Author Topic: Why can't Avast clean my file?  (Read 1850 times)

0 Members and 1 Guest are viewing this topic.

Offline zenzor

  • Jr. Member
  • **
  • Posts: 80
Why can't Avast clean my file?
« on: August 17, 2014, 12:48:59 PM »
I'm using the email program "TheBat", which stores emails in database files. During a scan it found a virus in a database file. I asked it to fix it, with no luck. All it does is putting it in the quarantine, which is not acceptable since I then lose several hundreds of emails stored in the database. Repair does nothing to the file either.

I wonder what the problem is here? A virus consist of a sequence of bytes, and it's a piece of cake to scan a file and delete a known sequence of bytes (if it can detect the virus it must know that sequence of bytes), which in this case will remove the virus. So why can't it just do that?

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 36436
  • Weihrauch Airguns
Re: Why can't Avast clean my file?
« Reply #1 on: August 17, 2014, 01:05:25 PM »
repair can only be done to files that are injected with malicious code ..... most of todays malware can not be repaired as the hole file is malware


Quote
I'm using the email program "TheBat", which stores emails in database files. During a scan it found a virus in a database file.
is this a compressed archive ? ......
if so you may try to unzipp it first, then scan the folder and remove infection

what is the full detection message from avast, you may attach a screenshot

« Last Edit: August 17, 2014, 01:16:44 PM by Pondus »

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31356
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: Why can't Avast clean my file?
« Reply #2 on: August 17, 2014, 01:12:48 PM »
And if only the detected code is removed, it will cripple the database making it not usable anyway.

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 36436
  • Weihrauch Airguns
Re: Why can't Avast clean my file?
« Reply #3 on: August 17, 2014, 01:24:32 PM »

Offline zenzor

  • Jr. Member
  • **
  • Posts: 80
Re: Why can't Avast clean my file?
« Reply #4 on: August 17, 2014, 02:05:42 PM »
Thanks for your replies.

Well the database appears to consist of the raw email sources in plain text, each preceded by what looks like a few binary characters. So removing the virus which is probably in a Base64 or whatever encoded attachment would only damage the attachment or mail content itself, which shouldn't cause any serious problems. The problem is finding the attachment, as there is a lot of them.

I guess the simplest thing would be to leave the file as it is, and exclude it. If I should happen to open the attachment I assume Avast would catch the virus then.

I've attached  the Avast report if that can help.
« Last Edit: August 17, 2014, 02:07:38 PM by zenzor »

Offline zenzor

  • Jr. Member
  • **
  • Posts: 80
Re: Why can't Avast clean my file?
« Reply #5 on: August 17, 2014, 02:11:53 PM »
I guess the simplest thing would be to leave the file as it is, and exclude it. If I should happen to open the attachment I assume Avast would catch the virus then.

Assuming that the email scanner is separated from the file scanner and the exclusion therefore won't affect it?