rootkit hidden driver malware RRS feed

  • General discussion

  • Can soneone tell me where is the best place to get this question answered. Thanks in advance!

    AVG is reporting this problem. When I tell AVG to remove the "software/file" the message reads that the I cannot access the file because it is locked (access denied). Can you (anyone) give me some information on how to rid myself of this problem? Thanks in advance!

    "Object name";"C:\WINDOWS\TEMP\INSTB32.SYS"
    "Detection name";"Hidden driver"
    "Object type";"file"
    "SDK Type";"Rootkit"
    "Result";"Object is hidden"

    • Changed type JimR1Moderator Friday, May 15, 2009 12:13 PM
    • Moved by JimR1Moderator Friday, May 15, 2009 12:13 PM Off Topic. (From:Windows Live OneCare Update)
    Friday, May 15, 2009 7:03 AM

All replies

  • You can try starting your computer in Safe Mode then deleting your TEMP files. I believe you can get help with AVG here - http://www.wilderssecurity.com/forumdisplay.php?f=32
    Jim - MVP Windows Live - Forum Moderator - Live One Care - Live Mesh
    Friday, May 15, 2009 12:29 PM
  • If you have "LoJack for Laptops" from Absolute Software, this is probably a portion of that software.  I've seen this on my own laptop in the Windows Vista Event logs.

    If you don't have this software, you should continue to assume it's something else until you can prove otherwise.

    Windows OneCare Forum Moderator
    Friday, May 15, 2009 2:34 PM