Win32.worm.autoruner.cd!
Comments
-
Hi trinh minh duc,
Please explain better what your problem is:
- where did BitDefender find the virus (what file, and where was it located)
- how did BD find the virus (Realtime protection, or Manual Scan)
- what hidden folders are you talking about?
Cris.
P.S.: I'll move this topic to the Malware section (it's more appropriate)0 -
Hello trinh minh duc
You have to enable the option in explorer before you can see hidden files/folders. Go to start,my computer,tools,folder options,display/view,check show/display hidden files/folders and press on apply to confirm. If the infection was placed on important system locations you have to uncheck hide protected operating system files press on apply and ok. Be very careful with it.
To verify what was done with the infection do this open BitDefender by double clicking on the red BitDefender icon when you are in BitDefender Security Center,press on events (logfiles,logs) double click on the scan finished or by real time events and copy and paste the location and the action that was applied.
Please be more specific if that wasn't what you wanted to know.
Best regards
Niels0 -
@ Cris:
- e:\autorun.inf
-by manual scan
-local settings
@Niels:I did what you say but i stlll can't see the local settings
Anyway,thanks " />0 -
What about if you try to go directly to that folder?
In Explorer, at the Address Bar, type: C:\Documents and Settings\<username>\Local Settings and press Enter. Even if you can't see the folder, it should get you into it (I've tested it and it worked).
If this doesn't work, it means that the folder doesn't exist.
Cris.0 -
Hello trinh minh duc
Try to do the same thing but press on apply on all folders. Normally when you do what I said you must be able to see the hidden folder but you have first to open the folder of your user account. But what Cris told you should work also.
Best regards
Niels0 -
OMG,this virus ate my bitdefender :wacko:
why can't i find the BDF launcher???0 -
Yeah, i also saw the stituation as trinh minh duc so i asked in this topic :
http://forum.bitdefender.com/index.php?showtopic=2456
and :http://forum.bitdefender.com/index.php?showtopic=2425
Cris have told me that he would test with sample. I hope he announced to BitDefender Labs0 -
Yeah, i also saw the stituation as trinh minh duc so i asked in this topic :
http://forum.bitdefender.com/index.php?showtopic=2456
and :http://forum.bitdefender.com/index.php?showtopic=2425
Cris have told me that he would test with sample. I hope he announced to BitDefender Labs
Hi Crem,
I tested the samples you sent me, but BD reacted just fine on them. I know you said that BD finds them only if the system hasn't already been infected, but this is what I did (all tests were made on Virtual Machine, WinXP SP2 as guest OS, BD 2008 IS fully updated):- I turned off the BD protection
- I ran ntdelect.com. It installed the virus in many places (in System32, in StartUp, in Temp folder and in IE Cache folder)
- I restarted the system
- I tried to make the hidden files visible, but it didn't work (so the virus installed itself correctly)
- I enabled BD protection. Instantly, it reacted on the threats: kav0.exe, ntdelect.exe, autorun.inf. Moved these 3 in the Quarantine
- I restarted the system (normally, not in SafeMode)
- I made a QuickScan (in the Windows fodler and in the Documents and Settings folder). BD found the rest of the threats (some files in the Temp folder and a file in IE Cache). It successfully deleted all of them. I didn't report anything because I thought the issue has been fixed.
If it doesn't work, I'll give you instructions on how to manually remove the infection.
Cris.0