 |
 | Dr. Web Cureit |  |
|
vjg
|
|
I ran a complete scan with Dr. Web Cureit in safe mode (which took close to 6 hrs.??) Result was a virus which read as follows:
OOo_3.2.0_Win32Int...C:\Documents & Settings...BackDoor.Doker.Origin C:\Documents & Settings...container contains infected... OOo_3.2.0_Win32Int...C:\Documents & Settings...container contains infected... In my fluster as what to do, I clicked 'move' which went to quarantine The quarantine file read: OOo_3.2.0 Win 32Intel_install_wJRE_en_US Type: application I deleted this from the quarantine file. Now I am wondering why Dr. Web's scan results read differently than the quarantine file? Did I do right by deleting this and is my PC clean of this virus by doing this? Could you please tell me what that 'container' means? Thanks in advance for help. Windows 7 Home Premium |
|||||||||||
|
|||||||||||||
 |
| |
|
GuitarBob
|
|
It's hard to say whether or not you did the right thing without knowing what the deleted file was. If your computer is still working ok, I guess you did the right thing. You might try running (briefly) every program you normally use to see if they all work okay. You can always upload suspect files to Jotti, VirusTotal or NoVirusesThanks on the web before you do anything to them. You should do this first because every AV can have a false positive (false detection) now and then.
The "container" reference probably meant the Cureit quarantine file. Dr. Web/Cureit is a good AV but it may have slightly more false positives than some others. Jotti/VirusTotal/NoVirusesThanks scan with multiple AVs, which gives you some additional assurance. Regards, |
|||||||||||
|
|||||||||||||
|
| |
|
vjg
|
|
Thanks for your reply Guitar Bob
Sorry, I don't like to bother you again but I do have a concern... The Dr. WebCureit results read-- OOo_3.2.0_Win32Int...C:\Documents & Settings...BackDoor.Doker.Origin C:\Documents & Settings...container contains infected... The quarantine file reads... OOo_3.2.0 Win 32Intel_install_wJRE_en_US Type: application Why does the quarantine box read differently from Dr. Web results (it doesn't even mention BackDoor.Doker) _wJRE_en refers to java, rightt? They both seem like different entities. Is VirScan.org not so reliable to use anymore? (I always forget to upload these things) Thanks again and for your patience. |
|||||||||||
|
|||||||||||||
|
| |
|
GuitarBob
|
|
The Cureit quarantine name probably just refers to the name of the virus or malware. The Cureit results probably has the real name of the infected file. _wJRE-en probably refers to the Java real-time environment.
VirsScan.org is usually my third choice for an online scanner. I try to use Jotti first, but it is busy a lot. I do not think the quality of the AVs on VirusTotal is as good as Jotti, but VirusTotal has a downloadable script that makes submission easier. I think that VirusScan.org does not update some of the AVs as often as the other two services. Lately I have been using NoVirusesThanks. They have a short list of AVs like Jotti, and they have a downloadable script and other security tools. Regards, |
|||||||||||
|
|||||||||||||
|
 | Dr. Web Cureit | |
|
||
|
|
|
Powered by phpBB © phpBB Group
Design by phpBBStyles.com | Styles Database.
Content © ClamWin Free Antivirus GNU GPL Free Software Open Source Virus Scanner. Free Windows Antivirus. Stay Virus Free with Free Software.
Design by phpBBStyles.com | Styles Database.
Content © ClamWin Free Antivirus GNU GPL Free Software Open Source Virus Scanner. Free Windows Antivirus. Stay Virus Free with Free Software.