Virus or malware symptom: temp\cache\(lots of garbage)
Last week I was working to clean up a neighbor's laptop (win 7 home premium, 64 bit). Her primary use is web based email and online gaming (not high performance FPS style, rather cards, backgammon, etc). I can't remember which gaming site she uses but she's a paid memeber.
She had old Windows Defender installed so one of the first things I did was update her to MS Security Essentials. I uninstalled a bunch of browser bars and freshened Reader and Flash. Then I did full scans with Security Essentials, MalwareBytes, MalwareBytes antiroot, IOBit Malware fighter, CCleaner, etc.
All those things cleaned up a bunch of garbage but one problem remained and still remains. :mad: I was unable to find a description of anything similar and none of the tools found it. The symptom seems like malware of some sort...
If the laptop is connected to the network (via wi-fi) it will immediate create a directory under her temp directory -- c:\users\owner\AppData\temp\cache and then start filling that directory with other directories with numerical names (e.g. 4820, 33901, blah blah). It then fills those directories with mostly .txt files.
When I left it alone for a few hours it had created over 300MB of junk in over 2000 directories under c:\users\owner\AppData\temp\cache. Needless to say that Windows Explorer is not good at deleting that many files.
If I disabled the wi-fi then this activity stopped immediately. As I said before, I never solved the problem. I tried to attenuate the problem by creating a batch file that removes the ...\temp\cache directory and scheduled it to run every 15 minutes. If I waited longer than that it had too much time to create directories and files so the RD command took too long to run.
Has anyone heard of this malware symptom? Have you managed to fix it?
Thanks in advance,