Well, the file on a search seems to be a trial of the McAfee Internet Security up on torrents. That listing from AVG is basically saying "We think it's a virus, part of it's code is similar, but we don't know specifically what it is." It could very well be a false positive, not an uncommon occurrence between virus scanners.

Confirm the source of the file as reliable. If you trust your source explicitly (ie: from McAfee directly) and want to run it, then there shouldn't be a problem. If you can't confirm it or don't want to run it, then delete the file directly. It doesn't seem to have been run yet so you should be able to even if it's infected. The other file just seems to be an archived file for it. Deleting the main one should get both. If not, just delete both.

Personally, I'd ditch the McAfee, but that's me.

Oh, I hear you on that. McAfee ain't worth spit.

I haven't DLed anything from them and I don't know how or where I could have come across anything McAfee. I'm afraid to open the folder that it's listed in for fear of setting loose something horrid. And I've no idea how to 'directly delete' the infections, unless by that you mean to just trash the entire folder and its contents (Which I'm reluctant to do being that I don't remember what-all's in there - it's not a large folder, but I know there's at least one or two word documents in it - and I don't want to delete anything unless I know for sure that I can safely trash it; whatever's in there is probably not that important but I'd like to know for sure, y'know?).

Trojan viruses need a trigger to run, and I know of none that will trigger on a previously created folder being opened. Assuming it is an infected file (which I still have doubts on, most AV programs trip the alert because of their scanning aspect of the program), the most common trigger is running the program directly, otherwise it's dormant.

Just go into the folder the file is in, drag it to the recycle bin/trash and empty it. The data will be overwritten in time with no damage done.

I took a look at the file. Evidently it must have glommed onto my system *two years* ago (!?), because the listing for it said it had been "modified" 5-30-2007. Don't know where I could've gotten that from, but if it's been around that long, then it must be what you said, some goofus thing that tripped my AV's sensitivity (Small wonder it wouldn't delete either, the size was listed at 37 MB). I deleted the sucker.

Thanks for putting my (semi-panicky) mind at ease.

The situation you were in is exactly why techs say to run only one AV program. Because they scan key or all files in your system (dependent on the scan), that part of the program is considered to be doing a "virus-like" action by accessing files that only the kernel accesses usually. This will trip an alert by other scanners on your system because the only times those files are accessed are by the kernel, an AV program, or a virus. The idea is to be better safe than sorry, but it's a headache because the AV programs keep tripping over each other.

It's not to say that it is benign, I had a virus on an old machine of mine that was using the AV program to spread itself (that was a long night cleaning it up) but with the updates on both the program and virus database, it's not the most common approach. It actually is part of the reason you should update your AV program as soon as possible.

To put your mind at ease, you did nothing wrong (apart from the freak out) I always say the best means to fight viral infection is to do the following:

1. Have one AV program at a time. Having none does no good but having more than one causes more problems than it solves.

2. Keep the program and virus database up to date. Viruses, worms, etc are always coming out and having an out of date scanner is about as useful as not having one at all. Keeping them up to date won't get all of them, but 1% risk is a heck of a lot better than 50% risk.

3. Be smart about being on the net. The best AV program in the world is not 100% secure and if you are constantly opening unknown attachments, visiting questionable sites and getting questionable files, you're going to be infected, usually a lot. Most viruses and such rely on social engineering to get in and do their damage. If you're smart about your online activity and avoiding questionable content, you might get infected once or twice in your lifetime. You'd have better odds in the lottery. The best rule of thumb on that is if you are unsure about a file, don't get it.

If you do find yourself infected, do the following steps:

1. Don't panic! Like any critical situation, panicking only causes mistakes, which is more problematic. Take a step back and calm down. At this stage, take notes on what you did before this happened. Sites visited, files opened, etc. You don't want to repeat the problem by making the same mistake.

2. Pull the plug. To prevent it from spreading or putting yourself at more risk (some block the AV's capability to work), disconnect yourself from the net by physically removing the connection. Software can be over-ridden so you can't just disable the card through the OS.

At this point you can either have it done professionally by taking it to a tech or to resolve the problem yourself. If you choose the latter, read on.

3. Research. Find out what file(s) are infected and by what. Using a scanner running from a CD or DVD is the safest means to do so. Once you know that info, look up on another computer the files and viruses. Symantec's online database is usually the best means for finding out what to do.

4. Elimination. Often times, removing the infected files will work. Sometimes a special cleaning program is available to remove the virus, usually if the infected files are key operating files. In the rare case, you will need to reformat your system completely. Unfortunately, if removing the files or formatting the system are your means of removing the virus, then the files are lost. Don't try and retain any potentially infected files, as you will simply continue the problem. It sucks, but those files are more of a threat than a benefit at that stage. After the files are removed, shut down and unplug the machine for about 10-15 minutes to purge the RAM. Viruses are known to quickly get in there and stay there for a reboot, which allows them to reinfect.

5. Avoidance. Remember the notes I told you to make in step one? Now you get to analyze them for what what's questionable and to avoid them in the future. Once again, be smart about your online activity.

Whew! That was longer than I expected. I should copy it and ask it to be put up as a sticky.

Adding it to an existing sticky okay with you?

Not a problem. I only have the AVG (installed by my wonderful techs whom I took my baby to last summer when it crashed due to some nasty spyware shit) and I update it every day.

Also caution on my part. I was never into DLing questionables or surfing known risky sites (aka porn sites and crapware) - would you believe that last year's incident was the *first* time in like 10 years that I've ever had a serious problem? If I get emails from people I don't know (and 99.9% of the time they're spam crap anyway), it automatically gets deleted without me ever opening it.

And since I've had my crash, I've become WAY paranoid about what I visit online. Not that I surfed a lot of exotic places, but in the past I'd see some website that sparked my interest, so I'd call it up to check it out. Now I only have a certain number of websites that I visit on a regular basis.

Unfortunately one of those sites may well have been the source of my spyware - I write fanfic and fanfiction.net (aka the Pit of Voles) evidently has had problems with malware creeping up on its site, as at least two or three other people I know have had problems contracting things from there. I still post there, but now I only visit that site when I have something new to upload (which is about once every couple of months) as opposed to visiting it almost every single day, and I immediately run the AV scan afterwards to see if I've caught any bugs.

Works for me!