F-PROT was unable to disinfect/quarantine (Chapter 2)
Posted by Finnbogi Finnbogason on 03/04/2013 14:06
This article covers advanced steps for manually removing files that F-PROT has detected as malicious but was unable to automatically remove or quarantine them.|
IMPORTANT: The instructions here are for advanced users and should only be attempted if the steps in "Chapter 1" proved to be ineffective.
Before you begin:
Manual steps for removing malicious files:
- Malware infections can be very complex and sometimes they run too deep to be manageable without assistance from an expert. If the instructions below aren't helpful, we recommend contacting Technical Support for expert assistance in analyzing and removing the infection.
- It is very important to have the latest version of F-PROT installed and make sure that it's virus definitions are very recently updated.
- Consult with Technical Support if you are not 100% sure as to whether removing a file is dangerous to your operating system's health.
The effect from performing the rename operations in the above instructions, if renaming was successful, is that the malicious programs will be unable to execute upon the next system startup, effectively rendering them defenseless against an F-PROT scan.
- Note down the path and filename to the file(s) detected and untreated by F-PROT.
In F-PROT the path can be viewed by clicking the [+] symbol, which then expands the report of the object found.
Example filename: xyvyx.exe or xyvyx.dll.
Example path: C:\Windows\System32.
- Navigate into the path and locate the malicious file.
- Right-click the file and select Rename, then change the file's name to something different. Example: xyvyx.exe is renamed to 1xyvyx.x
- Try the same method for all the files reported by F-PROT.
- When you have finished renaming the files, successfully or not, restart the computer and scan again with F-PROT Antivirus.
In cases where these methods prove ineffective, e.g. when files refuse to be renamed, please contact Technical Support for assistance.