Avast WEBforum
Consumer Products => Avast Mac Security => Topic started by: aadgj on August 22, 2008, 06:06:25 AM
-
I installed Avast Linux Home Edition 1.0.8
While making it's first run it found a virus and added the file in the chest. The file was my Evolution Inbox file, and was 173MB. This blew things up on my poor Linux laptop, and several things, including avast, crashed. Now I can't see any of the email in my Inbox. The Inbox file in Evolution is corrupted and unusable. I have a file in the chest directory which is similar to the size of the Inbox file in the Evolution directory, but is clearly not the right format, so I can't just copy it over (and yes, I tried anyway). When I go to the Virus Chest window in the GUI, there's nothing listed for me to Restore. Is it possible to Restore the file, maybe with a command on the command line, that can Restore the file? Or maybe there's a way to force the avast GUI to recognize the file in the chest? I'm assuming the Restore function reformats the file.
-
I installed Avast Linux Home Edition 1.0.8
While making it's first run it found a virus and added the file in the chest. The file was my Evolution Inbox file, and was 173MB. This blew things up on my poor Linux laptop, and several things, including avast, crashed. Now I can't see any of the email in my Inbox. The Inbox file in Evolution is corrupted and unusable. I have a file in the chest directory which is similar to the size of the Inbox file in the Evolution directory, but is clearly not the right format, so I can't just copy it over (and yes, I tried anyway). When I go to the Virus Chest window in the GUI, there's nothing listed for me to Restore. Is it possible to Restore the file, maybe with a command on the command line, that can Restore the file? Or maybe there's a way to force the avast GUI to recognize the file in the chest? I'm assuming the Restore function reformats the file.
hmm, afaik this is just the original file, but in 1's complement form (xored with 0xff value).
thus, you can just de-xor the file.
regards,
pc
-
Yep, that did it. Many thanks for your help zilog.
There was probably a better way to do it, but since it wasn't obvious to me I wrote a little C++ program. I've included it below in case anyone has the same problem and can't figure out how to fix it.
#include <stdio.h>
int main ()
{
FILE * pFile;
FILE * pFile2;
int c;
pFile=fopen ("000001","r"); /* "000001" was the name of the file in the chest directory */
pFile2=fopen ("myfileout.txt","w");
if ((pFile==NULL)||(pFile2==NULL)) perror ("Error opening file");
else
{
do {
c = fgetc (pFile);
fputc (~c, pFile2);
} while (c != EOF);
fclose (pFile);
fclose (pFile2);
printf ("Program Complete.\n");
}
return 0;
}
-
Yep, that did it. Many thanks for your help zilog.
There was probably a better way to do it, but since it wasn't obvious to me I wrote a little C++ program. I've included it below in case anyone has the same problem and can't figure out how to fix it.
#include <stdio.h>
int main ()
{
FILE * pFile;
FILE * pFile2;
int c;
pFile=fopen ("000001","r"); /* "000001" was the name of the file in the chest directory */
pFile2=fopen ("myfileout.txt","w");
if ((pFile==NULL)||(pFile2==NULL)) perror ("Error opening file");
else
{
do {
c = fgetc (pFile);
fputc (~c, pFile2);
} while (c != EOF);
fclose (pFile);
fclose (pFile2);
printf ("Program Complete.\n");
}
return 0;
}
Yea, glad to hear this :).
regards,
pc
-
Zilog,
What do you mean by "De-Xor the file" and "Stored in 1'c complement form with 0xff value"?
Is that binary form?
-
Zilog,
What do you mean by "De-Xor the file" and "Stored in 1'c complement form with 0xff value"?
Is that binary form?
Just each byte of the "chested" file is the original byte, xored with the value 0xff (= each bit in the file is inverted).
regards,
pc