Re: Spyware or malware problem
From: cquirke (MVP Win9x) (cquirkenews_at_nospam.mvps.org)
Date: 02/12/05
- Previous message: Wiley C: "Re: Restoring web buttons"
- In reply to: David H. Lipman: "Re: Spyware or malware problem"
- Next in thread: David N.Douglas: "Re: Spyware or malware problem"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 12 Feb 2005 08:52:49 +0200
On Fri, 11 Feb 2005 14:57:26 -0500, "David H. Lipman"
>Well since you chimed in...
...I will too ;-)
>What is your supposition on why Temporary files will be generated in
>%windir%\temp when the %temp% and %tmp% Environmental Variables
>point elsewhere ?
There are a lot of OS (as opposed to private) Temp locations, and
which gets used may depend on:
- whether the code path was hard-coded or routed via %Temp% or %Tmp%
- under what account context the activity takes place
If something uses C:\WINDOWS\TEMP and you don't have a C:\WINDOWS, it
may spawn a new (otherwise empty) path of that name, or dump wherever
it was before the switch. But %WinDir%\TEMP would find and use the
old legacy Temp path, even if %WinDir% is non-default.
It may also be that the API called is what contains these paths or
hardcoded assumptions. For whatever reason, whenever I'm on a
Temp-cleaning jihad, I find material in %WinDir%\Temp as well as the
expected various %AccountPath%\Local Settings\Temp. I also find temp
gunk within %WinDir% itself, and in other dirs (e.g. Word document
temp files that are spawned where the document is).
>------------ ----- ---- --- -- - - - -
The most accurate diagnostic instrument
in medicine is the Retrospectoscope
>------------ ----- ---- --- -- - - - -
- Previous message: Wiley C: "Re: Restoring web buttons"
- In reply to: David H. Lipman: "Re: Spyware or malware problem"
- Next in thread: David N.Douglas: "Re: Spyware or malware problem"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
