Redundant directories and files?

G

Guest

When I run reports or I am in the registry, I see different variations for the same files yet when I look for them I can not find the multiple instances.

For example, a Stinger report (virus software from McAfee, I find the following for explorer:

C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Driver Cache\i386\explorer.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\explorer.scf
C:\WINDOWS\system32\dllcache\explorer.exe

But when I look in C:\WINDOWS\ only explorer.exe is there. Explorer.EXE and explorer.scf are not there. I have browser set to show all hidden, etc.

Another example:
C:\WINDOWS\System32\smss.exe

C:\WINDOWS\System32\ntdll.dll

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\CSRSRV.dll

C:\WINDOWS\system32\basesrv.dll

C:\WINDOWS\system32\winsrv.dll

C:\WINDOWS\system32\USER32.dll

C:\WINDOWS\system32\KERNEL32.dll
C:\WINDOWS\system32\GDI32.dll
C:\WINDOWS\system32\ADVAPI32.dll
C:\WINDOWS\system32\RPCRT4.dll
C:\WINDOWS\System32\sxs.dll

Notice only one System32 with S in upper case.

I will also find
c:\windows\system32 and
C:\Windows\System32 and
C:\WINDOWS\System32 and
C:\WINDOWS\system32

the last one matches how it looks to me in local disk.

Help?
 
K

Kelly

Go to Windows Explorer/Tools/Folder Options/View and select::

Show hidden files and folders and uncheck Hide protected operating system
files.

What are you trying to do here? As for the caps, etc....the registry seldom
is case specific nor should you be concerned.
 
G

Guest

I had already done what you suggested and if I still come to a folder and look in properties and see it is hidden and if I can uncheck I do so.

What I am worrried about is multiple instances of the same file but I can only see one. The example is from the Stinger report that shows

C:\Windows\Explorer.EXE (and also)
C:\Windows\explorer.exe

I can only see the second one in the directory. So if a script or program calls for explorer which one would it choose or might it be case sensitive. Could I have a rouge script or program call Explorer.EXE specfically? while all the rest would take either because they are not case sensitive.

Guess I am asking, why do I have 2 but only see one?
 
K

Kelly

1. Take it up Stringer, it is their report.
2. Yes, there can be a bogus explorer.exe. From there you need to know
where the original XP version of explorer.exe belongs as in which folder and
the size.
3. You will never see two of the same name in a folder, in any folder. In
different folders, yes as in System and/or System32.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Disappearing HOSTS File in XP Pro SP2 11
Windows Explorer crashes when I try to view a file property 2
Internet Explorer 8 Error Messages and Dump File 16
Windows Explorer crashes in several circumstances 6
WINWORD.EXE: 0xC0000005: Access violation reading location 0x00000 2
Dr. Watson crash on RUNDLL32.EXE, Control Panel icon, other apps too 2
explorer.exe crash on search 1
loading personal settings takes 3-4 minutes... 4

Top