Two of the servers I work with, located as separate schools, which have our Managed Antivirus running, have detected a file called join.me.exe and quarantined it. Here is the path of the file on one of the servers:
C:\users\administrator\appdata\local\apps\2.0\02D4YAAV.6BL\2Y6ZKXGR.0KX\join..tion_43a0dbe7f0f75062_0001.0000_9871fcdc8aa605d7\join.me.exe
Should I take any action to try and clean my system further, other than deleting this item out of quarantine. Has anyone seen this file get picked up as a Trojan.win32.generic!bt
Any advice on further action, dealing with this infection?
Users who used the join.me service (same company as LogMeIn) show up in the quarantine with this file on December 22, 2012 (or subsequent antivirus scan) regardless of download date. In all cases that we have tested, users downloaded the file directly from the Join.Me website. The parent directory contains other files from the same vendor.
This program is often used by vendors to provide remote support. It's a well-known product that doesn't deserve a "high risk" rating from VMware/Shavlik. (although by definition, it does provide interactive access to a remote machine -- but only a the user's permission)