Threat Remains
anyone seen this before?
Remaining issues:Object Name Threat Name Final Status
C:\Documents and Settings\Owner\Local Settings\Temp\sst_inst.exe=]wise0096=]wise0009 Application.Remoteadmin.GE Delete Failed (file was in an archive)
Comments
-
Hello warrentaylor,
The file cannot be cleaned or removed, because it is in an installation kit (which is a packed format). To remove the infection, you have to delete the hole installer:C:\Documents and Settings\Owner\Local Settings\Temp\sst_inst.exe
That folder is hidden. If you cannot find it, read this: http://forum.bitdefender.com/index.php?showtopic=3573
Cris.0 -
Thanks,
I deleted it using the instructions in that link. Next deep scan, we'll see.
this folder is just full of junk. I wonder if any of it is leftover from a malware item I had a few months back.
thanks again0 -
this folder is just full of junk. I wonder if any of it is leftover from a malware item I had a few months back.
Not necessarily. The Temp folder is used by Windows and many applications to store temporary files.
Every user has his personal Temp folder (in C:\Documents and settings\<username>\Local Settings\Temp), and there's also a global Temp folder in C:\Windows\Temp.
Some files can't be deleted because they are still in use (by the application that created them), but all the other files are useless and can be deleted.
Cris.0 -
I can't get rid of this thing. I delete it and it appears to move somewhere else.
Now its at :
Object Name Threat Name Final Status
C:\System Volume Information\_restore{7F7BE6F8-0D6A-488B-ABDC-75393719A72D}\RP1113\A0120657.exe=]wise0096=]wise0009 Application.Remoteadmin.GE Delete Failed (file was in an archive)
when I try to get to that folder, my system tells me I don't have access in any way....???? here is a screenshot
what gives??? This is getting scarey!0 -
what gives??? This is getting scarey!
Chris would tell you this but since he is not there at the moment I do it if he doesn't mind:
Empty your system volume information to get rid of recreation of infection by windows recovery. To do that: go to start-control panel- system- system restore- check turn off system restore on all drives. Click apply. By doing this you loose all your (often infected) restore points. Reboot and uncheck “turn off system restore on all drives' to create a clean restore point.0 -
Read here about how to clean infections in System Volume Information folder: http://forum.bitdefender.com/index.php?showtopic=3575
Cris.0