three infected files found!!!

I scan my computer everyday with the AVG Virus program and for the passed week I keep getting the same Virus list each time and it says "0 files healed" and it won't let me send them to the Virus Vault to be deleted. Here is the list:
"C:\WINDOWS\TEMP\polmx2.cab:\polmx2.exe","Troj an horse Downloader.Agent.AS","Infected, Embedded object"
"C:\WINDOWS\TEMP\polmx3.cab:\polmx3.exe","Troj an horse Downloader.Agent.AS","Infected, Embedded object"
"C:\WINDOWS\TEMP\conscorr.cab:\conscorr.exe","Troj an horse Downloader.Stubby.C","Infected, Embedded object"

What should I do?

scan in safemode and then delete them. if that fails then try search the DIR in safemode and delete it manually.

I've seen advice on many occasions about searching/deleting/running AV in Safe Mode rather than folowing a normal full boot. I know that Safe Mode loads a limited number of drivers but how else does this mode allow AV functions/deletion of files etc. to be done whilst a normal full boot does not?

Andria, Have you tried delete those files? If you cannot in Windows, boot in Safe Mode w/ Command Prompt.

If you're not familiar with changing directories via command prompt follow these commands:

CD\
CD windows\temp
dir /w
del filename.extension

Hi James

I'm familiar with these commands and techniques but WHY is this possible when in Safe Mode but not following a normal full boot? Is it because some drivers are not loaded or other reasons?

The files that are infected may be in use during a normal boot whereas booting into safemode only allows for the bare minimum of files to be used.

Its because the virus is loading those files into memory and marking them as being used by the System. Booting into Safe Mode forces only the most limited, Microsoft approved things to load. Thus allowing the virus scan software to safely remove it.

Cool. My belief about minimal drivers etc. was correct - I just didn't know why!


Thanks