T30Debuglogfile.txt

[hazelnut]

T30Debuglogfile.txt

 

What is this file for please?

It is in a PPDIR folder in c\windows\temp.

[rridgely]

Do a scan with ewido. I found an ewido log posted somewhere where it removed that file. If it dosent find anything than dont worry about it.

[hazelnut]

Ewido found nothing rridgley.

Funny thing is I just noticed that it says the text document has nothing written on it.

Yet the folder it is in ( the PPDIR one ) is a Data 1 cabinet folder with 1.8 mb inside. Do you know what this folder is for?

[Andavari]

I did a Google search for PPDIR and in some references it's talking about some Intel hardware configuration, however that doesn't explain why there's a .cab file present.

[rridgely]

Hazlenut to be honest I dont have a clue what that specific file is for. My suggestion is that you upload all the contents of that file here to be analyzed.

http://virusscan.jotti.org/

[hazelnut]

That was an interesting place you sent me rridgley.

The PPDIR with the .cab 1 file they said was ok.

The debug txt file they said a firewall or piece of malware was preventing me from uploading it as it only showed 0 bytes. However it shows no bytes when I look at it. It is in notepad when I open it by the way.

Do you think I should delete this debug txt file?

[rridgely]

No I would keep it. It seems that it might just be as andavari said a log for intel.(are you on a intel based machine?)

[hazelnut]

Hope this is the right info!

AMD Athlon 64 processor 3000+

[rridgely]

Ok your not on a intel machine my advice to you is to delete that file.

[Andavari]

Well I'm wondering if there isn't some form of unknown exploit or malware going around. The reason I say that is because there's an irsetup.exe file that constantly appears in my C:\Temp folder. I got information about it at http://www.wilderssecurity.com/archive/index.php/t-9848.html. It supposedly isn't infected as eTrust EZ Antivirus, Ewido, ClamWin, Trojan Remover, Ad-Aware, Spybot S&D, MSAS, and Jotti Online Malware Scanner don't detect anything.

 

HijackThis and Sysinternals RootkitRevealer & Autoruns don't show anything either.

 

File info:

C:\Temp\irsetup.exe = SUF60Runtime by Indigo Rose Corp (http://www.indigorose.com), or possible trojan horse according to this Symantec report.

[hazelnut]

Just before I closed down last night I ran ccleaner and there it was, the debuglog file, deleted !

Just come online today, thought I'd just recheck... it's come back.

The .cab folder and file is unchanged however.

[Mike Rochip]

I found this info on groups.google.com:

 

The T30DebugLogFile provides detailed debug output of all communications

with the modem in clear text.

 

Google Groups Search

 

The link is to the search results on groups.google.com. Hope it's of some help.

[hazelnut]

So Mike, it looks like its all about faxes and the storage of info in it. This is probably why I have no info in it as I enabled fax, used once and since then never.

Good work finding this info .

[Mike Rochip]

So Mike, it looks like its all about faxes and the storage of info in it.  This is probably why I have no info in it as I enabled fax, used once and since then never.

Good work finding this info .

 

23397[/snapback]

 

 

 

 

Thanks so much for letting me know. I finally feel like I helped someone, wahoooo!

 

Take care.

[Andavari]

C:\Temp\irsetup.exe = SUF60Runtime by Indigo Rose Corp (http://www.indigorose.com)

 

23358[/snapback]

 

 

 

I found out what was creating that file, it's Power Defragmenter GUI which uses irsetup.exe. I suppose it's using it as a runtime.