Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 
        
Home       Members    Calendar    Who's On


Add to briefcase

Access to the path '$RECHCLE.BIN' is denied. Expand / Collapse
Author
Message
Posted Wednesday, December 05, 2012 8:40 AM
SSC Rookie

SSC RookieSSC RookieSSC RookieSSC RookieSSC RookieSSC RookieSSC RookieSSC Rookie

Group: General Forum Members
Last Login: Friday, January 03, 2014 1:44 AM
Points: 45, Visits: 222
Hi,
I have a long running SSIS package running on SQL Server 2008 R2 SP1 and hosted on a Windows Server 2008 R2 SP? server. The package has recently stopped working for one particular configuration file. The package simply reads the config file and then performs a file action based on the values held in the config. In this case the value is to delete all files from a folder older than 30 days. The resulting error is " Access to the path '$RECHCLE.BIN' is denied.".
The same package (different config file) works for the previous step in my SQL Agent job. The only difference being the folder it deletes files from.
The package has been running fine up to last Friday (30th Nov) when it started reporting this error.
I am able to manually delete the file from the fodler in question without an issue.
I have concerns that this is due to a new virus/trojan/malware but don't have anything else to go on.
Can anyone else think why this error may be being generated?
Thanks,
Mike
Post #1393054
Posted Friday, December 07, 2012 6:40 AM
SSC Rookie

SSC RookieSSC RookieSSC RookieSSC RookieSSC RookieSSC RookieSSC RookieSSC Rookie

Group: General Forum Members
Last Login: Friday, January 03, 2014 1:44 AM
Points: 45, Visits: 222
It seems that the folder in which the package was attempting to delete files from had a few files which were not expected. The names of the files closely matched a known recent trojan, although were not exact. The files were marked as system files and so were not readily visible when assessing the problem. One of the files was $RECHCLE.BIN.

A virus scan was run on the folder (well the whole server actually) using a well known product with up to date definitions and this returned no problems. The duff files were removed and the package was able to successfully complete.

I think that the files may have been moved to the folder as part of an archiving procedure from a client. It may well be that the client was compromised with the virus and some of its payload was copied to my server folder.

All seems well now.
Post #1394038
« Prev Topic | Next Topic »

Add to briefcase

Permissions Expand / Collapse