NOD32 finds threat in file I cannot find - Appdata/Local

Page 1 of 4 123 ... LastLast

  1. Posts : 58
    Windows 7 Ultimate 32 bit
       #1

    NOD32 finds threat in file I cannot find - Appdata/Local


    The last 4 or 5 days I've been getting the attached message from NOD32. Finally got round to looking at it this morning. When I try to delete the file, NOD32 comes up "Error when deleting".

    I did a search for the fie on my hard drive and I found it, but again when trying to delete straight from the source folder it it said "file not found".

    I should have thought to have done a screen print of the properties box but I didn't. However, looking at the location - appdata/local/...8EE38d01 it appears this is a Firefox profile file.

    Ever since it's shown up I seem to be having problems with the wifi on the laptop, I don't know if this is causing it or whether that's a new problem entirely!

    Thought I'd drop a post here in case anyone's come across this before.

    Kit
    NOD32 finds threat in file I cannot find - Appdata/Local Attached Files
      My Computer


  2. Posts : 10,200
    MS Windows 7 Ultimate SP1 64-bit
       #2

    wittykitty,

    You can get rid of it by using Windows Defender Offline.
    Windows Defender Offline runs without Win 7 running.

    Follow this procedure:
    HOW TO USE WINDOWS DEFENDER OFFLINE ON A USB STICK
    Windows Defender Offline
    · is a free standalone, bootable malware and virus remover from Microsoft.
    · performs an offline scan of an infected PC to remove viruses, rootkits and other advanced malware.

    Download Windows Defender Offline (about 764 kB)

    You will have the choice of downloading the 32bit version (x86) or the 64 bit version (x64).
    The link will help you determine whether you are running a 32 bit version or 64 bit version of Windows

    NOTE!! You can download and prepare a 32 bit version using a 64 bit version of Windows
    NOTE!! You can download and prepare a 64 bit version using a 32bit version of Windows.

    You run the 32 bit version on a 32 bit version of Windows.
    You run the 64 bit version on a 64 bit version of Windows.

    The 32 bit download file name is: mssstool32.exe
    The 64 bit download file name is: mssstool64.exe

    For the curious, this program was originally name Microsoft Standalone System Sweeper.


    INSTALLATION:
    You will need an Internet Connection.
    Insert 512 mB (Microsoft’s 256 mB is no longer accurate) or larger USB stick into a usb port.
    Run the downloaded program--mssstool64.exe or mssstool32.exe
    NEXT button
    Choose the option On a USB flash drive that is not password protected
    NEXT button
    NEXT button
    .
    The install program will format the usb stick using the NTFS format.
    The install program will download about 210 mB.
    The install program will name the USB stick WDO_Media32 or WDO_Media64
    The WDO_Media32 usb stick will have used space of 255 mB (268,140,544 bytes)
    The WDO_Media64 usb stick will have used space of 282 mB (296,165,376 bytes)
    You can expect the number of mB to increase as more malware appears.

    UPDATE Windows Defender Offline USB stick:
    · reinsert the usb stick
    · run the installation program, mssstool64.exe or mssstool32.exe, again.
    · the update will download about 66 mB (mssstool32.exe) and 68 mB (mssstool64.exe).

    Since the malware database is sometimes updated several times in a day, always update before running.

    PERFORM AN OFFLINE SCAN
    Bootup your computer from the USB stick
    Windows Defender Offline will automatically perform a quick scan.
    After the quick scan finishes, Choose Full Scan
    Select all of your drives

    The initial, full scan can easily take several hours, but
    Remember, your computer is being very thoroughly checked for all types of malware.


    RESULTS OF THE SCAN
    The results will be in 4 log files on your computer's disk in:
    \Windows\Microsoft Antimalware\Support
    ===============================================
    ===============================================
    ===============================================

    After running wdo and booting your computer up normally,
    then carry out following which will put a .ZIP file on your desktop. Upload that .ZIP file please.

    Script:
    # ************************************************************
    # Zips up your log files from Windows Defender Offline
    #  and extended info about the log files
    # Places WDOlogs.ZIP on your Desktop
    #
    # **********************INSTRUCTIONS**************************
    # STEP 1 *****************************************************
    # RUN PowerShell as administrator
    # START ORB | type POWERSHELL | CTRL+SHIFT+ENTER key combo | ALT+Y keycombo
    # ************************************************************
    # STEP 2 *****************************************************
    # COPY, using CTRL+C, every line down thru both EXIT statements 
    # PASTE into Powershell == Right-Click at the PowerShell Prompt
    #  (Ctrl+V does not work)
    # Start copying with first line without a # at start of the line
    # Note: Actually, you can paste the entire file if you rather
    #       Lines starting with a # are ignored by PowerShell
    # ************************************************************
    #functions

    function New-Zip {
        
    param([Parameter(Mandatory=$truePosition=0ValueFromPipeline=$true)]
        [
    String$Path, [Switch] $PassThru, [Switch] $Force )
        
    Process { if (Test-Path $path) {if (-not $Force) { return } }
        
    Set-Content $path ("PK" + [char]+ [char]+ ("$([char]0)" 18))
        
    $item Get-Item $path$item.IsReadOnly $false;if ($passThru) { $item } } }
    function 
    Copy-ToZip {param(
      [
    Parameter(Mandatory=$true,Position=0,ValueFromPipelineByPropertyName=$true)] [Alias('FullName')] 
      [
    String]$File, [Parameter(Mandatory=$true,Position=1)] [String]$ZipFile,[Switch]$HideProgress,[Switch]$Force )
      
