Virus Vault Question

[rich]

I use AVG and was wondering if I need to remove the viruses from the
Virus Vault before doing a anti-virus scan/clean to disinfect my
computer.

Thanx.

Rich

 

[David H. Lipman]

From: <[email protected]>

| I use AVG and was wondering if I need to remove the viruses from the
| Virus Vault before doing a anti-virus scan/clean to disinfect my
| computer.
|
| Thanx.
|
| Rich

No. leave them there.

If a file is judged to be infected it is moved there and is safe. If the file is falsely
declared as infected, it can be restored to its orginal location. Leave them there until
you are completely sure it was righteous to declare it/them as malware. Then you can purge
the file(s) from the Virus Vault.

 

[rich]

From: <[email protected]>

| I use AVG and was wondering if I need to remove the viruses from the
| Virus Vault before doing a anti-virus scan/clean to disinfect my
| computer.
|
| Thanx.
|
| Rich

No. leave them there.

If a file is judged to be infected it is moved there and is safe. If the file is falsely
declared as infected, it can be restored to its orginal location. Leave them there until
you are completely sure it was righteous to declare it/them as malware. Then you can purge
the file(s) from the Virus Vault.

Thanx. Since they are just temporary internet files I think that it is
safe to delete them regardless of whether they are truly malignant.
How do I purge them from the Virus Vault and where do they go when
they are purged?

Rich

 

[David H. Lipman]

From: <[email protected]>


|
| Thanx. Since they are just temporary internet files I think that it is
| safe to delete them regardless of whether they are truly malignant.
| How do I purge them from the Virus Vault and where do they go when
| they are purged?
|
| Rich

That's correct.

I don't use AVG so I don't have instructions on how to purge the Virus Vault.

Presumably when the Virus Vault is purged the files are completely deleted and are not
restorable.

 

[rich]

From: <[email protected]>


|
| Thanx. Since they are just temporary internet files I think that it is
| safe to delete them regardless of whether they are truly malignant.
| How do I purge them from the Virus Vault and where do they go when
| they are purged?
|
| Rich

That's correct.

I don't use AVG so I don't have instructions on how to purge the Virus Vault.

Presumably when the Virus Vault is purged the files are completely deleted and are not
restorable.

OK. The reason I ask is after doing the virus scan and cleaning the
infected files everything was fine until I deleted the infected files
from the Virus Vault. Then all the exploit buggers returned when I ran
AVG. Another virus program confirmed the presence of the exploit code.
I had ten exploit files infected on a recent scan. And they all seem
connected to IE which I don't even use as I use FireFox.

Rich

 

[David H. Lipman]

From: <[email protected]>

|
| OK. The reason I ask is after doing the virus scan and cleaning the
| infected files everything was fine until I deleted the infected files
| from the Virus Vault. Then all the exploit buggers returned when I ran
| AVG. Another virus program confirmed the presence of the exploit code.
| I had ten exploit files infected on a recent scan. And they all seem
| connected to IE which I don't even use as I use FireFox.
|
| Rich

The files are returning by "other" means.

Right now you have only supplied generic information. That is Exploit code found in the IE
TIF.

Whose TIF ?
Each user has their own IE cache.

What Exploits ?
What exactly are the files and what AVG and the other unamed anti virus application called
the files.

 

[Marc Lewis]

+ User FidoNet address: 1:396/45
Hello all.

<<Following up a message from MZB about Re: Virus Vault Question
M> My Exploit has not come up again, but I need to run AVG
M> again to find out.

M> I use IE 6.0/OE.

I'd very strongly recommend Firefox. Far less apt to pick up
garbage like you've been complaining about than IE. It's got a
good look and feel; it's features are _very_ good.

M> I have heard some horror stories in upgrading to IE 7.0 so
M> I'm hesitant to do so. I figure they will soon do that at
M> my work and I can learn about it there.

IE 7 has a ways to go to match the stuff coming out of
Mozilla.org.

Best regards,
Marc
-+- timEd/2 1.10.y2k+
+++++++++++++++++++++++++++++++++++++++++++++++++++++++
+ The FidoNet News Gate (Meridian, MS - USA) +
+ The views of this user are strictly his or her own. +
+++++++++++++++++++++++++++++++++++++++++++++++++++++++

 

[rich]

Right now you have only supplied generic information. That is Exploit code found in the IE
TIF.

Whose TIF ?

Mine. I am the only user.

Each user has their own IE cache.

What Exploits ?
VLM-6


What exactly are the files and what AVG and the other unamed anti virus application called
the files.

Well I just ran AVG and Trend Micro and both came up clean so I will
keep my fingers crossed. I will not use Internet Explorer and will
only visit sites that I reasonably know are clean.

