TechSpot

Unable to delete suspected malware

By Herbert
Oct 26, 2007
Topic Status:
Not open for further replies.
  1. My system is Windows XP Home SP2.
    I use Steganos antivirus and Windows firewall. Some time ago on start up Steganos showed in an information panel the message that all threats have been successfully neutralized. The following information is shown in the details of the threats,
    detected: malware Exploit.HTML.Agent.j URL: http://85.255.118.43/data/do_z.html
    detected: riskware Invader Running process: C:\WINDOWS\Explorer.EXE
    detected: riskware Invader Running process: C:\WINDOWS\system32\winlogon.exe

    I also use Spybot and Adaware, I've done full scans with all 3 in Safe mode and nothing is detected.
    I followed the 15 steps of the preliminary removal instructions without any success - I still have the neutralized threats in Steganos.
    AVG Antispyware didn't find anything so no report, neither did Panda Antirootkit.
    Can you advise please?
    Herbert
  2. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 25,948   +19

    All clean mate.

    If your system is running ok, then delete the files in Steganos quarantine.


    If you have any further virus/spyware problems, please post in this thread.

    Regards Howard :)

    This thread is for the use of Herbert only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
  3. Herbert

    Herbert TS Rookie Topic Starter

    Unable to delete files

    Thanks again. Unfortunately the files don't apper in the quarantine section, only in one that says "detected" and which has the heading "all threats have been treated". I can find only one ot the files in - windows system 32 winlogon.exe but I'm not sure if just deleting it will sort that one out. The system seems to be operating O.K. so perhaps I should just ignore them all.
    Sorry to be a nuisance!
    Herbert
  4. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 25,948   +19

    If your AV programme says all threats have been treated, then you should trust it`s judgment.

    Do not delete the winlogon.exe file, otherwise you`ll probably crash your system.

    Don`t worry, you`re not being a nuisance. ;)

    Regards Howard :)

    This thread is for the use of Herbert only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.