HI all I have a warning on startup from Nod 32 it is as follows C:\Users\Graham\AppData\Local\Temp\roamsvc.exe NSIS/TrojanDownloader.FakeAlert.DK.Gen trojan unable to clean Have looked around on how to clean this, they all want me to install another anti virus program?? It is not the normal roamsvc by Intel, its in the wrong directory and the wrong size. Anyone know how to clean this, first one in 4 years that nod cant deal with. Thanks MadBriT
create and submit sysinspector log http://kb.eset.com/esetkb/index?page=content&id=SOLN2219 and or visit one of the dedicated sites https://www.wilderssecurity.com/showpost.php?p=1533481&postcount=3
The file is legitimate but it would appear to have become infected. Do as Cudni suggested Your may try flushing your %temp% files by running a command from your Run Box in Safe Mode and deleting all those files, run a full on-demand scan after a reboot. If the infection remains defer to what was originally suggested. Thank you.
I doubt it's a legitimate file, especially when it's located in the temp folder. Malware often has names same as or similar to system files and the danger it poses doesn't depend on its name but on the actions the malware does.
Agreed, what I meant was the file name is correct for the executable file but not in a temporary file location. A Smart or Full Scan would be required, at the least.