Help: Java/TrojanDownloader.OpenStream.NAB

Discussion in 'NOD32 version 2 Forum' started by Wenaro, Jun 26, 2008.

Thread Status:
Not open for further replies.
  1. Wenaro

    Wenaro Registered Member

    Joined:
    Jun 26, 2008
    Posts:
    3
    Hello,

    I need some help. NOD32 found a threat, but cannot delete it:

    "File C:\Documents and Settings\user\Local Settings\Temp\jar_cache46680.tmp is infected with trojan Java/TrojanDownloader.OpenStream.NAB"

    I looked for the file in Documents and Settings\user\Local Settings... to erase it manually but could not find it.

    I read through posts dealing with similiar issue on several forums and learned that running NOD32 in safe mode might help, but it didn't.

    Anyone got an idea?

    Thanks in advance,

    Wenaro
     
  2. Thankful

    Thankful Savings Monitor

    Joined:
    Feb 28, 2005
    Posts:
    3,731
    Location:
    New York City
    Did you try clearing Java temporary internet files using the Java icon in the control panel?
     
  3. Wenaro

    Wenaro Registered Member

    Joined:
    Jun 26, 2008
    Posts:
    3
    @ Thankful: Yes, I tried that already. Didn't help. But thanks for trying to help. Any other suggestion?
     
  4. Kosak

    Kosak Registered Member

    Joined:
    Jul 25, 2007
    Posts:
    711
    Location:
    Slovakia
    Hello!

    Run NOD32 on-demand scanner in safe mode with cleaning option.
     
  5. Wenaro

    Wenaro Registered Member

    Joined:
    Jun 26, 2008
    Posts:
    3
    @ Kosak: Thank you for the advise.

    Unfortunately it did not help. I ran NOD32in safe mode with cleaning option, but it did not even find the infected file. I ran it again in normal mode and threat is still there.

    Any idea?

    Thanks,
    Wenaro
     
  6. Kosak

    Kosak Registered Member

    Joined:
    Jul 25, 2007
    Posts:
    711
    Location:
    Slovakia
    Hmm, there will be probably other malware. Send log from ESET SysInspector to support[at]eset.com for analyse.
     
Thread Status:
Not open for further replies.