In order to manually remove an infected item from your computer you need to perform the following steps:
1. Restart the computer in Safe Mode. You can do that, by following the steps in our article, here.
2. Display hidden objects in Windows; information on how to display the hidden object can be found here.
3. Locate and delete (right click on the file > delete) the infected file. In our example the infected file is:
4. After you do this, you can restart the computer in Normal Mode.
Please run a Bitdefender System Scan to be sure the computer is clean.
Most common types of files you could encounter and can be safely deleted:
I. Temporary Files
The Temporary files are usually recognized as follows:
- .tmp files found on C:\, C:\Windows, C:\Windows\temp, etc.
- files found in the locations:
C:\Windows\Temp
C:\Documents and Settings\Local Settings\Temp(for Windows XP)
C:\Users\AppData\Local\Temp(for Windows Vista/7)
Note: The system drives where the primary boot volume and OS are. So if you install it to the default it will be C:\ drive; else please modify the paths accordingly.
II. Temporary Internet Files
A temporary Internet file is a file that is located on your hard drive that a browser uses to store Web site data for every Web page or URL address that you visit. When the Web server sends the Web page files to the browser, they are stored in a file so
that the next time you visit the same Web site the browser takes the data from the temporary Internet file. Loading the Web site in this way from a temporary Internet file is called caching.
The Temporary Internet Files can be found in different locations depending on the internet browser:
For Internet Explorer: the folder is …user’s profile...\Temporary Internet Files
For Mozilla Firefox: ….user’s profile…\Mozilla\Firefox\Profiles\xxxxxx.default\cache
Very similar for other browsers:
For Google Chrome: ….user’s profile…\Google\Chrome\User Data\Default\Cache
For Safari: ….user’s profile…\Apple Computer\Safari\cache.db
For Opera: ….user’s profile…\Opera\Opera\cache
For more details about the exact locations and how to delete temporary internet files check this
this article.
III. Files located in System Volume Information
Check
this KB article to learn how to clean system restore points from System Volume Information
IV. Email archives which cannot be repacked by Bitdefender
For more details and how to clean them please check
this article.
V. For files located on optical devicessuch as CDs, DVDs, Blue-Ray Discs
Unfortunately, these files cannot be cleaned since modify/delete actions are not permitted on this kind of storage devices. You can rest assured that, if you still want to use the respective device, Bitdefender On-Access Scanning will protect your PC from
any attack. However, we recommend you to take safety measures or not using the device at all on computers with no up to date security solution installed.
VI. For files located on network storages, NAS, network shares, mapped network drives, etc.
There are several reasons for Bitdefender not being able to clean the respective files such as: you only have read permissions on the respective network share/storage, therefore no actions can be taken due to limited privileges or the network share has
a different operating system not supported by your Bitdefender virus engines. You can rest assured that, if you still want to access this share, Bitdefender On-Access Scanning will protect your PC from any attack.
VII. For tmp.ebd files
In order to remove the infected objects from your computer you need to reset the Windows Update and Windows Search services by following these steps:
- Temporarily disable the Bitdefender On-Access Scanning from Bitdefender > Settings > Antivirus > Shield tab > use the ON/OFF switch for On-Access Scanning
- Go to Start > run… (for Windows XP) or Start > click on the Search box (for Windows Vista/7), type services.msc and hit Enter;
- Locate the Windows Update service, right click on the entry and choose Restart from the dropdown menu;
- Locate the Windows Search service and restart it as well;
- Reboot the PC and check if the issue reoccurs.