Trojan.Downloader.AQI

Every day, the first time I open Firefox (version 2.0.0.4), I get a warning from BitDefender Antivirus Plus v10 that it found a file infected with the above named virus, and that it blocked it, so my computer is not infected. OK, good, so far. I have the full path to the file that is infected.

My question is, I would like to manually delete that file so I don't get that notification anymore. Would that solve my problem? And why doesn't BD simply remove the file rather than just blocking it? And, if I remove that particular file, will it really remove the virus once and for all?

The path is this:

c:\documents and settings\leslie\application data\mozilla\firefox\profiles\whxilb8u.default\cache.trash\trash\cache\a23e4567d01

Would deleting that profile work, and if so, what impact would that have on my Firefox? Wouldn't it simply build a new profile for me?

Please advise, and thank you in advance.

Find more posts tagged with

Comments

AndreiASM

Hi!

You should delete temporary internet files. You can also go (in Firefox) to Tools -> Options -> Privacy, and choose "Clear Now". This will clear all your personal data, including temporary internet files, cookies etc. You can also manually delete the file. Be sure to deactivate temporarly the BD Antivirus Real-time protection.

Andrei

alexcrist

Hi Iriggs,

BD can't delete the infected files because they are archived in Firefox's cache files. BD can open the cache files, it can scan the files inside it, it can warn you if there are any threats, but it cannot remove the infections because it can't re-pack Firefox's cache files.

To clean the virus do this:

1) Open Firefox

2) Disable BD Realtime Protection

3) In Firefox, click Tools -> Clean private data -> <select> Cache (you may select everything, but you only need to clear the cache to delete the virus) -> <click> Clear Private Data Now (I have Firefox in Romanian. The options'names might be a little different).

4) Re-Enable BD Realtime Protection

5) Scan your system

Please post if this cleand the virus.

Cris.

lriggs

Hi Iriggs,

BD can't delete the infected files because they are archived in Firefox's cache files. BD can open the cache files, it can scan the files inside it, it can warn you if there are any threats, but it cannot remove the infections because it can't re-pack Firefox's cache files.

To clean the virus do this:

1) Open Firefox

2) Disable BD Realtime Protection

3) In Firefox, click Tools -> Clean private data -> <select> Cache (you may select everything, but you only need to clear the cache to delete the virus) -> <click> Clear Private Data Now (I have Firefox in Romanian. The options'names might be a little different).

4) Re-Enable BD Realtime Protection

5) Scan your system

Please post if this cleand the virus.

Cris.

When you said "scan your system" does that mean a deep scan? When it runs a quick scan, it never finds the infected file.

AndreiASM

The trojan shouldn't be on your system anymore, and if BD doesn't say anything when you open Firefox, that means you're clean!

If you still have doubts, you can run a deep system scan.

Andrei