three infected files found!!!

Discussion in 'System Security & Infection Support' started by andriarox, Dec 27, 2004.

  1. andriarox

    andriarox

    Joined:
    Dec 16, 2004
    Messages:
    7
    Likes Received:
    0
    Location:
    Virginia
    I scan my computer everyday with the AVG Virus program and for the passed week I keep getting the same Virus list each time and it says "0 files healed" and it won't let me send them to the Virus Vault to be deleted. Here is the list:
    "C:\WINDOWS\TEMP\polmx2.cab:\polmx2.exe","Trojan horse Downloader.Agent.AS","Infected, Embedded object"
    "C:\WINDOWS\TEMP\polmx3.cab:\polmx3.exe","Trojan horse Downloader.Agent.AS","Infected, Embedded object"
    "C:\WINDOWS\TEMP\conscorr.cab:\conscorr.exe","Trojan horse Downloader.Stubby.C","Infected, Embedded object"

    What should I do?
     
    andriarox, Dec 27, 2004
    #1
    1. Advertisements

  2. andriarox

    spike228 ST 38 VIP Member

    Joined:
    Jul 18, 2004
    Messages:
    2,256
    Likes Received:
    18
    Location:
    Honolulu, Hawaii
    scan in safemode and then delete them. if that fails then try search the DIR in safemode and delete it manually.
     
    spike228, Dec 27, 2004
    #2
    1. Advertisements

  3. andriarox

    Tosca VIP Member

    Joined:
    Nov 8, 2004
    Messages:
    249
    Likes Received:
    3
    Location:
    Townville
    I've seen advice on many occasions about searching/deleting/running AV in Safe Mode rather than folowing a normal full boot. I know that Safe Mode loads a limited number of drivers but how else does this mode allow AV functions/deletion of files etc. to be done whilst a normal full boot does not?
     
    Tosca, Dec 27, 2004
    #3
  4. andriarox

    James Photojournalist

    Joined:
    Dec 24, 2002
    Messages:
    6,662
    Likes Received:
    35
    Andria, Have you tried delete those files? If you cannot in Windows, boot in Safe Mode w/ Command Prompt.

    If you're not familiar with changing directories via command prompt follow these commands:

    CD\
    CD windows\temp
    dir /w
    del filename.extension
     
    James, Dec 27, 2004
    #4
  5. andriarox

    Tosca VIP Member

    Joined:
    Nov 8, 2004
    Messages:
    249
    Likes Received:
    3
    Location:
    Townville
    Hi James

    I'm familiar with these commands and techniques but WHY is this possible when in Safe Mode but not following a normal full boot? Is it because some drivers are not loaded or other reasons?
     
    Tosca, Dec 27, 2004
    #5
  6. andriarox

    D Schrute Assistant Sensei VIP Member

    Joined:
    Aug 31, 2004
    Messages:
    1,201
    Likes Received:
    19
    Location:
    VA & NC
    The files that are infected may be in use during a normal boot whereas booting into safemode only allows for the bare minimum of files to be used.
     
    D Schrute, Dec 27, 2004
    #6
  7. andriarox

    Fenis-Wolf VIP Member

    Joined:
    Apr 30, 2003
    Messages:
    2,951
    Likes Received:
    35
    Location:
    Ann Arbor, Mi
    Its because the virus is loading those files into memory and marking them as being used by the System. Booting into Safe Mode forces only the most limited, Microsoft approved things to load. Thus allowing the virus scan software to safely remove it.
     
    Fenis-Wolf, Dec 27, 2004
    #7
  8. andriarox

    Tosca VIP Member

    Joined:
    Nov 8, 2004
    Messages:
    249
    Likes Received:
    3
    Location:
    Townville
    Cool. My belief about minimal drivers etc. was correct - I just didn't know why!


    Thanks
     
    Tosca, Dec 27, 2004
    #8
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.