first off, i apologize if this has been covered somewhere else. i've searched for hours but never found the answer.
i run a Symantec virus scan every morning in the wee hours. this morning it reported finding an infected file (which it successfully quarantined):
the file kmdupdate.exe was said to be infected with Infostealer.Gampass
in the location E:\Documents and Settings\Administrator\My Documents
(my e: drive was an old system disc on an old machine, hence that folder structure there.)
in a panic, i had symantec delete the file from the system. this was stupid because i didn't get to see when it was created or any other info on it.
However, as far as i know, i never ran that executable.
so my question(s):
1)did my anti-virus catch it before it infected my system?
2)or does the finding mean that the infostealer.gampass is on my system and infected that file?
(i found no other instances of it in my rescan after deletion. i ran SpyBot and found the normal cookies, but no malware. i have yet to restart my machine because i've spent the last 6 hours scanning forums for answers)
3) is my system clean and safe to use online, including entering passwords, online shopping, etc. ?
4) and the nagging question, where the hell did that file come from? (see below for more information.)
i had Azureus open last night and downloading some music.
so, some people will say, "it's obvious, the file came from a download."
well, a few things that bother me:
1. i haven't touched that folder for a long time.
2. my files from Azureus are set to be stored on my F: drive
3. Azureus is set to move files to a different folder on the same drive
4. i had not (before finding the notification) and still have not touched any of the files i was downloading.
i've taken steps to start a full system exploration using the steps listed in the forums.
sorry for such a long post...
i just want to know if i never opened the .exe file, can i be infected?
THANKS!!!
i run a Symantec virus scan every morning in the wee hours. this morning it reported finding an infected file (which it successfully quarantined):
the file kmdupdate.exe was said to be infected with Infostealer.Gampass
in the location E:\Documents and Settings\Administrator\My Documents
(my e: drive was an old system disc on an old machine, hence that folder structure there.)
in a panic, i had symantec delete the file from the system. this was stupid because i didn't get to see when it was created or any other info on it.
However, as far as i know, i never ran that executable.
so my question(s):
1)did my anti-virus catch it before it infected my system?
2)or does the finding mean that the infostealer.gampass is on my system and infected that file?
(i found no other instances of it in my rescan after deletion. i ran SpyBot and found the normal cookies, but no malware. i have yet to restart my machine because i've spent the last 6 hours scanning forums for answers)
3) is my system clean and safe to use online, including entering passwords, online shopping, etc. ?
4) and the nagging question, where the hell did that file come from? (see below for more information.)
i had Azureus open last night and downloading some music.
so, some people will say, "it's obvious, the file came from a download."
well, a few things that bother me:
1. i haven't touched that folder for a long time.
2. my files from Azureus are set to be stored on my F: drive
3. Azureus is set to move files to a different folder on the same drive
4. i had not (before finding the notification) and still have not touched any of the files i was downloading.
i've taken steps to start a full system exploration using the steps listed in the forums.
sorry for such a long post...
i just want to know if i never opened the .exe file, can i be infected?
THANKS!!!