[Unabridged]

[ QUOTE ]
It's late, I am tired and have a headache but here here is what I learned:

Party is creating these tmp files once you login (I am using the beta). The file "34.tmp" has a md5 sum of 73bb6ac0e80583a43e5875590c95af98. It's 28,672 bytes big. Deleting this file with Microsoft AntiSpyware (MAS) will result in it enumerating the file number; I got 37.tmp and then 3a.tmp, 3F.tmp etc. upon each subsequent Party login. These files do not get flagged via MAS nor any other scanner I have used. (NortonAV, NOD32, A-squared, Spybot, and a few others). They all md5 sum to 73bb6ac0e80583a43e5875590c95af98 and are 28KB(28,672b) so it's clearly the same file Party is creating each time.

Creating a 728kb bmp file and renaming it to "34.tmp" and placing into C:\Documents and Settings\Lazyrobot\Local Settings\Temp will be flagged by MAS and removed just as the original 34.tmp was. Moving this fake tmp file file to other locations will not result in MAS flagging it as a Trojan. MAS will flag any file named "34.tmp" when it exists in your Documents and Settings\User\Local Settings\Temp folder. MAS will not detect this exact file (even the original offending 34.tmp) in any other location nor will any other scanner I have used.

At this point I no longer see this as a threat it appears it's just a false positive however I am not a security expert.

Beep

[/ QUOTE ]

[img]/images/graemlins/cool.gif[/img]