Anyone know what this is in the Temp file folder? It keeps coming up.
I assume it has to do with the registry, but I have no idea what.???

Thanks,
Jerry

Hello JerryM
I have the same problem. Have not had this problem before, but now when I´m running CCleaner, its always runs in the temp folder. I clean it, but after a while it´s back...I suspect it´s a nasty little fellow, but I´m not sure :-\ Have run these security software without any luck: Ewido, AdAware, BitDefender, Avast, UnHackMe and MS malware removal tool. Therefore, is it a malware or thus it belong to some software/service I´m not aware of ???

What are it's properties if your able to rt clk?

GF

There is mention of it by Q-Bert23 about three quarter's of the way down ....

ht*tp://www.spywareinfoforum.com/lofiversion/index.php/t52219.html

Lose the asterisk. ;)


GF

I can't tell anything by rt click except it is a 556kb file.
I scanned it in the Temp file with KAV online scan at Jottis and a couple of others. I am pretty well convinced it is not malware.

On Kim Komando's tip one day she mentioned a program that would tell you what the temp files that were in use were associated with. Like a dummy I did not get it and deleted the tip.

I could not determine anything from the link except that that file was on that computer.

My computer works well, and with all the malware protection I am using, plus the scans I ran I don't think it is malware. I do wish I knew though.

Jerry

Hmmm... My computer also works well, but sometimes when I start my browser (firefox), it loads the pages very slowly. It also sometimes loads slowly after a whiles surfing. My browser didn´t behave in that manner before, until the $$$reghive showed up >:( By the way Jerry, maybe you are right that it´s not a malware, but if the pest have digged in deep in the system (kernel level), and the $$$reghive is the tail-trace, then it would be difficult for most AV/AT scanners to find it...

Here are anti programs that I consider might be applicable.
Bit Defender 9 paid
Ewido paid
Snoopfree
UnHackMe paid
Regseeker
Watcher
Spyware Guard and Spyware Blaster
Counterspy

I run regular scans with Spyware Doctor free, Trend Micro on line, and Kaspersky on line.

I cannot figure how any malware would get on my system, but I admit that I am far from expert.

Jerry

Guy's,

Filext.com labled $ ($$$ didn't return any result's) as a BASIC VB VB1D Komp Symbole File.
The only other result I could locate is this explanation ....

ht*tp://www.convert-extensions.com/format/Temporary-File.html


GF

In addition to the programs I listed, I also have ERUNT, which is an auto back up program. I tend to think that one of the registry monitoring or back up programs is what that file is about. Bit Defender also monitors the registry in that it has a registry access control.

Cerxes,
Do you have any of the programs I listed on your computer?
Jerry

Yep...BitDefender 8 Free, Ewido Free, Snoopfree, UnHackMe Trial, Regseeker and Spyware Blaster. I also have Firefox, Avast (using the P2P, Network and WebShield), ID Blaster Plus, Arovax Shield, Nod32 Trial (Resident on all modules), AppDef, RegDef and ZA Free. More specific this problem began when I added the Regseeker and UnHackMe to my config. I have checked these online, and I have found several individuals on different forums who claims that Regseeker maybe is carrying some adware/spyware. But when I checked the downloaded Regseeker zipfile, my sec. arsenal didn´t alerted... :-\ However I have tested several specialtools for detecting rootkits, and also used a nice little script with the purpose to identify the programs that start up with Windows:

ht*tp://www.silentrunners.org/index.html

Maybe this script is a step closer for solving this "problem"... :)

You have to download the VB engine from MS (if you don´t already have it) to be able to run this reportscript.

By the way, which browser (and plugins) are you using?

Cerxes,
I got an answer from Castle Cops. Here is the link.
http://castlecops.com/p668663-What_is_reghive.html#668663

In case you can't get there here is the response from 1972 vet.


Quote: The prefix $$$ is used by the operating system to keep track of
archived files.

The reghive is:

a group of keys, subkeys, and values in the registry that has a set of supporting files containing backups of its data. The supporting files for all hives except HKEY_CURRENT_USER are in the Systemroot\System32\Config folder on Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003; the supporting files for HKEY_CURRENT_USER are in the Systemroot\Profiles\Username folder. The file name extensions of the files in these folders, and, sometimes, a lack of an extension, indicate the type of data they contain.

The file is harmless.

Regards,
Disabled Vet
_________________
War doesn't determine who's right. War determines
who's left.
Disabled Vet
end quote

Hope this helps. I am satisfied with the response, and am not concerned that the file is malware.
Regards,
Jerry

Hello Jerry!

So, finally we got an answer to our problem... :D I thank u for your effort to solve this, and by the way, my browser problem is fixed now after an re-install and some reg. cleaning (thank god!) ;D

Hi Cerxes,
Glad it is working now.

I did send the file, as best I could, to Bubba. I am not sure it was in a form he could use, but if he can maybe he will learn what program it is associated with.

Have a good evening.

Jerry