Loading ...
Sorry, an error occurred while loading the content.
 

Odd file in cache directory - spyware?

Expand Messages
  • DA
    Hi anybody, I recently found this odd file in my Netscape 4.79 cache directory while cleaning out the cache. It s named fat.db and I can t delete or rename it
    Message 1 of 9 , Nov 6, 2002
      Hi anybody,

      I recently found this odd file in my Netscape 4.79 cache
      directory while cleaning out the cache.

      It's named fat.db and I can't delete or rename it because
      I get the message:

      Cannot delete fat: There has been a sharing violation.
      The source or destination file may be in use.

      Only the archive bit is set and since I am using Win2k
      I can't go into DOS to delete it.

      At about the same time (4th of November) a spyware registry
      entry was put in. Ad-Aware called it Alexa, and deleted it
      without any problem. I suspect the two are related.

      In the last couple of days, I noticed that my computer
      sometimes gets very slow when on the web because it is busy
      doing something else. The mouse pointer momentarily hangs
      up and when I look at cpu usage in Task Manager, it is about
      80% busy even though I am not doing anything.

      Does anyone know how to get rid of this file? Or does it
      really belong there and I am just imagining that I always
      used to be able to delete all the files in the Netscape
      cache directory?

      Thanks for any suggestions.

      DA
    • Christopher J. & Jo-Ann J. Spilker
      Hi DA, RE: I recently found this odd file in my Netscape 4.79 cache directory while cleaning out the cache. It s named fat.db and I can t delete or rename it
      Message 2 of 9 , Nov 6, 2002
        Hi DA,

        RE: I recently found this odd file in my Netscape 4.79
        cache directory while cleaning out the cache.

        It's named fat.db and I can't delete or rename it
        because I get the message:

        Cannot delete fat: There has been a sharing
        violation. The source or destination file may be in use.

        Answer:

        Try to go into Task Manager (via CTRL+ALT+DEL), look in
        Processes, find "fat.db", KILL it and then attempt to delete it.

        See if this helps / works for you.

        Regards,
        Christopher J. Spilker
        mailto:chris-jo-ann-spilker@...
      • DA
        Hi, Christopher, There s nothing in the Task Manager that says fat.db. By the way it is sort of big for a file of this type -- 340k. I suppose I could try
        Message 3 of 9 , Nov 6, 2002
          Hi, Christopher,

          There's nothing in the Task Manager that says fat.db.
          By the way it is sort of big for a file of this type -- 340k.

          I suppose I could try killing processes one at a time until
          something works. Naw, that's too much work. There's 49
          processes running, and it's possible none of them is the
          culprit.

          Any other ideas?

          DA



          "Christopher J. & Jo-Ann J. Spilker" wrote:
          >
          > Hi DA,
          >
          > Answer:
          >
          > Try to go into Task Manager (via CTRL+ALT+DEL), look in
          > Processes, find "fat.db", KILL it and then attempt to delete it.
          >
          > See if this helps / works for you.
        • hsavage
          Hey DA, ... Fat.db is a standard Netscape file and has long been so. Upon viewing, it appears to be as the name implies, a database of sorts. It s a db of
          Message 4 of 9 , Nov 6, 2002
            Hey DA,

            > DA wrote:
            >
            > Hi anybody,
            >
            > It's named fat.db and I can't delete or rename

            Fat.db is a standard Netscape file and has long been so. Upon viewing,
            it appears to be as the name implies, a database of sorts. It's a db of
            most of the gif files and the associated sites you have browsed and
            which cache file the info is stored in.

            > Cannot delete fat: There has been a sharing violation.
            > The source or destination file may be in use.

            Although I don't remember ever trying, it's odd that you can't delete it
            if Netscape isn't running. That would most likely be the source of a
            sharing violation. It may be indicative of the presence of Ad-ware or
            a virus using the file to gather and transmit information of your web
            travels.

            In Netscape, Edit/Preferences, clear your cache and cache memory, shut
            down NS, disconnect from your ISP and try again. I can delete
            mine(Win98) but NS4.79 isn't my default browser.

            > In the last couple of days, I noticed that my computer
            > sometimes gets very slow when on the web because it is busy
            > doing something else. The mouse pointer momentarily hangs
            > up and when I look at cpu usage in Task Manager, it is about
            > 80% busy even though I am not doing anything.

            When did you have your last Virus checkup? This overactive CPU and the
            sharing violation could be a symptom that you are infected. The new
            viruses are getting smarter. They can range from Nuisance to being
            destructive, can log on to their host site and download virus updates
            when you're connected.

            > Does anyone know how to get rid of this file? Or does it
            > really belong there

            It belongs there, it's possible the installation marked it as protected,
            if, since, Netscape is your default browser.

            >
            > DA

            hrs
          • hsavage
            Hey DA, ... Fat.db is a standard Netscape file and has long been so. Upon viewing, it appears to be as the name implies, a database of sorts. It s a db of
            Message 5 of 9 , Nov 6, 2002
              Hey DA,

              > DA wrote:
              >
              > Hi anybody,
              >
              > It's named fat.db and I can't delete or rename

              Fat.db is a standard Netscape file and has long been so. Upon viewing,
              it appears to be as the name implies, a database of sorts. It's a db of
              most of the gif files and the associated sites you have browsed and
              which cache file the info is stored in.

              > Cannot delete fat: There has been a sharing violation.
              > The source or destination file may be in use.

              Although I don't remember ever trying, it's odd that you can't delete it
              if Netscape isn't running. That would most likely be the source of a
              sharing violation. It may be indicative of the presence of Ad-ware or
              a v i r u s using the file to gather and transmit information of your web
              travels.

