Weird \data\resources\ path

[llamas402]

Hi
just recently i saw that ALL my short cuts have some how been changed to some kind of data\resources\ path... its really getting annoying..... the wierd thing about it is that the shortcuts still work... so its like the files have been copied to the data\resources\ directory...

so why is this happening??

this is what it looks like:

http://img187.imageshack.us/img187/7448/firefoxshortcutfw5.png
http://img151.imageshack.us/img151/5745/yahooshortcutvf7.png
http://img46.imageshack.us/img46/6859/palmshortcutnk9.png

and my system specs are in my signature

Thanks
Llama

EDIT::: i just tried something and it turns out that not only the short cuts are modified but EVERY folder in my C:\Program Files\ directory has a \data\resources\ path except ALL of them are hidden... is it a virus or spy ware or what im sooo confused

[CBMatt]

Your shortcut icons also look a bit strange...or is that how they normally look on your computer?

You've got yourself an odd little problem and I believe it's an infection.  I've seen this once before on another forum.  Unfortunately, the problem was never solved, so I don't have anything to reference.  All I know is that it might be somehow related to the W32.HLLW.Nautic worm.  But we'll do our best here.

Please post a HijackThis log along with a list of all of the protection programs installed on your computer.

[llamas402]

sorry i was on vacation the day after you posted and I just got back yesterday so I was unable to post..
anyway first off if you're referring to the little shortcut arrow on my icons then ya thats the way my icons are supposed to look.

i used to run AVG Free and Spy Bot but AVG CONSTANTLY gave me op32.exe virus alerts and it kept saying it no matter what button i hit (heal/ignore/delete) then spy bot ...wow the alerts i got from that took up my whole desktop not to mention 50% of my processor... so i dont really care for either of them... plus i think avg is still running because it says so in the process list

(so if you know of any other programs please tell me)

dang have to make this 2 posts because of the max allowed characters.......

EDIT::: nevermind it would have to be 3 or 4 posts so ill just attach it...

[Saving disk space -  old attachment deleted by admin]

[CBMatt]

AVG and SpyBot are two of the best programs out there.  Those alerts simply meant they were doing their job (op32.exe is indeed a trojan).  Often, for an infection to be healed properly, you need to scan in Safe Mode.  I would strongly suggest re-installing them and doing just that.  Meanwhile, I'll take a look at your log.

[CBMatt]

Alrighty, you've got a few baddies in your log, so let's see what we can do.  Once we start, you won't have access to this post anymore, so I recommend that you print out this post or save it to a Notepad file.

I see that you have HijackThis running from your desktop.  You have it in a permanent location, which is good because it makes important backups that you may end up needing.  However, to help you avoid clutter and to help ensure that the backups stay safe, I would like you to move it to a special location.

• Double-click on My Computer to open it and navigate to C:\Program Files.
  
• Right-click on the empty (white) space and go to New > Folder.
  
• Name the folder something like HJT and move HijackThis into that new folder.
  
• If you would still like to run HijackThis from the desktop for convenience, right-click on HijackThis and click on Create Shortcut.  This will create a shortcut to the program; move the shortcut to the desktop.

Download CCleaner (install without Yahoo! toolbar) and configure it according to this guide.

Open HijackThis and scan again.  Check the following entries, but don't do anything to them yet...

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O16 - DPF: {2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B} (DownloadManager Control) - http://dlmanager.akamaitools.com.edgesuite.net/dlmanager/versions/activex/dlm-activex-2.0.5.1.cab
O16 - DPF: {8FCDF9D9-A28B-480F-8C3D-581F119A8AB8} - http://static.zangocash.com/cab/Seekmo/ie/bridge-c24.cab
O16 - DPF: {CFCB7308-782F-11D4-BE27-000102598CE4} (NPX Control) - http://nprotect.roseonlinegame.com/nProtect/Netizen/npx.cab
O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} (NPKCX Control) - http://nprotect.roseonlinegame.com/nProtect/Netizen/KeyCrypt/npkcx.cab

O23 - Service: GameCP Control Module - Unknown owner - C:\Program Files\GameCP\wcm\bin\srvany.exe
O23 - Service: MS Common Service - Unknown owner - C:\WINDOWS\system32\mscomserv.exe (file missing)
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)

O15 - Trusted Zone: auto.search.msn.com
O15 - Trusted Zone: http://yahoo.sbc.com
(These are legit sites, but it's always best to not have a site in your Trusted Zone.  Giving a site that much freedom is just too risky.)

Continued...

[CBMatt]

O18 - Protocol: bw+0 - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

Continued...

[CBMatt]

O18 - Protocol: bwl0 - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {8BEE085B-DD2C-4C75-AB76-EF5629CED210} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

(Whether or not you remove these green entries is entirely up to you.  Personally, I think anything that accesses the net without your knowledge is suspicious, even if the info they track is supposedly legitimate.  If you'd like to read a little about it, go here.)

Now, close all windows (including this one) besides HijackThis, then click Fix Checked.  Close HijackThis and reboot into Safe Mode and enable hidden files and folders.

Navigate to and delete the following file(s) if present...

C:\Program.exe
C:\Program Files\GameCP\wcm\bin\srvany.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
C:\WINDOWS\system32\ALCMTR.EXE
C:\WINDOWS\system32\mscomserv.exe

You don't have to delete the green files, but it is advised.

Once you've done all of this, reboot into Normal Mode and post a new HijackThis log so we can see if there's any other junk we need to clean up.  Let me know how everything's running now and if you had any problems following my steps.




Phew!  I can definitely say I've never had a fix take up three posts!  But don't worry, it's not as bad as it appears at first glance.

[W1CK3D]

I would suggest following this man's advice from what you're saying about all the stuff popping up in spybot and the avg thing you've got an infection something fierce. I don't know that'd I'd even go the hijackthis route if it's that bad I think I'd just do a fresh install of windows.

[llamas402]

wow ok to start off i just want to say youve been a great help and i really appreciate it.

ok im about to do the things you listed but id like to know a little more before i start...

the ALCMTR.exe which is for my 5.1 realtek sound card so i shouldnt get rid of that, right?
and ive got an idea but what exactly will hijackthis do when i hit the "Fixed Checked" button?
im just a little curious

plus why exactly do i need the CCleaner and what does that do??

and to wicked: ya i would do a fresh install but when i do that it says it cant find any of my SATA hard drives and even when i get around that problem at the beginning after it restarts my computer it gives me the blue screen....

[CBMatt]

the ALCMTR.exe which is for my 5.1 realtek sound card so i shouldnt get rid of that, right?

Sorry, I normally include a little description for this file, but I left it out.  ALCMTR is related to Realtek, but it is not a necessary file.  In fact, it is considered by many to be spyware.  It's not malicious, but it does track certain activities and send the information back to Realtek.  I suggest removing it, but you don't have to.

and ive got an idea but what exactly will hijackthis do when i hit the "Fixed Checked" button?
im just a little curious

Good question.  Basically, when you click on Fix Checked, HijackThis edits the registry entry and disables it.  It doesn't delete files (although the prompt makes it sound otherwise) and it doesn't always even delete the registry entries.  It pretty much just switches them off so the related file(s) won't run next time you boot your computer.

plus why exactly do i need the CCleaner and what does that do??

CCleaner cleans out all of your Temp and Temporary Internet Files.  It deletes other things too (unless you tell it not to), but those are the two main concerns for me.  Also, with the Issues feature, you can find and remove a lot of rogue/obsolete registry entries.  It just helps out with cleaning things up a bit.  And don't worry, it's perfectly safe and won't delete any important files.  Use it a bit and I think you'll decide to keep it.