security alert

I keep getting security alerts from my comodo internet security
from files with *.tmp type
like nsrEDCB.tmp
I clean them but I keep getting alerts
every time with different name but with *.tmp type

I dont know if this is the right place to find out about this files
I would appreciate if anypne knows how to reove this threats
or are they safe

thanks Amir

.tmp files are often produced during installations. Do these alerts happen when you install free software that comes with a sponsor?

Is it the A/V that’s alerting? That’s pretty unmistakable, i.e., big honkin’ panel pops up blaring: MALICIOUS FILE / ACTIVITY DETECTED.

Otherwise, I’d be betting your farm that it may be CIS Defense+ HIPS that’s alerting. In that case sounds like you need to be creating a rule for the app in question to allow access - protected files/folders - to the files being requested access for / to.

For specific cases, its best to create a generic rule using wildcard for name + extension, i.e., *.tmp, or *.temp.

For example, on my system I have E:\IceDragon\Comodo\IceDragon\plugin-container.exe

To get it to stop pestering me, I had to create the following rule in Protected File/Folders:

%TEMP%\FAP?.tmp - using the single char wildcard ‘?’ and with the Environmental Variable %TEMP% that maps to either:

%USERPROFILE%\Local Settings\Temp - User Var


%SystemRoot%\TEMP - System Var

One is used by the system and the other by the user profile. I don’t have to worry which path, or what not, the system decides what it wants to use, and one Rule to Rule Them All. Pretty sneaky, eh?

That notwithstanding, all that, and whatnot, if you ARE getting an A/V alert, I wouldn’t be using that software. Dunno if that’s just me… :-\