Jump to content

tmp-Files


Recommended Posts

I'm not sure if it's a maleware, but I'm kinda getting annoyed by it and it was once found by Malewarebytes. So I think you can call it a maleware. But the thing is: it's in the Folder

C:\ProgramData\Microsoft\Secure\Icons. If you delete it, it just appears again. And you get sometimes an error message, saying that the file you deleted was not found (but you can keep doing your buisness without any interruptions). But if it's installed again, my !avast (Programm) tell me that they blocked this file, saying it's a Virus. When you run your Pc 8 hours straight, the message of !avast appears 1-3 times. And the file always changes it's name (like tmp323, later tmp142), but not it's location. I googled fpr help, but with no real results. And since it's in the microsoft folder, it must have a function. Looking forward for any help. Maybe I'm just doing something really wrong^^

Greetings, Malz

post-182163-0-73473800-1422027417_thumb.

post-182163-0-71237600-1422027652_thumb.

post-182163-0-22276900-1422027657_thumb.

Link to post
Share on other sites

Hello and welcome to Malwarebytes,

 

P2P/Piracy Warning:

 

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

Follow the instructions in the following link to show hidden files:

 

http://www.bleepingcomputer.com/tutorials/how-to-see-hidden-files-in-windows/

 

Next,

 

Backup the Registry:

 

Modifying the Registry can create unforeseen problems, so it's always wise to create a backup before doing so.

 


Please download ERUNT from one of the following links: Link1 | Link2 | Link3
ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.
Double click on erunt-setup.exe to Install ERUNT by following the prompts.
NOTE: Do not choose to allow ERUNT to add an Entry to the Startup folder. Click NO.
Start ERUNT either by double clicking on the desktop icon or choosing to start the program at the end of the setup process.
Choose a location for the backup.
 
Note: the default location is C:\Windows\ERDNT which is acceptable.
 
Make sure that "System registry" and "Current user Registry"  check boxes are selected.
 
Click on OK
Then click on YES to create the folder.
Note: if it is necessary to restore the registry, open the backup folder and start ERDNT.exe

 

Next,

 

Any importand data, videos, music, pictures etc that you cannot afford to lose should be backed up if not alread done. Go to the following link for basic help/instructions:

 

https://forums.malwarebytes.org/index.php?/topic/136226-backup-software/

 

Next,

 

Run the following scans and post the produced logs:

 

Step 1

 

Download Farbar Recovery Scan Tool and save it to your desktop.

 

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.


Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

Step 2

 

Please download RogueKiller and save it to your desktop from the following link: http://www.bleepingcomputer.com/download/roguekiller/

 


Quit all running programs.
For Windows XP, double-click to start.
For Vista,Windows 7/8, Right-click on the program and select Run as Administrator to start and when prompted allow it to run.
Read and accept the EULA (End User Licene Agreement)
Click Scan to scan the system.
When the scan completes select "Report", log will open. Close the program > Don't Fix anything!
Post back the report which should also be located here:

 

C:\Programdata\RogueKiller\Logs <-------- W7/8

C:\Documents and Settings\All Users\Application Data\RogueKiller\Logs <------XP

 

Thank you,

 

Kevin...

Link to post
Share on other sites

Thank you for answering, I'll try again tomorrow. The first time I followed your guide, I suddenly got a new maleware, changing my Firefox Homepage and settings. I found a similar forum to that problem too, but because I already downloaded new programms and still had opend the programms recommended by you, I decided to make a system restore. The frist time I did it, the Pc just shut down itself after 1 minute, but after the secound try I immediately opend malewarebytes, stopping the maleware to shut down my pc and destroying my firefox data (I would have lost all my tabs gained over a few months). So now, we're almost back to zero. With the eception that I deleted utorrent and the pirated games (yes, I did read the pirat warning). Seems like the programm itself caused me most of the problems. It was hard enough to find the .exe, but I deleted it. But it's still stuck on my uninstall list... with spyware 4 (maleware too). Not that these programms still exist, but they are stuck on this list, and if I try to uninstall them, it just shows an error. Not that much of a problem though. And 1 more Question: I did (today) run malewarebytes, and it showed up with no results. I checked my folder (mircosoft/secure/icons), and the TBP File was still there. I looked up !avast!, and the last "delete" prozess was 3 days ago. Now I'm rather unsure if I should still run the reset, because of my fear of loosing data. I don't have a big enough USB/extern harddrive where I can save all my data. Any tipps?

Greetings, Malz

Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.