-
June 16th, 2004, 02:40 AM
#1
Junior Member
.tmp files in the windows directory
Ok. I am not a computer "guru" by any means; however, I am pretty certain that this is not a "normal" function of Windows 98. What I have noticed is an expanding sequential list of .TMP files that have names that resemble registry codes. If left unchecked they will replicate by a manner as of yet undetermined (presumably at each system reset). I have run Ad Aware, The Cleaner, and BoDetect with a clean bill of health. McAffee Virus Scanner also returned no results. I have conducted my own intensive search for "look-alike" files or similar suspect files. I suspect this is the result of some type of "malware", but I am not certain what to search or how to proceed beyond this point. I would appreciate any information that anyone may have on this phenomenon.
I could not track another reference to this phenomenon; so, I will apologize up front if this is duplication. Thank you.
-
June 16th, 2004, 02:58 AM
#2
Senior Member
Try running your tools (I reccomened HijackThis,CWShredder) in Windows safe mode...
-
June 16th, 2004, 03:14 AM
#3
If they are .tmp files, just delete them??? Would I be insulting your intelligence if I said those are just temporary files that come from anything from installation of new programs, to temporary copies of text files.
Something like <del c:\*.tmp> would do the trick from the command prompt.
-
June 16th, 2004, 03:14 AM
#4
GenTech07,
There can be several reasons for an accumulation of .tmp files in the Win98 Windows directory. One well known one is you have to reboot the OS using Ctrl-Alt-Del, or if you have a system freeze and have to reset your computer. Another means is also firewall logs, av logs, etc. You should be able to enter one of those temp files on the www.google.com search, and receive an explanation of what it is. You can delete them manually at the DOS prompt (after exiting windows).
However, a much easier way: I have found a new tool called "Xen" by Paul Brown, which cleans the heck out of your Win98. Nihil led me to it and it is a great program. It will clean and tweak win98 for you.
http://www.x9000.net/
cheers
edit: rats groovie beat me again....
Connection refused, try again later.
-
June 16th, 2004, 03:39 AM
#5
Try Start, Programs, Accessories, System Tools, Disk Clean Up, and remove all files in the Temp directory. Also goto IE, Tools, Internet Options, use the Delete Cookies and Delete History Button and set the save to Zero. But after all that you only will get rid of the stuff that is not M$, it keeps all of it's stuff. There is still a hidden system file of IE history in a dat file you can dump also go on do it because it is rebuilt when you start windows cause it's in their registry. Excuse the link but inform yourself a bit more an old site http://****microsoft.com/ and use the search finction here it is very useful. Remember just because it is new to you is not to mean it is not known.
I believe that one of the characteristics of the human race - possibly the one that is primarily responsible for its course of evolution - is that it has grown by creatively responding to failure.- Glen Seaborg
-
June 24th, 2004, 05:18 PM
#6
Junior Member
All,
Thanks for your prompt replies and the references to some interesting information and tools. I greatly appreciate it. These may in fact be from manual reboots, but their placement was somewhat unexpected. Just in case, though, here is some additional information:
(1) Here are a couple of examples of the file names:
fffed329_{84A1DE80-C143-11D8-93DA-0000C55C298D}.tmp
fffed329_{84A1DE81-C143-11D8-93DA-0000C55C298D}.tmp
(2) And, to clarify my earlier statement....these are not in the TEMP or TMP directory but in the Windows root directory itself.
Thanks again everyone.
-
June 24th, 2004, 05:51 PM
#7
They look like a SID number to me, and as they are nearly the same, I would imagine that they are storing info about profiles, that would otherwise be lost when you hit the reset button.
Palemoon has the most comprehensive answer, follow the instructions, then see what happens.
Run hi-Jack This.
http://www.spywareinfo.com/~merijn/
Save the log to notepad, attach it and post it here.
Read the tut from Soda_Popinsky re:- HJT
http://www.antionline.com/showthread...hreadid=255989
It might be that you are NOT owned, but use the problem to learn something about your system.
After you have sorted this out, consider an 'upgrade' to W2K Pro, it is cheaper than XP Pro, and it does have SOME security features built into it that W98 lacks.
MS have withdrawn their free support for W98, but there is a link on their site
http://support.microsoft.com/default...d=fh;en-gb;w98
where you should be able to find details to get a FREE CD of 'Troubleshooting W98'
I got it, and it's not bad at all.
so now I'm in my SIXTIES FFS
WTAF, how did that happen, so no more alterations to the sig, it will remain as is now
Beware of Geeks bearing GIF's
come and waste the day :P at The Taz Zone
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|