General Questions
I'm a newby. I just ran an online scan, which showed up some problems.
One was in a downloaded file that appears to have subfiles that had Virtool.Pwdump.2.0.
The report says Disinfection failed, Deleted. Since the complete file was still showing in Explorer, I assume that means that only the subfile was deleted. Correct?
I think that what I am seeing means that the source of the virus has been eliminated to prevent reinfection.
Since the virus apparently got by my anti-virus it may still be hidden somewhere in my computer, correct?
I have since deleted the complete file, what else should I do?
In another portion I get a message that I have received viruses in 3 emails. I am aware of email problems and had used a Thunderbird filter to move the files to a "Junk" folder which I would delete without opening the message. The BD message again says Disinfection failed, Deleted followed by updated.
What does that mean?
Again what action should I take?
Thanks in advance for any help!!
Comments
-
Hello Halek
BitDefender deleted only the infections. That is why you still see the folder with the clean uncompressed files.
If you delete the archive you are safe. But do you have run an executable inside the file? I still recommend that you do this also go start,my computer,right click on my computer choose properties,system restore,check the option disable system restore on all stations. Confirm the windows message. When everything is greyed out uncheck it and confirm by pressing on apply and ok. Did you saved the scanreport?
It means that BitDefender has delete the infected mails. If that failed you must have seen update failed or deleted failed.
BitDefender has already taken action.
Regards
Niels0 -
Hello Halek
BitDefender deleted only the infections. That is why you still see the folder with the clean uncompressed files.
If you delete the archive you are safe. But do you have run an executable inside the file? I still recommend that you do this also go start,my computer,right click on my computer choose properties,system restore,check the option disable system restore on all stations. Confirm the windows message. When everything is greyed out uncheck it and confirm by pressing on apply and ok. Did you saved the scanreport?
It means that BitDefender has delete the infected mails. If that failed you must have seen update failed or deleted failed.
BitDefender has already taken action.
Regards
Niels0 -
Thanks for your rapid reply!
1. I did save the BD report.
2. Your direction to shutdown Restore is in order to eliminate the possibility of restoring the infected files, correct?
3. Since it appears that BD did not identify files other than what appear to be sources, do you think that my antivirus prevented further infection?0 -
Hello Halek
1) Can you please post the report? Just to be 100 % sure.
2) Yes that is correct. Most malware use this tactic so they can reinstall itself. No antivirus can't delete system restore points. Because you need higher priviliges before you can access the folder. Even when you are an administrator you can't open the folder.
3) It could be that your antivirus prevented or BitDefender detected these files and deleted the infected ones. And you antivirus didn't detected these files. But then you have to see at the events of your current antivirus if your antivirus detected infected files in the same folder as BitDefender online scan did. If you can't find anything then it's most likely that your antivirus as I mentionned before didn't detected these files.
Glad that I could help you. Don't hesitate if you have any other questions.
Regards
Niels0 -
Attached is my Scan Report.
I'd appreciate any comments.
Thanks again!0 -
Hello Halek
I've examined your report. I recommend that you delete Helix_V1.8-10-05-2006.iso
which is located here C:\1My Documents_Saves\.
Regards
Niels0
