Hi,
when i use bitcomet and when i open the www.mininova.org web page to download a torrent, avast catches a dialer which installs this on my temporary internet files :
Content.IE5\4LVQRUSU\fullgames[1].exe
I try to delete/move/transfer to chest but i get the message that “Avast!the process cannot access the file because it is being used by another process”
Can you tell me how to handle fullgames.exe ?
I can only let it in my harddisk and then remove it.
Can i prevent it from being installed in the first place and why avast cannot delete it in real time? Which is the other process that disables avast from deleting the file??? >:(
I use avast antivirus home 4.7 updated, comodo firewall and ad-adawre SE.All updated. I also have system restore disabled.
Thanks Polonus
As i understand from what i read in the article that you gave me,
the other process is bitcomet and that’s why avast cannot delete the file =because the file is running through bitcomet apllication which is open during the attempt to delete the malware.
So as i understand i have to use another program except bitcomet which will have not the malware inside it.
Is that right?
That is more or less what it comes down to. It is not the mininova
but the other that hijacks. For further information visit: www.whelper4.net (you have to register there for free, and you get the appropriate information what to do), as I remember good they establish if you are from Russia or not, Russians are not affected, but you can read the details there,
If it was not for you, things would never been put right.
I owe “u” for this one. The three R’s are hammered into
the right place with you. I put the hyperlkink right.
Deletion isn’t a good first option (you have none left), especially if you aren’t 100% certain that it is a virus, it would be better to schedule a boot-time scan where it can be moved so it can at least leave you options to restore.
Fully agree with DavidR here, never delete a file if you know what it actually is, could be critical, could be a FP. Always first doublecheck about the file in question to make a determined decision. Upload to virustotal or jotti to see how other virus tools flag it or whether they flag it at all, or ask the members of this forum for the inteligence of all members involved in this forum (members and moderators alike). Thanks for your reply DavidR, very appropriate,
But when a file is automatically stored in temporary internet files=non critical.Right? Right.
As for what Avvidro mentioned : I know that i can delete the file with an after reboot scan but i didn’t want that.I wanted to prevent the intrusion from the begining.Anyway , i assosiated bitcomet with opera browser and now i can access mininova with no problem.
You can safely remove all files from each of these directories. These directories are simply used to hold files for programs that are running. Sometimes, when programs finish, they neglect to clean up these files and that can start filling up your hard drive. Also, sometimes malicious software runs out of the temp folders. If you get an error when trying to remove a file, that means that of the currently running processes is using that file. If that happens, just skip the file(s) and delete the rest. There is no need to update the registry when dealing with temp files.
@ ipred
Yes, files in temp locations, Internet or otherwise are usually safe to delete, but some could cause adverse effects. So as general advice I say never delete as a first option, moving to the chest can’t hurt, certainly it can be restored/recovered if required, where as a deletion can’t. You can use either of these periodically to delete temp locations, ClearProg - Temp File Cleaner or CCleaner - Temp File Cleaner, etc.
So I never worry about the location, just move it to the chest, there is no rush to delete anything from the chest, they can’t do any harm there. Anything that you send to the chest you should leave there for a week or two. If after that time you have suffered no adverse effects from moving these to the chest, scan them again (inside the chest) and if they are still detected as viruses, delete them.
The only exception to that are detections in the system restore ‘system volume information’ folder as the only option is to disable system restore and reboot to clean this windows protected storage area.
