December 5, 2012 at 8:40 am
Hi,
I have a long running SSIS package running on SQL Server 2008 R2 SP1 and hosted on a Windows Server 2008 R2 SP? server. The package has recently stopped working for one particular configuration file. The package simply reads the config file and then performs a file action based on the values held in the config. In this case the value is to delete all files from a folder older than 30 days. The resulting error is " Access to the path '$RECHCLE.BIN' is denied.".
The same package (different config file) works for the previous step in my SQL Agent job. The only difference being the folder it deletes files from.
The package has been running fine up to last Friday (30th Nov) when it started reporting this error.
I am able to manually delete the file from the fodler in question without an issue.
I have concerns that this is due to a new virus/trojan/malware but don't have anything else to go on.
Can anyone else think why this error may be being generated?
Thanks,
Mike
December 7, 2012 at 6:40 am
It seems that the folder in which the package was attempting to delete files from had a few files which were not expected. The names of the files closely matched a known recent trojan, although were not exact. The files were marked as system files and so were not readily visible when assessing the problem. One of the files was $RECHCLE.BIN.
A virus scan was run on the folder (well the whole server actually) using a well known product with up to date definitions and this returned no problems. The duff files were removed and the package was able to successfully complete.
I think that the files may have been moved to the folder as part of an archiving procedure from a client. It may well be that the client was compromised with the virus and some of its payload was copied to my server folder.
All seems well now.
Viewing 2 posts - 1 through 1 (of 1 total)
You must be logged in to reply to this topic. Login to reply