Hi I did a scan with Panda and it found these two items, can someone please advise me how to fix/remove these , is the file ss3unstl.exe needed ? or can it be deleted ?

Thanks for your help


Incident Status Location
Adware:adware program Not disinfected D:\WINDOWS\ss3unstl.exe
Adware:adware/navhelper Not disinfected Windows Registry

Adware:adware program Not disinfected D:\WINDOWS\ss3unstl.exe

There is always a minor possibility that any item identified is a false positive (i.e. not a bad item at all). My quick research tells me that it Installs programs and Deletes programs. It may have a legitimate purpose but is strangely located in the WINDOWS folder. Panda probably takes a negative view of this behavior at such a location.


You could attempt to locate at least a second opinion (perhaps describing the nature and objective of the malware) on a given item (and/or by using a search engine):
http://www.virustotal.com/flash/index_en.html (10MB file size maximum)


You could delete it and leave it in the 'Recycle Bin' for a few days or rename the file by adding say an underscore to the file name (_ss3unstl.exe).

See if you miss the file over the next few days or weeks. You could also check if Panda still detects it as now named or located.

Adware:adware/navhelper Not disinfected Windows Registry

This item is probably an orphaned registry entry is will not be causing any problems other than being an additional clutter item.

Hi
Many thanks for your help, I have rename the file and put in the recycle bin, did a scan with virus total ( details below ) and it found this - Fortinet 2.71.0.0 04.01.2006 suspicious, but unsure what it means .

Thanks
Woody


This is a report processed by VirusTotal on 04/01/2006 at 22:46:22 (CET) after scanning the file "ss3unstl.exe" file.
Antivirus Version Update Result
AntiVir 6.34.0.14 04.01.2006 no virus found
Avast 4.6.695.0 04.01.2006 no virus found
AVG 386 03.31.2006 no virus found
Avira 6.34.0.54 04.01.2006 no virus found
BitDefender 7.2 04.01.2006 no virus found
CAT-QuickHeal 8.00 03.31.2006 no virus found
ClamAV devel-20060202 03.30.2006 no virus found
DrWeb 4.33 04.01.2006 no virus found
eTrust-InoculateIT 23.71.117 04.01.2006 no virus found
eTrust-Vet 12.4.2145 03.31.2006 no virus found
Ewido 3.5 04.01.2006 no virus found

Fortinet 2.71.0.0 04.01.2006 suspicious

F-Prot 3.16c 03.30.2006 no virus found
Ikarus 0.2.59.0 04.01.2006 no virus found
Kaspersky 4.0.2.24 04.01.2006 no virus found
McAfee 4731 03.31.2006 no virus found
NOD32v2 1.1466 03.31.2006 no virus found
Norman 5.70.10 03.31.2006 no virus found
Panda 9.0.0.4 04.01.2006 no virus found
Sophos 4.04.0 04.01.2006 no virus found
Symantec 8.0 04.01.2006 no virus found
TheHacker 5.9.7.123 04.01.2006 no virus found
UNA 1.83 03.30.2006 no virus found
VBA32 3.10.5 03.31.2006 no virus found

Only one suspicious result is inconclusive. I like to see at least two negative opinions from such a long list of vendors.


One other step you could take is to right click on the file and select 'properties' to see if you can determine a vendor and any other details.

Hi

One other step you could take is to right click on the file and select 'properties' to see if you can determine a vendor and any other details.

Looked for the vendor details but they are all blank , so i will leave it the recycle bin for now to see what happens

Many Thanks for your help and advice, its very appreciated


Woody