I just installed JV16 Power Tools and noticed in this path;


C:\Documents and Settings\SAR\Application Data


That it installs a file called, Sys6925.Config Collection.sys


Does anyone know what is this file? Some places on the web have considered this to be malware, but I don't believe this is the case, but I'd appreciate knowing what it is?



THANKS

I have no idea about that file, but I'd like to point out that it has nothing to do with PowerTools. PowerTools doesn't install or create such file.

Hello,

I had also this file in my system ...

Simply deleting this file and then installing jv16 Powertools shows that this software doesnot install the incriminated file.

My search by Goggle gave a reference to Ask Toolbar.

May be this may help.

Jean-Paul

It's created by a rogue program - nothing to do with JV PT at all

It is easy enough to delete, but it will just be recreated.


To me it looks like the best way to deal with the causes of this is a live CD from an Anti Virus vendor

I just put back a clean image of my system from Image For Windows that I created so that I was starting clean, then I downloaded a copy of JV16 and when I went to install it, after the install was complete it installed the file.


Make sure you have the protected system files not hidden and have a look, you'll see it's installing this.


I also made a video so watch that and see the truth for yourself, JV16 is installing this, I've tested this out for 2 days now on several clean images, nothing else was installing this on my box only JV16...


I would like macecraft to explain this? :


Video:

http://www.mediafire.com/?tdqgq23fr7xfol6

Sorry, we encountered an error while displaying this content. If you're a user, please try again later. If you're an administrator, take a look in your Flarum log files for more information.

I did a search and found many including but not limited to dasfox

A lot do not mention JV16 at all


eg: http://forums.majorgeeks.com/showthread.php?s=2962f04fbcff554655ece170560c5bfc&p=1529958#post1529958

DasFox, can you reproduce this in Windows Safe Mode?

Hello,

Well for me fact is, that even after several installs of PowerTools - on a XP/SP3 and a Win7 x64 - such a file does not exist on my system partition (C:\).


Jean-Paul

Win Vista 32bit - no file/files (sys6925)

*** Voided by the poster *** 00

File Finder bug: moved to the correct topic: http://www.macecraft.com/phpBB3/viewtopic.php?p=26070#p26070

Sorry, we encountered an error while displaying this content. If you're a user, please try again later. If you're an administrator, take a look in your Flarum log files for more information.

Sorry made a double post by mistake, you can delete this... :(

DasFox

I did not think you tampered with anything :

I used Copernic Personal, so did not limit the results

I also used boolean strings to ensure I caught the offensive files 'on their own'


'tis a puzzle :?

tullik wrote
I found the subject file on my x64 Windows 7 system at C:\Users\Owner\AppData\Roaming\Sys6925.Config Collection.sys.

Confirmed for my W7 x86 system with build 976, file dated 19-August-2010 08 am, so which jv16PT build was that, before 970?

DasFox.jpg

Regarding the file "Sys6925.Config Collection.sys":

I have been looking for the mentioned file on 3 different PC's.

(they all have JVPT 976 installed and all previous installed with earlier versions of JVPT this year)


The results:

WinXP-SP3: No such file

Win7 x64 (PC1): No such file

Win7 x64 (PC2): No such file


If this file originates from installation af JVPT16 in any way it would have been found on these machines.


So I dont believe that this file in any way originates from the installation of JVPT16 - look for the reason elsewhere :

Sorry, we encountered an error while displaying this content. If you're a user, please try again later. If you're an administrator, take a look in your Flarum log files for more information.

*** Voided by the poster *** 01

Sorry, we encountered an error while displaying this content. If you're a user, please try again later. If you're an administrator, take a look in your Flarum log files for more information.