Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works

Cache Files Won't Defrag - Malware Problem?

  • Please log in to reply

Charles from Tennessee

Charles from Tennessee

    New Member

  • Member
  • Pip
  • 1 posts
My stepdaughter came home from college at Christmas with a laptop that was infected with at least 7 different adware/spyware programs (A.Better.Internet; MyPCSearch.exe; Cool whatevers, etc.; AND at least one visible Keylogger). After vigorous investigation with AdAware, Spybot, Norton, Uninstall, even a step through of the registry with RegEdit, I think I have cleaned them all. The computer is running well.

When I run defrag I get a list of files that cannot be defragmented. Here is the list of the files:

Fragments File Size Files that cannot be defragmented

5 57 KB \Program Files\Cybws nt\Cache\00005005_4375f740_0000dc68
5 57 KB \Program Files\Cybws nt\Cache\00000860_438e82c7_00055591
5 57 KB \Program Files\Cybws nt\Cache\00005de1_439145e7_000e7470
5 61 KB \Program Files\Cybws nt\Cache\00004a4b_438e4239_000c41d4
5 62 KB \Program Files\Cybws nt\Cache\000015a2_438e39a4_000676b8
6 71 KB \Program Files\Cybws nt\Cache\00003c6d_438e8403_000f2e53
5 73 KB \Program Files\Cybws nt\Cache\00007ada_438d06ab_00049b3b
5 79 KB \Program Files\Cybws nt\Cache\000071f6_438bd318_000b2c88
6 77 KB \Program Files\Cybws nt\Cache\0000253f_438e36cd_000be1f8
6 80 KB \Program Files\Cybws nt\Cache\0000165d_438ffbd8_000a4edc
6 83 KB \Program Files\Cybws nt\Cache\0000422d_4395cc47_000062fc
5 86 KB \Program Files\Cybws nt\Cache\000015e2_438ffc53_000adf13
5 87 KB \Program Files\Cybws nt\Cache\0000288f_4395cf8b_000d1a18
5 104 KB \Program Files\Cybws nt\Cache\00004983_438d0683_000344e0
7 129 KB \Program Files\Cybws nt\Cache\00000c15_43970da2_00094b99
5 133 KB \Program Files\Cybws nt\Cache\00003632_439374d4_000b1500
7 146 KB \Program Files\Cybws nt\Cache\00001949_438f19ed_000c445e
7 148 KB \Program Files\Cybws nt\Cache\00002aea_438e82b9_000a38db
6 169 KB \Program Files\Cybws nt\Cache\0000565a_438e8a92_00013028
7 177 KB \Program Files\Cybws nt\Cache\00007d4b_438e3512_000b7856
8 215 KB \Program Files\Cybws nt\Cache\00000d05_438e851b_000a7be4
8 214 KB \Program Files\Cybws nt\Cache\00006f6a_438e8555_00009a79
9 269 KB \Program Files\Cybws nt\Cache\00006795_438e82e6_000bf993
7 300 KB \Program Files\Cybws nt\Cache\000034b2_4393213f_00009413
10 328 KB \Program Files\Cybws nt\Cache\000041fd_438d06da_00002354
10 328 KB \Program Files\Cybws nt\Cache\00005256_438e84ae_00035a16
9 378 KB \Program Files\Cybws nt\Cache\00004230_4374eef9_00043136

199 816 KB \Program Files\Cybws nt\Cache
25 1 MB \Program Files\Cybws nt\Cache\index
5 74 KB \Program Files\Cybws nt\Cache\dns

All begin with the (apparent) address: \Program Files\Cybws [space] nt\cache

The ones at the end appear to be a directory, a dns address, and an index of the other cache files.
I have searched for these files both manually (via Windows Explorer) and with the Windows Search function. I cannot locate any such files, even will full searches for hidden and system files.

I know just enough of computers to suspect that these are hidden in some way, and are probable caches of user information waiting to be transmitted to the address of the Keylogger or other malware that I removed.

A web search for "Cybws" turned up nothing, the start of the address may be a random selection.

Does anybody have any suggestions on how to uncover these files and delete them? They are apparently not doing any harm (other than taking up a few megs on a 32 gig hard drive) but I would like to get them out.

My worst fear: Could these be artifacts of a rootkit program that is interceptig my directory requests?

Edited by Charles from Tennessee, 24 December 2005 - 10:04 PM.

  • 0


Retired Tech

Retired Tech

    Retired Staff

  • Retired Staff
  • 20,563 posts
I only found cybus for cisco routers

Please go here:

Malware Removal Guide

Run all the programmes as advised then post a current Hijack This Log in a new topic in the Malware Forum

For the purpose of accurate malware analysis, Hijack This Logs are only dealt with in the Malware Forum. Posting them anywhere else will result in a delayed response

If you are unable to run any of the programmes, ask for advice in the Malware Forum
  • 0

Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP