• 0
Sign in to follow this  
rkellock

When does disinfect and clean mean delete

Question

So I run a full scan and a virus is identified. So I opt for disinfect and clean and the results I'm told are that the file has been deleted. Sounds great except that the file where the virus was found was a pst of 2011 and 2012 emails and nothing had been added to that pst since early 2013. So several questions spring to mind. How did that file that hasn't been touched in more than 18 months suddenly develop a virus? Then why does disinfect and clean mean delete (with no option to cancel)? Then why is AdAware not able to identify the email within the PST that contains the virus and deal with that rather than deleting the entire PST? And finally and most importantly how do I undelete the file? It's nowhere. It's not in my recycling bin. There's no option to undelete it from within AdAware. I do wonder whether I would be better to take my chances with the viruses if this is the level of control my antivirus software affords me.

 

Any help gratefully received.

Share this post


Link to post
Share on other sites

9 answers to this question

Recommended Posts

  • 0

Hi rkellock,

 

Ad-Aware, as all antivirus programs, gets new definitions several times a day. In one of the latest ones, probably a definition has been added that matches an attachment or URL (link) in the .pst file.

 

According to the manual, Ad-Aware deletes a file when it's impossible to disinfect it. The .pst file is one single file containing all emails, as far as I know it's impossible to delete a single email within it without either breaking the license agreement with Microsoft or corrupt the .pst file.

 

I recommend that you change the settings in Ad-Aware to quarantine files instead of disinfecting them.

 

Regarding file rescuing, you need to stop using that hard disk immediately and instead connect it to another computer. When Windows is running, it can overwrite the .pst file and it's impossible to recover it.

Examples of file rescuing programs are:
http://www.piriform.com/recuva
http://www.pcinspector.de/default.htm?language=1
http://www.officerecovery.com/freeundelete/
http://www.krollontrack.com/data-recovery/recovery-software/
http://www.stellarinfo.com/
http://www.lsoft.net/file_recovery.aspx

 

A recommendation for the future, a hard disk can crash at any time and it's very important to have backups of all important files.

Share this post


Link to post
Share on other sites
  • 0

Hi CeciliaB

 

I have version 11.1.5354.0 and have looked at the manual - had to, to work out what Ad-Aware was doing! Regret I cannot see anything in there that says Ad-Aware deletes a file when it's impossible to disinfect it, other than a strangely worded instruction/comment on Manual page 54 that says -

 

If you have performed a Quick Scan, the Scan Complete screen always displays even if any threats were found. If any threat is found during the Quick Scan, it is automatically deleted.

 

- But no threats have been shown on my screen as automatically deleted - always been offered the usual clean actions for detected risks (Quarantine, Ignore, Delete, or Disinfect)

 

 

All I am aware of is that page 54 of the manual also says, and much more clearly -

 

The action applied to each threat by default is Quarantine

 

- also, same page although again oddly phrased -

 

The action applied to all threat by default is Recommended that implies Quarantine

 

- Now, you seem to be saying this is not true? If Ad-Aware is actually deleting alleged threats without telling, then I shall revert back to v9.6 again as I can at least trust that version not to arbitrarily delete files!

 

Can you confirm Ad-Aware is not deleting files it perceives as threats please. . :unsure:.

 

Thanks.

 

Share this post


Link to post
Share on other sites
  • 0

Hi Roth,

 

Was it a Quick Scan, Full Scan, Custom Scan or Real-time protection that deleted your .PST file?

 

Please, see page 104, last sentence of the Disinfect Action section, in the manual.

 

I can't confirm anything since I'm not working at Lavasoft, but I can ask my contact person when appropriate.

Share this post


Link to post
Share on other sites
  • 0

Hi CeciliaB

 

Thanks for the reference but why would we be carrying out an Ad-Aware command line scan of any type, let alone the boot sector, when the GUI floating panel is quite adequate for selecting a full system scan within the OS?

 

I am new to Ad-Aware 11, not even activated and only just registered for this forum. I was actually looking for something else but saw this thread and was concerned as it does effect me - unless you are discussing a DOS environment selective scan, in which case it won't effect me?

 

Perhaps I've completely misunderstood?

 

I appreciate your position - and your help - I imagine Ad-Aware 11 is relatively new to you too?

Share this post


Link to post
Share on other sites
  • 0

Hi Roth,

 

The command line scanner and the normal Ad-Aware program work in the same way. But I didn't check the manual before reading your question, I only accepted it when Lavasoft once said that it was mentioned in the manual. I agree with you that the manual should explain it in more detail.

 

The recommendation is to let Ad-Aware quarantine files and not to disinfect them. In the case of using Outlook or another email program that stores all emails in one file, and if you haven't a backup of it, maybe even add the email file to the exclusion list.

 

Ad-Aware 11 was released in October, so not very new, but Ad-Aware never finds anything malicious in my computer.

Share this post


Link to post
Share on other sites
  • 0

Hi CeciliaB

 

Thank you, I have included my M$ Outlook Express directory in the Ignore list, so should be safer now. After a recent Zero day infection I found Ad-Aware v9.6 really did mop up the residual problems and am now hoping v11 will live up to expectations - once I'm used to it and work out how to activate and update it!

 

Thank you for your advice and help

Share this post


Link to post
Share on other sites
  • 0

Hi Roth,

 

How does Outlook Express store the emails, all in one file or one file for each email?

In the latter case it would be safe to let Ad-Aware quarantine an email.

Share this post


Link to post
Share on other sites
  • 0

Hi CeciliaB

 

All my OE folders are .dbx and each .dbx contains many emails. I don't think Ad-Aware will scan a .dbx in detail but if so, and it extracted an infected email, I would have thought the whole .dbx folder would be corrupted and unreadable. I have .pst files in the same general location so the easiest thing to do is have Ad-Aware ignore the main directory containing these files. All my emails are checked by my anti-virus so are unlikely to be a source of infection anyway.

 

Now I am aware of the problem, the solution is simple - many thanks for your help but please ask the manual writers to make this problem clear.

Share this post


Link to post
Share on other sites
  • 0

Hi Roth,

 

Yes, best to let Ad-Aware ignore the email files and I'll inform the manual writers.

 

You're welcome :)

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this