Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Two unknown items in my C Drive root directory


  • Please log in to reply
1 reply to this topic

#1 Sportz

Sportz

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:12:43 PM

Posted 09 July 2016 - 07:36 PM

I have 2 files in my C Drive root directory that I'm not sure where they are from and what they do:

1. An empty folder named GvTemp
2. A file named "END" with the file extension ".file"

Every time I delete either of these files, they are back on my drive when I reboot the system. I don't believe these 2 files are in anyway related, but they very well might be. There is not much information on the Internet about either of these two files.

I believe that the GvTemp folder is created by the GIGABYTE OC_GURU software that I use for my GPU (Gigabyte G1 GTX 980TI). The OC_GURU software runs on startup (I use it to control the color of the WINDFORCE text on my GPU), so it makes sense that the GvTemp folder is recreated every time I launch my computer. But, like I said before, the GvTemp folder is empty, so I imagine it isn't functioning in anything of importance. I want to remove it and make sure it stays removed, but I do not want to remove the OC_GURU software. I contacted GIGABYTE support about this matter weeks ago and they are yet to reply, which is strange considering every other time I've contacted them about other matters they reply very promptly.

Now the END file I know even less about. Supposedly the file is installed to your drive alongside Star Wars: The Old Republic, but I do not have that game and I have never had that game, so I do not know where this file is from. It is 1KB in size and when I open it using Notepad, the only text in it is "{}" 

Some people online have linked this END file to some form of Conduit adware, but those people seem to have their END file filled with a bunch of nonsensical characters while mine just has {}.

I am quite certain that neither of these files are a result of any malware. I am quite a tech savvy individual and I am very safe when it comes to using the computer. Even though I was quite confident that neither of these were from malware, I scanned my system with multiple different antivirus/antimalware/antispyware applications and every scan came back clean.

I'm at a loss for what to do. I want to a) know for certain where these files came from, B) know for certain that they are not a result of malware, and c) remove them and prevent them from coming back.

Please advise me on how to deal with this matter. I am running Windows 7.



BC AdBot (Login to Remove)

 


#2 iangcarroll

iangcarroll

  • Members
  • 658 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Birmingham, MI
  • Local time:12:43 PM

Posted 09 July 2016 - 07:49 PM

Programs frequently use temporary directories to create files they later delete. You probably will not spot when your graphics card driver uses this folder, but if you prevent it from being created you will likely cause serious issues.

The end.file file is too generic to help, but it looks like an empty JSON file judging by its contents, which is also harmless.

If these are your only symptoms, you can try running Hitman Pro and see if it turns anything up, or (as a last resort) post in the MRT section, but it doesn't seem like you're infected based on what you describe.

Generally it doesn't help you to obsess over what is created on your computer because programmers are awful at naming things, as you can see. :P

Ian Carroll https://ian.sh • Certly Inc
 
Member of the Bleeping Computer A.I.I. early response team!





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users