Trojan?

[GeeWhiz]

I recently noticed 'pdk-(name)-xxxx' folders in my Temp files that occur
every time I boot. The xxxx is a different number with each boot ie: 524,
762, 1272 etc. The folders are empty. The pdk and (name) remain the same,
just the numbers change.

Msconfig and Windows Task Manager Processes show nothing unusual. In the
registry under HKCU and HKLM\Software\Microsoft\Windows\Current Version\Run
and RunOnce there's nothing out of the ordinary.

.. I think I recently had a trojan but virus scans reveal nothing. I also
have files in the Temp folder that cannot be deleted under any means. I get
either "file in use" or "the path can't be found". I've used the
(e-mail address removed) found here http://www.gibinsoft.net/gipoutils/ to
delete the files on boot without any luck.

How can I fully clean out the Temp files and what are the 'pdk' folders. I'm
running XP Pro.

Thanks for your time,,

Gordy

 

[Will Denny]

Hi Gordy

Reboot your PC to make sure that no Temp files are being used, then delete all of them.

 

[GeeWhiz]

I have done that several times and they still won't delete; been in Safe
Mode too with no luck.

G


Hi Gordy

Reboot your PC to make sure that no Temp files are being used, then delete
all of them.

 

[Will Denny]

Hi

Do the dates/times of those folders/files correspond to any installation?

 

[GeeWhiz]

Nope.



Hi

Do the dates/times of those folders/files correspond to any installation?

 

[Will Denny]

Hi

Have you tried renaming them from a command prompt and then deleting? Also from a command prompt try taking away any attributes that the folder(s) may have.

 

[GeeWhiz]

Hello,

I tried deleting from Safe Mode with Command prompt. Some gave the
impression of being deleted yet show up again when booted up and others
wouldn't delete even after changing the attributes. Still haven't found the
"pdk' folders culprit.

the files look like ~DF99FE.tmp with the tilde included.


Hi

Have you tried renaming them from a command prompt and then deleting? Also
from a command prompt try taking away any attributes that the folder(s) may
have.

 

[GeeWhiz]

I believe I figured out where the ~DFxxxx.tmp files are coming from. I have
a program called Deep Freeze on the pc which does just that, "Freezes" the
pc so no matter what happens to it it can go back, exactly, to when it was
frozen. Unfortunately there is no uninstall for it unless someone knows a
way to disable it.

Still haven't figured out the empty 'pdk' folders.

G

 

[gls858]

I believe I figured out where the ~DFxxxx.tmp files are coming from. I have
a program called Deep Freeze on the pc which does just that, "Freezes" the
pc so no matter what happens to it it can go back, exactly, to when it was
frozen. Unfortunately there is no uninstall for it unless someone knows a
way to disable it.

Still haven't figured out the empty 'pdk' folders.

G

You could try support at their website.
Good Luck.

http://www.faronics.com/html/support.asp

gls858

 

[GeeWhiz]

Hehe, I read the manual and found out yesterday but, after uninstalling, the
two .sys files are still there as are the ~DF files.. Next, I'll install and
then uninstall....................night work. The problem with the DF files
is that they accumulate, 3, 6, 9 etc. and when deleting the *.tmp files
there are always 3 that hang up the process (won't delete). If I don't clean
the temps for a week it becomes a long process of individually deleting the
files to find out which ones go and which ones stay.

Thanks for the reply.
G

Thanks