              In Netscape, Edit/Preferences, clear your cache and cache memory, shut
              down NS, disconnect from your ISP and try again. I can delete
              mine(Win98) but NS4.79 isn't my default browser.

              > In the last couple of days, I noticed that my computer
              > sometimes gets very slow when on the web because it is busy
              > doing something else. The mouse pointer momentarily hangs
              > up and when I look at cpu usage in Task Manager, it is about
              > 80% busy even though I am not doing anything.

              When did you have your last V i r u s checkup? This overactive CPU
              and the sharing violation could be a symptom that you are infected. The
              new v i r u s e s are getting smarter. They can range from Nuisance
              to being
              destructive, can log on to their host site and download v i r u s
              updates when you're connected.

              > Does anyone know how to get rid of this file? Or does it
              > really belong there

              It belongs there, it's possible the installation marked it as protected,
              if, since, Netscape is your default browser.

              >
              > DA

              hrs

              PS. This was rejected by Yahoo the first try, I spread out some words
              just in case.
            • DA
              Hi Harvey, I just searched fat.db with google and like you said, it is supposed to be there. The odd part is that I can t delete it. I think I never noticed
              Message 6 of 9 , Nov 6, 2002
                Hi Harvey,

                I just searched fat.db with google and like you said,
                it is supposed to be there. The odd part is that
                I can't delete it. I think I never noticed it before
                because it was always deleted with the rest of the trash.

                I found this definition for fat.db, and if this is its
                purpose, then there should be no reason why it can't
                be deleted with the rest of the cache.

                "It's a hashed DB of the entries in the cache.
                Allows faster lookup than spinning through the
                directory, and isolates Netscape from different
                file systems."

                > Although I don't remember ever trying, it's odd that you can't
                > delete it if Netscape isn't running. That would most likely
                > be the source of a sharing violation. It may be indicative
                > of the presence of Ad-ware or a virus using the file to
                > gather and transmit information of your web travels.

                That's what concerns me!

                >
                > In Netscape, Edit/Preferences, clear your cache and cache memory, shut
                > down NS, disconnect from your ISP and try again. I can delete
                > mine(Win98) but NS4.79 isn't my default browser.

                OK. Did that, and now the size is down to 16kb. I think this
                is probably normal.

                I just now tried deleting it. Now it deletes now too, and it gets
                recreated when I start Netscape. This seems normal to me.

                > When did you have your last Virus checkup? This overactive CPU and the
                > sharing violation could be a symptom that you are infected. The new
                > viruses are getting smarter. They can range from Nuisance to being
                > destructive, can log on to their host site and download virus updates
                > when you're connected.

                My Norton antivirus definitions are completely up to date,
                so if it is a virus it's one that sneaked by NAV.

                I think it is fixed now anyhow. Thanks for pointing my nose in the
                right direction!

                DA
              • Christopher J. & Jo-Ann J. Spilker
                Hi DA, RE: Deleting fat.db in Netscape 4.79 I do not have any more ideas, though I tip my hat to Harvey for getting you there! I am not using Netscape and
                Message 7 of 9 , Nov 6, 2002
                  Hi DA,

                  RE: Deleting fat.db in Netscape 4.79

                  I do not have any more ideas, though I tip my hat to Harvey
                  for getting you there! I am not using Netscape and thought, what
                  the hay, give this a try. Many times, it is a running, backround
                  process that can not be readily and easily deleted. This was not
                  one of those times.

                  Thanks, Harvey (aka hrs) for the input. I'll file that one
                  away.

                  Regards,
                  Christopher J. Spilker
                  mailto:chris-jo-ann-spilker@...
                • Alec Burgess
                  ... FYI: I got both versions delivered by my ISP. I m curious: what are the symptoms of being rejected by Yahoo. On web-site I see: 3667 Re: Odd file in
                  Message 8 of 9 , Nov 6, 2002
                    > PS. This was rejected by Yahoo the first try, I spread out some
                    > words just in case.

                    FYI: I got both versions delivered by my ISP. I'm curious: what are the
                    symptoms of being "rejected" by Yahoo.

                    On web-site I see:
                    3667 Re: Odd file in cache directory - spyware? hsavage hrs62930
                    9:57 am 4 KB
                    3668 Re: Odd file in cache directory - s p y w a r e ? hsavage hrs62930
                    10:07 am 4 KB


                    Regards ... Alec
                    --
                    -------------------------

                    hsavage wrote (Wed, 06-Nov-2002 10:07 [GMT-0500]):
                    <snip>
                  • hsavage
                    ... Alec, I don t remember the exact verbiage but, something to the effect that yahoo had rejected the first version of the email. Could have been a glitch
                    Message 9 of 9 , Nov 6, 2002
                      > Alec Burgess wrote:
                      >
                      > FYI: I got both versions delivered by my ISP. I'm curious: what are the
                      > symptoms of being "rejected" by Yahoo.
                      >
                      > On web-site I see:
                      > 3667 Re: Odd file in cache directory - spyware? hsavage hrs62930
                      > 9:57 am 4 KB
                      > 3668 Re: Odd file in cache directory - s p y w a r e ? hsavage hrs62930
                      > 10:07 am 4 KB

                      Alec,

                      I don't remember the exact verbiage but, something to the effect that
                      yahoo had rejected the first version of the email.

                      Could have been a glitch from my ISP, adding or deleting bytes, could
                      have been anything.

                      hrs
                    Your message has been successfully submitted and would be delivered to recipients shortly.