Gen:variant.tedy.319128?
Hello,
Earlier today, I was simply downloading some updates for some Java plugins that I use in Eclipse. Along with this, I also downloaded the JavaFX SDK from Gluon. Downloads and installations went fine, and then, there it was, BD detected an infected file.. I submitted a bdsyslog, though, my computer is acting quite strange? I have ran multiple full system scans and deleted some applications I was working on (sigh....). So, if BD is saying my system is clean, why is it exhibiting ransomware-like behavior? Also, if an infected file was detected and quarantined, is there a possibility that some of my data may been written somewhere else? While I am concerned, I understand that this software doesn't really protect as its marketed to. The file name: main.exe was the name of the file that was quarantined. The weirdest thing about this was that the name of the Java class file was not main, but I did run another file that was a Rust file(main.rs) in VScode a couple of hours earlier... It was just weird considering that It happened right after downloading the Eclipse
Any feedback is appreciated!
😊
Comments
-
Check if below steps helps you in any way.
1) Restart PC in safe mode: https://support.microsoft.com/en-us/windows/start-your-pc-in-safe-mode-in-windows-92c27cff-db89-8644-1ce4-b3e5e56fe234
2) Open run command and run below command one by one:
temp ,delete all the files in the folder
%temp% ,delete all the files in folder
prefetch ,delete all the files in folder
3) Restart your PC in general mode by unticking the option that you selected to run the system in safe mode and then click apply.
4) Reset your browsers:
Google Chrome: https://support.google.com/chrome/answer/3296214?hl=en
Mozilla Firefox: https://support.mozilla.org/en-US/kb/refresh-firefox-reset-add-ons-and-settings
Microsoft Edge: https://malwaretips.com/blogs/reset-microsoft-edge/
Opera: https://browsersolution.com/reset-opera-browser
Vivaldi: https://help.vivaldi.com/desktop/install-update/full-reset-of-vivaldi/
Brave: https://support.brave.com/hc/en-us/articles/360017903152-How-do-I-reset-Brave-settings-to-default-
5) Now, to be on a safer side, I would also advise you to run these portable scanners which do not require any installation
* Download and run Malwarebytes AdwCleaner: https://www.malwarebytes.com/adwcleaner
* ESET Online Scanner: https://download.eset.com/com/eset/tools/online_scanner/latest/esetonlinescanner.exe
* Download and run a scan with Kaspersky Virus Removal Tool: https://devbuilds.s.kaspersky-labs.com/devbuilds/KVRT/latest/full/KVRT.exe .Make sure you checkmark System Memory, Startup Objects, Boot Sectors & System Drive before running a scan.
Regards
Life happens, Coffee helps!
Show your Attitude, when you reach that Altitude!
Bitdefender Ultimate Security Plus (user)
2 -
So, I booted into safe mode, deleted all temp, %temp%, and prefetch files. I reset my browsers as well. As far as using Kapersky and Malware Bytes, I was under the impression that I should not be downloading them and running them along BD?
Do you have any knowledge on what the infected file might be?
0 -
Also, I was wondering, I uninstalled Ubuntu and Docker (my host OS is windows 10), but do you think it would be necessary to uninstall Java? I mean, I wasn't experiencing any other issues before I applied my updates. As I mentioned, the only program I have ran today that was named main, was my main.rs. I have lost a lot of code to this, but I don't want any of my data being written elsewhere..
0 -
I wanted to give an update.
Apparently, nothing is being detected. I guess I will continue to wait on the report for the bdsyslog I submitted. I really appreciate all of your help!
I will update this thread if anything pops up!
1 -
You can use them as these are portable scanners and do not require installation. Running them alongside bidefender will not cause any problem.
There is no need to uninstall java.
Sure you can do that.
Regards
Life happens, Coffee helps!
Show your Attitude, when you reach that Altitude!
Bitdefender Ultimate Security Plus (user)
2 -
Thank you so much for your help!
2 -
So, I just received some feedback on the bdsyslog I submitted, and it turned out to be a false positive.
I guess better safe than sorry..
1 -
If you think the website/ file is incorrectly blocked by bitdefender you can share the same with malware researchers by filling up the forum in below stated link
If website/ file is indeed incorrectly blocked, detection will be removed in maximum of 72 hours and if the detection still remains after 72 hours, consider the website/ file as malicious by malware researchers and the detection will stay.
Regards
Life happens, Coffee helps!
Show your Attitude, when you reach that Altitude!
Bitdefender Ultimate Security Plus (user)
0