Author Topic: avast! virus chest  (Read 3176 times)

Offline lenscrafter

  • Newbie
  • *
  • Posts: 3
  • I'm a llama!
    • Personal Message (Offline)
avast! virus chest
« on: January 22, 2005, 05:04:46 AM »
I have moved about four or five infected files to the virus chest. I understand I have to restore them in order to use tools like Spybot, Ad-Aware, CWShredder, etc. to attempt cleaning them. When I try to restore a file in the chest, I get an "overwrite?" window that says, "You are trying to restore a file from the Chest. The file already exists. Should the program overwrite the existing file?" Why is this? Can anyone recommend a course of action for this? ???

Online Eddy

  • avast! Evangelist
  • Serious Graphoman
  • ***
  • Posts: 9884
  • Gender: Male
  • Watching (over?) you
    • Malware removal, Biljart and other things.
    • Personal Message (Online)
Re: avast! virus chest
« Reply #1 on: January 22, 2005, 12:20:47 PM »
Looks like something is replacing the moved files. Could be Windows System Restore.

Quote
I understand I have to restore them in order to use tools like Spybot, Ad-Aware, CWShredder, etc. to attempt cleaning them
You understood it wrong. There is no need to place them back if you want to run Ad-Aware or Spybot s&d.

Offline Tech

  • avast! team
  • Certainly Bot
  • *
  • Posts: 64881
  • Gender: Male
    • Personal Message (Offline)
Re: avast! virus chest
« Reply #2 on: January 22, 2005, 01:07:38 PM »
The file already exists. Should the program overwrite the existing file?

If you say the name and path of the files we can give you a better suggestion...
It seems that a non-infected (clean) file was there and you're trying to restore an infected one over them...  ::)
The best things in life are free.

Offline lenscrafter

  • Newbie
  • *
  • Posts: 3
  • I'm a llama!
    • Personal Message (Offline)
Re: avast! virus chest
« Reply #3 on: January 23, 2005, 08:27:44 AM »
I did restore the system to an earlier date. The reason is that I was running a virus scan I found someplace on the net and did not pay enough attention to the interface. I should have clicked the "fix" button before running the scan. As a result, the tool simply deleted an infected file. This might or might not have been all right, but being a novice I did not want to delete anything just yet. So I restored the system to get the virus-infected file back. This probably has contributed to getting things a little mixed up for me, as I think at the time I had some infected files in the chest and others not.

As for "understanding" you have to restore files from the chest in order to use tools like Spybot, Ad-Aware, CWShredder etc., I am sorry to say this apparently incorrect information comes from an avast! technician whom I e-mailed for help.

Here are the files I have in the virus chest:

Name: 2[1].htm     Path: C:\Documents and Settings\Kenneth\Local Settings\
                                       Temporary Internet Files\Content.IE5\2Y4HGS2T\2[1].htm
Virus: VBS:Malware[Script]


Name: btest4.scr   Path: C:\WINDOWS\SYSTEM32\btest4.scr

Virus: Win32: Trojan-gen. {Other}


Name: FireDLL.dll   Path: C:\Program Files\AmericaOnline9.0\download

Virus: Win32: Trojan-gen. {Other}


Name: FireDLL.dll   Path: C:\Program Files\AmericaOnline9.0\download\FireDLL.dll

Virus: Win32:Trojan-gen. {Other}


Name: FireDLL.dll   Path: C:\Program Files\AmericaOnline9.0\download\FireDLL.dll\
                                        FireDLL.dll

Virus: Win32:Trojan-gen. {Other}

 
Thank you Eddy and Technical for your replies.     
                                                 
Sincerely,

lenscrafter :-[                                                                             


Offline Tech

  • avast! team
  • Certainly Bot
  • *
  • Posts: 64881
  • Gender: Male
    • Personal Message (Offline)
Re: avast! virus chest
« Reply #4 on: January 23, 2005, 12:22:21 PM »
I think at the time I had some infected files in the chest and others not.

Look, Chest has its categories: infected files, system files (just backup), etc.
Are all that files in the same category? Which one?

As for "understanding" you have to restore files from the chest in order to use tools like Spybot, Ad-Aware, CWShredder etc., I am sorry to say this apparently incorrect information comes from an avast! technician whom I e-mailed for help.

Are you sure...? This answer seems very strange.
I won't say it's wrong but very strange (at least I need more information to judge).
I, on contrary, will say that you won't need to restore any file from chest to proper use spyware tools... (unless, the file is a part of that programs and a false positive, so you send an 'incorrect' file to Chest).

Here are the files I have in the virus chest:

Name: 2[1].htm
Path: C:\Documents and Settings\Kenneth\Local Settings\Temporary Internet Files\Content.IE5\2Y4HGS2T\2[1].htm
Virus: VBS:Malware[Script]

Delete your temporary files:
To do this go to Internet explorer >Tools > Internet options > Delete files > Click delete all offline content (just to be sure) > click ok.
It might take some time to delete them.

Name: btest4.scr   Path: C:\WINDOWS\SYSTEM32\btest4.scr
Virus: Win32: Trojan-gen. {Other}

Just delete it and clean your recycle bin.
If you can't do it, send to Chest or even run a boot time scanning.

Name: FireDLL.dll   Path: C:\Program Files\AmericaOnline9.0\download
Virus: Win32: Trojan-gen. {Other}

Name: FireDLL.dll   Path: C:\Program Files\AmericaOnline9.0\download\FireDLL.dll
Virus: Win32:Trojan-gen. {Other}

Name: FireDLL.dll   Path: C:\Program Files\AmericaOnline9.0\download\FireDLL.dll\FireDLL.dll
Virus: Win32:Trojan-gen. {Other}

I'm not that good on AOL but seems that these files are not safe too...

Disable (and enable it after) System Restore
Start > Control Panel > System > System restore > Disable
Click Apply
Enable it again
Click Ok

Are you using Windows XP?
Can you schedule a boot-time scanning?
Start avast! > Right click the skin > Schedule a boot-time scanning
Select for scanning archives.
Boot.
The best things in life are free.

Offline lenscrafter

  • Newbie
  • *
  • Posts: 3
  • I'm a llama!
    • Personal Message (Offline)
Re: avast! virus chest
« Reply #5 on: January 24, 2005, 07:37:41 AM »
Further information from lenscrafter. Yes, all those files I listed from chest are in the same category - infected. Also, I do have Windows XP Professional Edition. Also, I have tried deleting the temporary internet files after disabling system restore. Looks like nothing happened. Maybe I will try it again. However now that you have told me the virus cleaning tools can be used on files in the chest, I have a lot of work to do, as I have been given many such tools from another tutorial.
                                                             
                                                                                         Thank you for responses

 

Google Chrome

AVAST recommends using the FREE Google Chrome™ browser.

Download Google Chrome Now