MSRT:

The Malicious Software Removal Tool does not use an installer. Typically, when you run the Malicious Software Removal Tool, it creates a randomly named temporary directory on the root drive of the computer. This directory contains several files, and it includes the Mrtstub.exe file. Most of the time, this folder is automatically deleted after the tool finishes running or after the next time that you start the computer. However, this folder may not always be automatically deleted. In these cases, you can manually delete this folder, and this has no adverse effect on the computer.

Again, finding these leftover temporary files are not uncommon after installing programs or applying an update. Other legitimate programs can also create randomly named folders in various areas of your hard drive. Sometimes identifying the source is as simple as opening the folder and looking inside for sub-folders and file names which may provide a clue as to what program created them.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users