I Caught A Worm, Bit Defender Hangs Up On Scan

dear administrator,

I caught a virus or worm, and BitDefender is unable to clean the infection.

When I run a scan, the scan hangs up in my Document and settings folder. More specifically, in this folder:

documents and setting/user/Local settings..... ==> JAVASCRIPT8

The scan blocks on this file and it cannot continue, even if I wait an hour or more.

Now, Local Settings is a hidden folder in the user folder, but the virus caused the system to deactivate all options to access Folder Options.

When I go to regedit, it says that it has been deactivated by the administrator. Therefore, no access to delete the folder.

Can you please provide guidance on next steps.

Regards,

bettman

Find more posts tagged with

Comments

alexcrist

Hello bettman,

Please put the suspected file in a password protected archive (with the password infected), upload it on a file sharing server, and send me the download link through PM. I will forward the file for analysis ASAP.

Cris.

bettman

Hello bettman,

Please put the suspected file in a password protected archive (with the password infected), upload it on a file sharing server, and send me the download link through PM. I will forward the file for analysis ASAP.

Cris.

Cris,

I do not have access to the file because I am unable to access hidden files on my system. Please see above.

Please advise,

bettman

alexcrist

You have a few alternatives to this:

- use an alternative File Manager that can show hidden files and folders (like Total Commander, because it's independent of Explorer's settings)

- open Explorer, go to Documents and settings/user/. Then, in Explorer's address bar, type at the end of the address: /Local settings/temp and press enter. It should get you to the folder you need. There you can find the file, if it's not hidden as well (and I kinda doubt it).

- use cmd.exe (Start -> Run -> cmd <Enter>) to navigate to the folder you need. It won't show the hidden files and folders, but you can use the path showed by BitDefender to "blindly" navigate to that path. Once you get there, use the following commands:

attrib -H <filename>
attrib -R <filename>
attrib -S <filename>

(to change the properties of the file, so it won't be hidden/system/read-only anymore...it will be just a normal file)

ren <filename> c:\<filename>.vir

(this will move the file from it's current location to C:\ and rename it to <filename>.vir). Replace <filename> with the name of the suspected file. Once you do this, you can find the file and archive it.

- 3rd option, follow the steps presented here to find and move the file: http://forum.bitdefender.com/index.php?showtopic=1054 You will need a valid Windows installation disc.

Cris.