    Begin {$ShellApplication = New-Object -ComObject Shell.Application
      
    if (-not (Test-Path $ZipFile)) {New-Zip $ZipFile};$Path Resolve-Path $ZipFile
      $ZipPackage 
    =$ShellApplication.Namespace("$Path")}
      
    Process {$RealFile Get-Item $File; if (-not $RealFile) { return }        
      if (-
    not $hideProgress) {$perc +=5; if ($perc -gt 100) { $perc 
        
    Write-Progress "Copying to $ZipFile$RealFile.FullName -PercentComplete $perc}
      
    $Flags 0; if ($force) {$flags 16 -bor 1024 -bor 64 -bor 512};Write-Verbose $realFile.Fullname
       $ZipPackage
    .CopyHere($realFile.Fullname$flags);Start-Sleep -Milliseconds 500}}

    $fileinfo join-path $env:TEMP \wdofileinfo.txt
    IF (test-path $fileinfo) {del $fileinfo -ea:silentlycontinue -force:$true}
    $dir $env:windir '\Microsoft Antimalware\Support'
    $a dir $dir  -rec -force -ea:silentlycontinue sort-object -property lastwritetime 
    $b 
    $a where {$_.extension -eq '.log'} |Select  modefullnamenamecreationtimelastwritetime,  lastaccesstimelengthextension
    $b 
    out-file -append $fileinfo
    $b 
    | foreach ($_.fullname) {get-content -path $_.fullname} | out-file -append $fileinfo 
    $ziploc 
    $env:userprofile '\desktop\WDOlogs.ZIP'
    new-zip $ziploc -verbose:$false -ea:silentlycontinue -force:$true
    copy
    -tozip  $fileinfo $ziploc -verbose:$false -hideprogress:$true
    del $fileinfo

    EXIT
    EXIT

    # ***************** NOTE - POWERSHELL VERSION*****************
    # if you receive this error msg:
    #  Get-WinEvent: The system can not find the path specified
    # you need to update your PowerShell
    # you must be using Powershell 2.0 or later.
    #
    # To determine your Powershell version:
    #   Run PowerShell
    #   enter $host.version
    #   you should see at least:
    # Major  Minor  Build  Revision
    # -----  -----  -----  --------
    # 2      0      -1     -1
    #
    # If you do not see the above, update your Vista/Win 7.
    # ************************************************************
    # *************** NOTE - EXECUTION POLICY*********************
    # If you haven't set the execution policy, you may need to:
    #   Run PowerShell
    #   enter Set-ExecutionPolicy -executionpolicy remotesigned
    #
    # ************************************************************ 
    =====================================
    ======================================

    karl
      My Computer


  3. Posts : 58
    Windows 7 Ultimate 32 bit
    Thread Starter
       #3

    I don't have a USB stick! However, I use Glary, I've cleaned up and run NOD32 in-depth and it's come back clean.
      My Computer


  4. Posts : 10,200
    MS Windows 7 Ultimate SP1 64-bit
       #4

    I strongly recommend against using Glary. Causes more harm than good.

    Glary is NOT an offline malware remover.

    Now go get a usb stick, 1 GB is plenty big, although you may find that 4GB is the smallest you can find.

    USB sticks are cheap and everyone should have a collection on hand for various tasks. They are reusable and CD/DVDs are not.


    I await the wdo.zip file.
      My Computer


  5. Posts : 58
    Windows 7 Ultimate 32 bit
    Thread Starter
       #5

    I use CD's all the time for my business and have hundreds of blank ones - can I use that instead?
      My Computer


  6. Posts : 10,200
    MS Windows 7 Ultimate SP1 64-bit
       #6

    Yes. Click on the WDO link in my signature for further details. You are really simply installing to a different media and to a media which does not permit updating, as a general rule.

    I really do recommend using USB but the choice is yours. USB sticks are cheap and very general purpose, useful and are the modern day version of the "floppy".
      My Computer


  7. Posts : 58
    Windows 7 Ultimate 32 bit
    Thread Starter
       #7

    I do have them, but I posted them down to my mum with a shedload of files that would'nt fit to a CD! As she's 200 miles away they're not easy to get back. I'll use the CD for now, just finish printing up these CDs and I'll get right on this.

    Kit
      My Computer


  8. Posts : 10,200
    MS Windows 7 Ultimate SP1 64-bit
       #8

    fine. I've bought them at the corner grocery store, the drugstore (pharmaceutical), electronic store, even Best Buy, Staples, Target, Walmart, even Radio Shack which is always overpriced.
      My Computer


  9. Posts : 131
    windows 7 home premium x64
       #9

    wittykitty... I would stay well away from Glary... Just use CCleaner...got everything you need and it's a very good bit of software... I was a BIG fan of software like Glary...Advanced system care...and many others..the guys on this forum are second to none with good advise.. As Karl pointed out Glary causes more problems than its worth...

    Stick with MSE and CCleaner you cant go wrong :)
      My Computer


  10. Posts : 58
    Windows 7 Ultimate 32 bit
    Thread Starter
       #10

    Sammy can you send me a link to CCleaner please?

    Win7 guys are absolutely fantastic and am happy to bin Glary if they say so
      My Computer


 
Page 1 of 4 123 ... LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 06:08.
Find Us