New Member - need help with scandump file results

Discussion in 'Trojan Defence Suite' started by LOTTA, Aug 4, 2004.

Thread Status:
Not open for further replies.
  1. LOTTA

    LOTTA Registered Member

    Joined:
    Aug 4, 2004
    Posts:
    1
    Just ran scan and have results here but do not know what to do with them
    Any help appreciated
    Scan Control Dumped @ 12:31:55 04-08-04
    Suspicious Filename: Dual extensions
    File: c:\documents and settings\liz\local settings\temp\tnp1a5.tmp.exe

    Suspicious Filename: Dual extensions
    File: c:\documents and settings\liz\local settings\temp\tnp1b8.tmp.exe

    Suspicious Filename: Dual extensions
    File: c:\documents and settings\liz\local settings\temp\tnp23f.tmp.exe

    Suspicious Filename: Dual extensions
    File: c:\documents and settings\liz\local settings\temp\tnp241.tmp.exe

    Suspicious Filename: Dual extensions
    File: c:\documents and settings\liz\local settings\temp\tnp26f.tmp.exe

    Suspicious Filename: Dual extensions
    File: c:\documents and settings\liz\local settings\temp\tnp2a0.tmp.exe

    Suspicious Filename: Dual extensions
    File: c:\documents and settings\liz\local settings\temp\tnp2a1.tmp.exe
     
  2. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Hi Lotta
    welcome to the forum!

    Do you have any idea what the files are?
    Some program you recently installed maybe?
    If not, zip and/or submit them to submit@diamondcs.com.au to see if they are innocent. I suppose they are, for a possible malicious part would have been identified too if it was there.
    If you rightclick on a file to get more information about them, which program they belong to, such things, does that give any clue about their origins?
     
  3. dvk01

    dvk01 Global Moderator

    Joined:
    Oct 9, 2003
    Posts:
    3,131
    Location:
    Loughton, Essex. UK
    ANYTHING in c:\documents and settings\liz\local settings\temp is unwanted and unneeded and can and should be deleted

    That folder is supposed to be used by Windows to unpack temp files whilst installing programs and it is supposed to delete them afterwards, but many installers are badly written and don't remove the temp files.

    The other reason they are there is that several baddies use that folder to run from so as a matter of course you should regularly, at least once a week, empty that folder
     
  4. Gavin - DiamondCS

    Gavin - DiamondCS Former DCS Moderator

    Joined:
    Feb 10, 2002
    Posts:
    2,080
    Location:
    Perth, Western Australia
    Good advice, thanks for coming to help

    They do look like installer leftovers, so dont "worry" too much that they were there :)
     
Thread Status:
Not open for further replies.