Selected object is located inside the archive and cannot be healed.
ok, so, what does that mean?
Printable View
Selected object is located inside the archive and cannot be healed.
ok, so, what does that mean?
You may want to run your computer in safe mode and re-run the virus program.
If that doesn't work, then you're going to need to wipe your computer.
Sometimes, viruses "plant" in programs that when a AV program goes to remove them, it does until the user turns the computer off...when the computer is turned back on...the program fires up the virus again. If it's in your archive, that's most likely what it is doing.
Putting the computer in safe mode and then running the AV program, usually, gets rid of the virus. Simply because in safe mode, the computer doesn't "back" itself up.
Anyways...try it that way...sorry for the novel.
Venus is right. Did your anti-virus program give you an option sort of like "Would you like to run (AV program name) at your next startup"? If it does, use that option. At your next restart, only the virus program will start up first, and it will be able to delete the virused files since the AV program is stopping anything else from opening up. If it doesn't give you that option when you try to get rid of the virus, check your preferences for a "run on startup" option in your AV preferences.
Also.. Are you trying to delete the file, or are you trying to clean it? Most times, it won't clean a virused file, but it will delete it without a problem.
What do you use for your Anti-Virus?
It could mean that it's been quarantined instead of healed, or it could mean it's in a backup and not in your current directories. It depends on the AV program you're using.
I just got hit by one.. It opened up 47 internet explorer popup windows. I'm in the process of cleaning my system right now. It killed my Anti-Virus, my Anti-Spyware, killed my taskbar (it disappeared), wouldn't let me into my files or start menu, and a bunch of other crap. Whenever I tried to close one of the popups, (or repeatedly tried to close a bunch of them by clicking the hell out of the Xs) it would open more up to get right back up to 47.
Not sure where it came from, but be careful everyone. It comes on real quick. I'll let you know what I find out.
Sounds more like an exploit than a virus. I now surf with active-x off and j/script on prompt because I can't be bothered to waste time clearing out all the rubbish.
If you've got cool web search, which is now pretty common, you'll have to do some fancy stuff to get rid of it.
Nah, this is a virus. I also don't have CoolWebSearch. I've had that in the past and know how to get rid of it.
It probably means your AntiVirus program was scanning an "archive" such as a .zip file or a .rar file and found a virus in it. My AV is set to scan every week including inside archived files. Sometimes AV programs cannot delete a file in an archive/compressed zip file. It has to be done manually.Quote:
Originally Posted by LoveSexMoney
yes the extension is .zip
I don't know how to run my av program from safe mode.
I tried to set the program to run upon start up but can't seem to find that option.
How do I remove them (there are 4) manually?
You do not need to be in safe mode to delete a file in a zip. First do you need all the files in the zip?...if not delete the whole zip file. Please tell us the entire names of the files inside the zip.
Usually i just double click the zip file and it opens up showing the files inside. Then i would highlight the "offending" file and hit the delete key. Usually the "offending" file ends in .scr or .exe or .com. Do not double click on the "offending' file or try to run it.
EDIT: or ends in .bat too.
I'll have to run the program again. This will take awhile so I'll be back later. Thanks for the help so far everyone.Quote:
Originally Posted by WiseGuy_TX
ok so it turns out that when I run the program manually, it does not find these infected files. Only when the program runs automatically like you said Rhi. I didn't even know I had it set to do that. I could have just gone into the history or whatever. Anyhow...
Local Settings\Temp\Temporary Internet Files\Content.IE5\0D0FCDOL\arc[1].zip:\VerifierBug.class (Virus identified Java/ByteVerify) (Infected, Embedded object)
Local Settings\Temp\Temporary Internet Files\Content.IE5\0D0FCDOL\arc[1].zip:\Counter.class (Virus identified Java/ByteVerify) (Infected, Embedded object)
Local Settings\Temp\Temporary Internet Files\Content.IE5\0D0FCDOL\arc[1].zip (Virus identified Java/ByteVerify) (Infected, Archive)
Local Settings\Temp\Temporary Internet Files\Content.IE5\6GAC62YC\DS3[1].cab:\DS3.dll (Trojan horse Downloader.Lookme.A) (Infected, Embedded object)
Local Settings\Temp\Temporary Internet Files\Content.IE5\6GAC62YC\DS3[1].cab (Trojan horse Downloader.Lookme.A) (Infected, Archive)
Local Settings\Temporary Internet Files\Content.IE5\RJT3BHOK\mmed[1].cab:\mm20.ocx (Trojan horse Downloader.VB.3.BQ) (Infected, Embedded object)
Local Settings\Temporary Internet Files\Content.IE5\RJT3BHOK\mmed[1].cab (Trojan horse Downloader.VB.3.BQ) (Infected, Archive)
Is all this mumbo jumbo adversely affecting my computer and if so how do I get rid of it? Just delete it?
These are all located in the "\Temporary Internet Files" folder so it is safe to delete them all. Temp files are safe to delete. Delete arc[1].zip, DS3[1].cab, mmed[1].cab. You also can delete the entire folders "0D0FCDOL","6GAC62YC", and "RJT3BHOK". Then reboot and see if they reappear. If they do reappear, then you'll need to try what VG said and boot in safe mode and delete them again and run your AV..
And, being that you got hit with a Trojan horse, I would suggest that you go and change all of your passwords immediately.
Those files you listed are all safe to delete.
I would still recommend that you run the AV in safe mode, as well. If you are not sure how to do it...go here: http://service1.symantec.com/SUPPORT...rc=sec_doc_nam
the little fuckers have been eradicated. Thank you to EVERYONE!!! *muah*
Woot! Congrats, Sapph!!!
I had one of those new ones that shuts everything down and gives you the popups.. Got rid of it in no time though. They're evasive little bastards though.
Just as a side note - you shouldn't double click on suspect files, always start the program and open the file from that. Windows will flick programs if the file has got a wrong extension and you could be running an exe. One of the tricks I do is to give an html page a suffix of jpg. Surfers hunting for free porn through a broken picture sequence will pick it up, and then you can show them a full sales page instead of just a picture.
btw I don't install exploits, I don't even use j/script to start popups.
;D I'm smiling because I didn't understand a word of what you just said.
So, I'm sitting here feeling like a total non-nerd (remember my nerdiness score?) because try as I might...I just do not understand it.
LOL
Anywho...
omg, I've had CoolWebSearch forever and can't get rid of it. Can you please tell me how to do it. Thanks.Quote:
Originally Posted by Rhiannon