Decisions ?

[Bizet]

I have just completed an Avast boot time scan which found 3 cases of Win32:Malware-gen and I was given five choices about what the program would do.

I wasn't too sure and in the end went for "Send to Chest" was this a good decision or should I have picked Delete.

Regards Bizet

[Alikhan]

It was a good decision. Sending them to chest makes them restoreable if they were false positives. The virus chest keeps them secure from the PC. Delete should always be the last option.

[DavidR]

You have done the right thing - Deletion isn't really a good first option (you have none left), 'first do no harm' don't delete, send virus to the chest (a protected area) and investigate.

There is no rush to delete anything from the chest, a protected area where it can do no harm. Anything that you send to the chest you should leave there for a few weeks. If after that time you have suffered no adverse effects from moving these to the chest, scan them again (inside the chest) and if they are still detected as viruses, delete them.


Now comes the investigation:
What are the file names and locations ?
Has this/these file/s been on your system for some time ?

[Bizet]

It was a good decision. Sending them to chest makes them restoreable if they were false positives. The virus chest keeps them secure from the PC. Delete should always be the last option.

Thank you Alikhan, that's very reassuring, and has added to my knowledge.

Regards Bizet,

[Bizet]

You have done the right thing - Deletion isn't really a good first option (you have none left), 'first do no harm' don't delete, send virus to the chest (a protected area) and investigate.

There is no rush to delete anything from the chest, a protected area where it can do no harm. Anything that you send to the chest you should leave there for a few weeks. If after that time you have suffered no adverse effects from moving these to the chest, scan them again (inside the chest) and if they are still detected as viruses, delete them.


Now comes the investigation:
What are the file names and locations ?
Has this/these file/s been on your system for some time ?

Hello DavidR thanks for your fast response, and regarding your questions, will the Chest contain the info you need,and is it readable, if so I will go into it and let you know a little later because dinner is ready and I've been called.

Regards Bizet

[Bizet]

You have done the right thing - Deletion isn't really a good first option (you have none left), 'first do no harm' don't delete, send virus to the chest (a protected area) and investigate.

There is no rush to delete anything from the chest, a protected area where it can do no harm. Anything that you send to the chest you should leave there for a few weeks. If after that time you have suffered no adverse effects from moving these to the chest, scan them again (inside the chest) and if they are still detected as viruses, delete them.


Now comes the investigation:
What are the file names and locations ?
Has this/these file/s been on your system for some time ?

Hello DavidR thanks for your fast response, and regarding your questions, will the Chest contain the info you need,and is it readable, if so I will go into it and let you know a little later because dinner is ready and I've been called.

Regards Bizet

Ok I managed to do the job before my wife started shouting lol
here's what I copied hopr it's ok. Bizet

Name.                                 Location.
agrsmdel.exe             C:\hp\drivers\modem_Agere_Sequoia

agrsmdel.exe             C:\WINDOWS

agrsmdel.exe             D:\i386\Drv\APP23264\src

[Alikhan]

Could you upload the infected file to : https://www.virustotal.com/

Post the results.

[Bizet]

Could you upload the infected file to : https://www.virustotal.com/

Post the results.

I inserted the file name in the line, and each time it came back with "No comments" and when I tried their data base search it informed me it was not included.

Some side info, it seems to be related to drivers, and two days ago I reinstalled Windows, but backed up everything except the Video drivers, and I have been trawling the internet looking for a free driver, but only found out after downloading the various progs that they were either chargeable or had some other requirement which I didn't like the sound of.

This is probably how I suddenly aquired the viruses, and have never had one previously whilst scanning every day with Avast.

Regards Bizet. 

[Alikhan]

Could you upload the infected file to : https://www.virustotal.com/

Post the results.

I inserted the file name in the line, and each time it came back with "No comments" and when I tried their data base search it informed me it was not included.

Some side info, it seems to be related to drivers, and two days ago I reinstalled Windows, but backed up everything except the Video drivers, and I have been trawling the internet looking for a free driver, but only found out after downloading the various progs that they were either chargeable or had some other requirement which I didn't like the sound of.

This is probably how I suddenly aquired the viruses, and have never had one previously whilst scanning every day with Avast.

Regards Bizet.

Try this:

Start>Search "Show hidden files or folders">"Enable" Show hidden files and Drives and also "uncheck" Hide extensions for known file types.

Once you've uploaded them, restore the settings back to default.

[Bizet]

Could you upload the infected file to : https://www.virustotal.com/

Post the results.

I inserted the file name in the line, and each time it came back with "No comments" and when I tried their data base search it informed me it was not included.

Some side info, it seems to be related to drivers, and two days ago I reinstalled Windows, but backed up everything except the Video drivers, and I have been trawling the internet looking for a free driver, but only found out after downloading the various progs that they were either chargeable or had some other requirement which I didn't like the sound of.

This is probably how I suddenly aquired the viruses, and have never had one previously whilst scanning every day with Avast.

Regards Bizet.

Try this:

Start>Search "Show hidden files or folders">"Enable" Show hidden files and Drives and also "uncheck" Hide extensions for known file types.

Once you've uploaded them, restore the settings back to default.

Hi my settings were already in that state, and still no response change from the site, btw now that I have had the offending files dispatched to the Avast Chest is it still necessary to discover more about them?

Regards Bizet

[Tangy]

agrsmdel.exe (LTRemove) is an executable from the software LTRemove version 1.7.0 by Agere Systems. This file is safe. I think.

Check this link out.

http://processchecker.com/file/agrsmdel.exe.html

[Bizet]

agrsmdel.exe (LTRemove) is an executable from the software LTRemove version 1.7.0 by Agere Systems. This file is safe. I think.

Check this link out.

http://processchecker.com/file/agrsmdel.exe.html

Many thanks Tangy, I found that interesting reading, and feel a lot better after doing so.

Regards Bizet