English  | Deutsch | Dansk | Français | Español

WHY DOESN'T BULLGUARD REMOVE THIS VIRUS?


Most likely, the detected virus is placed inside an archive-file or packed file.

An archive-/packed file is characterized by being 1 file containing a bunch of other files.

The most common example is your mail-archive: Most mail-programs use 1 file which contains all the mails you sent and receive. Outlook, Outlook Express and Eudora are examples of mail-programs using an archive-file to store all emails.

Each mail-program has its own special way of keeping track of the individual files inside the archive-file. This is why it's very dangerous for 3rd party companies - like BullGuard or other anti-virus producers - to mess around inside these files: Since we can never be 100% sure to know the internal logic of the file there is a great risk of messing up the archive-file and making it unreadable to the mail-program.

This danger is very real: The world of anti-virus is full of horror-stories telling the tale of anti-virus products trying to remove a virus from an archive-file and ending up accidentally deleting the entire inbox for the user.

This is why BullGuard doesn't offer an automatic removal in these cases. The risk of destroying all your e-mails is simply too great.


How to remove a virus manually?

 

 

Sometimes, when BullGuard encounters a virus on your computer, you will not be given the option to disinfect.

 

You can read why in the box to the right. This guide will show you how to remove such a virus manually.
If you are not familiar with computers, it is recommended that you team up with a computer-wise friend :)

 

 

2

 

 

Note: This guide is for BullGuard v7.0 for Windows XP (also valid for v6.x). If you are using Windows Vista, choose the following guide: BullGuard v7.0 for Vista.

 

 

1- button Locate the virus

 

 

 

First of all you have to locate the virus. To do so, take a close look at what BullGuard tells you in the message box:

 

"Object C:\Documents and settings\Tjes Boogie\Local settings\Application data\Outlook\Outlook.pst => [subject: eicar] [from: Theis Sondergaard] => eicar.com is infected with EICAR STANDARD TEST FILE"

 

In the above example it is clear that the virus is located in the users Outlook - an e-mail with the subject "eicar", sent by a person called "Theis Sondergaard" has an attachment called "eicar.com" which is a virus.

 

 

Another example is this:

 

"Object C:\Documents and settings\work.zip => eicar.com is infected with EICAR STANDARD TEST

FILE"

 

Here we are dealing with a file within a zip-archive - the file "eicar.com" is a virus and it is placed within the archive-file "work.zip".


It's now your turn to figure out if the virus your BullGuard has found is located inside your mail-archive, a zip-archive or a third place:

 

1 My BullGuard has detected a virus inside a mail-archive

1 My BullGuard has detected a virus inside a zip-archive or rar-archive
1 My BullGuard has detected a virus, but it doesn't fit any of the above scenarios

 

 

2- button Removing a virus inside a zip-archive or rar-archive

 

 


First, locate the file containing the virus: Take a close look at what BullGuard told you

about the archive containing the infected file and where it's located:

 

"Object C:\Documents and settings\work.zip => eicar.com is infected with EICAR STANDARD TEST

FILE"

 

In the above example you have to locate the archive-file "work.zip" placed in the folder "Documents and settings". This archive contains the infected file "eicar.com".

 

Use Windows Explorer to locate the archive file.

 

 

3 - button Unzip / Unrar the contents of the archive

 

 


When you've located the archive file, double-click to open it.
Use the archive program (Winzip, Winrar) to unpack the contents of the archive to an empty folder.

 

 

 

4 - button Delete the original archive

 

 


Now that you've unpacked the files inside the archive to your disk, you can safely delete the original archive file (in the above example: the file "work.zip").

 

 

 

5 - button Re-scan the unpacked files to locate the infected file

 

 


Use BullGuard to scan the folder which contains the unpacked files from the archive.

 

When BullGuard finds the infected file, you will now have the options to delete/disinfect the

file (in the above example: the file "eicar.com").

 

 

6 - button Re-archive the files

 

 


You now have a folder containing the remains of the archive file. Use your archive program

(Winzip, Winrar) to compress the files into an archive-file once again (in the above example:

create an archive called "work.zip" from the remaining files).

 

 

7 - button You're done

 

 


That's it. You have succesfully removed the virus from your computer. It's now a good idea to re-scan your harddisk with BullGuard to make sure that your computer is clean.

 

 

If you did not find the solution you were looking for, please feel free to contact our Support.

 

Ask Red Live Red Top of page