Avast WEBforum

Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: drfisch on September 21, 2006, 08:55:00 AM

Title: New to Avast! - looking for advice
Post by: drfisch on September 21, 2006, 08:55:00 AM
New to Avast!

Downloaded & installed Avast v.?? late last year/early this year but didn't
learn much about it then. System was out of my hands and used by relatives for many months without much regard to system security issues.  I'm now wanting to clean the system up and have just installed and registered Avast 4.7 Home.   I've run on-demand scanner and sent all detected/infected files to the CHEST.  Avast reports numerous files as infected and I understand(?) that I have the option of deleting the files in the CHEST in an attempt to clean the system up.  But before
I start deleting things... I'd like to better understand the possible consequences involved.

The files detected by Avast! report them as the following malacious types:
-Trojano-7227,7223/
-Trojano-gen/
-Reglook[trj]/
IRCbot-ws[trj])

Now there are also apparently "system" files in the CHEST which don't
on the surface seem to be identified as malacious. Still, they are in the
Chest....and I thought I understood that the CHEST is a quarantined area
for the purpose of containment and for the prevention of further execution
or activity of the files in it.  If this is basically correct, then I assume* that there
is reason for concern about the 'system' files as well as the other files being
detected by Avast! as 'infected'.

My *assumption* is that by deleting the 'infected' files...that (at least some)
cleaning is accomplished. Is this correct? --- or is there more I need to understand
about cleaning-up things.

Further, what happens if or when those 'system' files in the CHEST are either
accidentally or intentionally deleted? ((system-files->deleted  = ???)).

I sense that somehow I'm just not seeing the bigger picture.    I'm trying to gain
a better over-all idea of understanding what actions to take (for clean-up) after
Avast! has 'detected' and 'quarantined' one or more files on an 'infected' system.

System was connected via broadband cable for 6 months without much
attention given to security-maintenance. It was behind a wireless
router also serving two other systems but is no longer connected this way.

SYSTEM INFO:
Dell PIII System
Windows XP home
Currently only Windows firewall enabled
Avast! 4.7


[installed software of concern]
Mirc
emule
PeerGuardian
Xvid
QuickTime
itunes
skype
Windows Messenger
OE
MSN
IE
FireFox
Remote Assistance

Any help or steering to other postings as guidance would be sincerely appreciated.
I'm willing to do the homework (read and learn) but probably need a few pointers in
the right direction.

Thanks -
drfisch
Title: Re: New to Avast! - looking for advice
Post by: Spiritsongs on September 21, 2006, 09:13:52 AM
 :)  Hi "Dr" :

   As you already may have surmised, you need MORE than
   just an antiVIRUS to protect a computer . As far as the
    items in question, I recommend a "2nd Opinion" by using
   good & FREE antiSPYWARE program(s) and the highest
   priority should be those good in detecting & quarantining,
   such as : Ewido from www.ewido.net/en ( the full-featured
  "trial" will revert to the "Free" ver after the trial ends ) AND
   the "FREE" ver of SUPERantispyware from :
   www.superantispyware.com .
   Should also have a software firewall; there are many good
   and FREE ones available that have been discussed in
   many posts on this forum .
   Having a "P2P" program, such as EMule, increases the
   risk of getting undesirable malware.
   As to the Dell computer in general, might want to look into
   using the "PC ( formerly "Dell" ) De-Crapifier" available at
   www.yorkspace.com/pc-de-crapifier/  !?
Title: Re: New to Avast! - looking for advice
Post by: FreewheelinFrank on September 21, 2006, 02:40:00 PM
Hi drfisch,

The virus chest is what other anti-malware programs refer to as quarantine: the malware is inactive but can be restotred in the rare event that a legitimate application is wrongly identified as malware.

It is not necessary to delete files in the chest to complete the cleaning process. In fact, you would be well advised to leave files in the chest for several weeks just to be certain that they have been correctly identified.

avast! also stores copies of some important system files in the chest (under a separate tab) so that these files can be restored if they become corrupted. Do not think that avast! has incorrectly removed some important system files: this is not the case.

As Spiritsongs has said, as you've found malware on the computer, it would be a good idea to run a scan with Ewido.

I also recommend Ad-Aware and Spybot Search & Destroy:

http://www.lavasoftusa.com/software/adaware/

http://www.safer-networking.org/

Don't neglect to update both programs before scanning.

You also need to ensure that your OS and applications are up to date.

Visit Microsoft update and check that you have the latest updates.

You will need to update other applications too: Quicktime had a critical vulnerability recently, for one.

If you have Firefox 1.5, updates should come through automatically: check that you have the latest version.

If you have  Sun Java, that's had critical vulnerabilities too and will need updating.