Recently I have scanned my computer with malware bytes. All appeared to be clean. For a second opinion I turned to hitman pro, and it gives me this: screenshot
. I have tried several times to remove it conventionally with the help of the antivirus, but it is still there. I wish to emphasise on where this file is located [ C:\ProgramData\Microsoft\Search\Data\Applications\Windows\tmp.edb
] because after a while of googleing I found that there is a file with the same name in some other folder and it is not my concern. This file can not be deleted because it is run by SearchIndexer.exe and if the process is shut down I have no access to it. This file does not appear in safe mode. I tried booting a live cd of ubuntu so that I can remotely delete it, again, it does not appear. I can not submit this file to virus total because it tells me it is an empty archive. I can not modify it in any way (rename, copy, cut, etc.). I have tried unlocker, I even ran combofix. Could this be a false positive ? I have googled it and a solution was nowhere to be found. Also, I don't think I'm willing to install another couple of antiviruses to try it out, I already know avira and kaspersky can not remove this from other threads.
EDIT: the computer seems to be running normally, with no additional services or processes, and apparently no change in memory usage either, and nothing unusual is trying to connect to the internet, but then again I'm only using the windows firewall.
EDIT2: with previous versions of hitman pro I would not get this file showing up as malware, which leads me to believe it is a false positive, seeing how the file is generated on every boot, maybe the updated version of the program picks it up by mistake (I definitely hope so).
Edited by 6xSnake6x, 28 May 2010 - 08:43 AM.