But I have a funny feeling that sometime in the next couple days I am
going to get the AVG pop up saying that there is an exploit threat on
my computer. I hope my hunch is wrong.

Thanx for your help.

Rich

 

[David H. Lipman]

From: <[email protected]>

| On Mon, 15 Jan 2007 20:13:48 GMT, "David H. Lipman"
|
| Mine. I am the only user.
||
| VLM-6
||
| Well I just ran AVG and Trend Micro and both came up clean so I will
| keep my fingers crossed. I will not use Internet Explorer and will
| only visit sites that I reasonably know are clean.
|
| But I have a funny feeling that sometime in the next couple days I am
| going to get the AVG pop up saying that there is an exploit threat on
| my computer. I hope my hunch is wrong.
|
| Thanx for your help.
|
| Rich

VLM-6 ?

Never heard of it and "VLM-6" is not in the AVG encyclopedia.

Are you sure it wasn't VML as in "Vector Markup Language".

Do you have a log file excerpt ?

 

[rich]

From: <[email protected]>

| On Mon, 15 Jan 2007 20:13:48 GMT, "David H. Lipman"

|
| Mine. I am the only user.
|
|
| VLM-6
|
|
| Well I just ran AVG and Trend Micro and both came up clean so I will
| keep my fingers crossed. I will not use Internet Explorer and will
| only visit sites that I reasonably know are clean.
|
| But I have a funny feeling that sometime in the next couple days I am
| going to get the AVG pop up saying that there is an exploit threat on
| my computer. I hope my hunch is wrong.
|
| Thanx for your help.
|
| Rich

VLM-6 ?

Never heard of it and "VLM-6" is not in the AVG encyclopedia.

Sorry. It was VML-6 and it came from the Clam AV program

Do you have a log file excerpt ?

Sorry. I must have deleted it. If it pops back up I will report back.

Rich

 

[MZB]

Rich:

As I posted to you elsewhere, we seem to have similar problems.

My Exploit has not come up again, but I need to run AVG again to find out.

I use IE 6.0/OE.

I have heard some horror stories in upgrading to IE 7.0 so I'm hesitant to
do so. I figure they will soon do that at my work and I can learn about it
there.

When the Exploit/AVG popup occurred I was on YOUTUBE, a site a RARELY visit.
So maybe the problem was on their site.

Can you identify a suspect site for you?

Also, my EXPLOIT is now in the Virus Vault.

To get rid of it, you go to Virus Vault, highlight it, go to the menu item
"action" and then pick delete it from the drop down menu.

I'm just going to keep it where it is for now.

Let me know how things progress.

I am going to run AVG and hope it is clear/

Mel

 

[Phil Weldon]

'David H. Lipman, DDS' wrote:
| VLM-6 ?
|
| Never heard of it and "VLM-6" is not in the AVG encyclopedia.
|
| Are you sure it wasn't VML as in "Vector Markup Language".
|
| Do you have a log file excerpt ?
|
_____

You keep drilling and drilling and drilling B^

Phil Weldon

| From: <[email protected]>
|
|| On Mon, 15 Jan 2007 20:13:48 GMT, "David H. Lipman"
||
| >> Right now you have only supplied generic information. That is Exploit
code found in the
| >> IE TIF.
| >>
| >> Whose TIF ?
||
|| Mine. I am the only user.
||
| >> Each user has their own IE cache.
| >>
| >> What Exploits ?
||
|| VLM-6
||
| >> What exactly are the files and what AVG and the other unamed anti virus
application
| >> called the files.
||
|| Well I just ran AVG and Trend Micro and both came up clean so I will
|| keep my fingers crossed. I will not use Internet Explorer and will
|| only visit sites that I reasonably know are clean.
||
|| But I have a funny feeling that sometime in the next couple days I am
|| going to get the AVG pop up saying that there is an exploit threat on
|| my computer. I hope my hunch is wrong.
||
|| Thanx for your help.
||
|| Rich
|
| VLM-6 ?
|
| Never heard of it and "VLM-6" is not in the AVG encyclopedia.
|
| Are you sure it wasn't VML as in "Vector Markup Language".
|
| Do you have a log file excerpt ?
|
| --
| Dave
| http://www.claymania.com/removal-trojan-adware.html
| http://www.ik-cs.com/got-a-virus.htm
|
|

 

[rich]

Sorry. I must have deleted it. If it pops back up I will report back.

Rich

Well it popped back up again. This time AVG scan came up clean but
Clam AV came up with Exploit.HTML.MHTReDir-8.

 

[David H. Lipman]

From: <[email protected]>

| On Mon, 15 Jan 2007 21:26:02 +0000, (e-mail address removed) wrote:
||
| Well it popped back up again. This time AVG scan came up clean but
| Clam AV came up with Exploit.HTML.MHTReDir-8.

The fully qualified path is ?