Sign in
Microsoft.com
 
Microsoft
 
 
 

locked
rootkit hidden driver malware

 > 

    General discussion

  • Discussion
    Sign in to vote
    0
    Sign in to vote

    Can soneone tell me where is the best place to get this question answered. Thanks in advance!

    AVG is reporting this problem. When I tell AVG to remove the "software/file" the message reads that the I cannot access the file because it is locked (access denied). Can you (anyone) give me some information on how to rid myself of this problem? Thanks in advance!

    "Object name";"C:\WINDOWS\TEMP\INSTB32.SYS"
    "Detection name";"Hidden driver"
    "Object type";"file"
    "SDK Type";"Rootkit"
    "Result";"Object is hidden"

    • Changed type JimR1Moderator Friday, May 15, 2009 12:13 PM
    • Moved by JimR1Moderator Friday, May 15, 2009 12:13 PM Off Topic. (From:Windows Live OneCare Update)
    Friday, May 15, 2009 7:03 AM

All replies

  • Discussion
    Sign in to vote
    0
    Sign in to vote
    You can try starting your computer in Safe Mode then deleting your TEMP files. I believe you can get help with AVG here - http://www.wilderssecurity.com/forumdisplay.php?f=32
    Jim - MVP Windows Live - Forum Moderator - Live One Care - Live Mesh
    Friday, May 15, 2009 12:29 PM
    Moderator
  • Discussion
    Sign in to vote
    0
    Sign in to vote
    If you have "LoJack for Laptops" from Absolute Software, this is probably a portion of that software.  I've seen this on my own laptop in the Windows Vista Event logs.

    If you don't have this software, you should continue to assume it's something else until you can prove otherwise.

    OneCareBear
    Windows OneCare Forum Moderator
    Friday, May 15, 2009 2:34 PM
    Moderator