I upgraded to Windows 10 Anniversary Edition yesterday and I found few weird files already. Google says nothing special about them.
First off there is this suspicious partition in defrag:
Then, we have this is the C:\ root directory:
$GetCurrent folder may be due to the fact that I didn't wait for my turn but I downloaded the upgrader from Microsoft. Link to it is here:
https://go.microsoft.com/fwlink/?LinkID=799445, but what is this .Marker file? Nobody knows.
Also there is this file in the C:\Users\(my username here)
Inside the JS file there is that:
Edit: There is something peculiar in this IP adress...
https://www.ip-tracker.org/locator/ip-lookup.php?ip=192.168.1.102
Does someone know what are these files all about?
Also. What is Windows To Go and since when it comes with Windows 10 Pro?
the first thing I would do is to run a malwarebytes scan
Scan with Malwarebytes' Anti-Malware
Please download
Malwarebytes Anti-Malware and save it to your desktop.
- Install the progam and select update.
- Once updated, click the Settings tab, in the left panel choose Detctions & protection and tick Scan for rootkits.
- Click the Scan tab, choose Threat Scan is checked and click Scan Now.
- If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
- Upon completion of the scan (or after the reboot), click the History tab.
- Click Application Logs and double-click the Scan Log.
- At the bottom click Export and choose Text file.
Save the file to your desktop and include its content in your next reply.
Maybe this partition really is this recovery partition. Diskpart shows recovery partition too. It could be named more properly than //?/Device/Partition3/{Insert random numbers here}
Here is the MBAM log:
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 04.08.2016
Scan Time: 18:31
Logfile: MBAM_scan.txt
Administrator: Yes
Version: 2.2.1.1043
Malware Database: v2016.08.04.11
Rootkit Database: v2016.05.27.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 10
CPU: x64
File System: NTFS
User: Kuba
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 354557
Time Elapsed: 12 min, 54 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
(end)
I also ran TDSSKiller and Hitman Pro just in case. TDSSKiller detected nothing, Hitman Pro Deteced few tracking cookies, so nothing special.
So yeah, my system is preety clean.
Though, I still wonder what all of these files are and are they needed
its probably normal windows 10 stuff
windows 10 is fast but buggy it will get better over time I guess
Its to do Windows 10 and not malicious. I would leave it well alone.