BitDefender disinfection failed, Why?

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
(I just finished eliminating an infection. The malware files I'm
talking about here are the remnants of it, and they aren't executing.
The system functions well now.)

Using BitDefender AntiVirus 2008 Trial on a Vista Basic machine, I
scan and get the following report:

                                DeepScan:Generic.Malware.SP!
VPkWkg.C33CC922 - "disinfection failed" on 2 issue(s).
                                       Infected : C:\Users\Admin
\AppData\LocaI\Temp\T...omania 2.6 Patch.zip\KIeptomania 2.6 Patch.exe
                                       Infected : C:\Users\Admin
\Documents  rash\hldrrr_.exe

But when I use Windows Explorer to get to these files, BitDefender
opens a small window in the lower right saying it's quarantining the
file. The offending file then disappears from Windows Explorer. This
prompts my first question: If BitDefender can quarantine the file when
it sees it in Explorer, why can't it do the same thing when it sees
the file during a scan?
Now looking at the log BitDefender creates after a scan, I get four
items:
The 2 files listed above, one fake virus I created as a test,
C:\Users\Admin\Documents\eicar.com    EICAR-Test-File (not a virus)
Disinfect Failed

and this notice:
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files
\Content.IE5WBDGH8P\b64_2[2].jpg    Win32.Worm.Bagle.ZKD    Disinfect
Failed

But this last file doesn't exist.
So, why is BitDefender reporting in the log a file that doesn't exist?
(Well, at least I can't find it using Windows Explorer.) Why is this
in the log but not in the end-of-scan report?

And why is my fake virus (which I created as a test for another anti-
virus app) showing in the log but not in the end-of-scan report? And
why wasn't the fake virus quarantined or deleted?  The fake was
supposed to be a standard fake that all virus programs detect.

--
Nehmo

Re: BitDefender disinfection failed, Why?

Quoted text here. Click to load it

I have to add that regarding the item I couldn't find, the
b64_2[2].jpg, when I tried to navigate to the file, I couldn't find
the folder for it, but when I pasted the location into the address bar
of Explorer, I *did* find the file. Actually, I found four similar
jpg's. I deleted all of them.
I don't understand why I could find them via pasting but not by
navigating.

Re: BitDefender disinfection failed, Why?

Quoted text here. Click to load it

I think I can answer that bit.

They were almost definitely files in your Temporary Internet Files and
Windows Explorer hides the real structure of Temporary Internet Files from
you if you try to explore your way round it but will allow you go straight
there of you enter the real location of the file in the address bar. More
specifically Explorer makes it look as if everything under Temporary
Internet Files is all lumped into one big directory while in reality it's
divided, seeming arbitrarily, into several sub directories.

--

Brian Gregory. (In the UK)
ng@bgdsv.co.uk
To email me remove the letter vee.



Site Timeline