Author Topic: Restoring files from chest & finding files it can't fix  (Read 5271 times)

0 Members and 1 Guest are viewing this topic.

Offline Bigbro

  • Jr. Member
  • **
  • Posts: 45
  • Hello good friends!
Restoring files from chest & finding files it can't fix
« on: December 14, 2007, 06:06:23 PM »
Hi,

It's been a long time since I needed help with avast, but lately I've had some issues, which I need help with.  I found 5 system files in the chest.  There are 2 "kernel32.dlls", 2 "winsock.dlls", and 1 "wsock32.dll".  I scanned them inside the chest and there were no infections found, so I tried to restore them.  Both "kernell32.dlls" failed to restore.  Both "winsock.dlls" restored successfully.  The "wsock32.dll" also did not restore. ----  How do I go about replacing those files if they cannot be restored?
----
Also a system restore file was listed in the log as infected and I wanted to delete it, but I could not find the file even after checking all my file view settings.  Looking for that file revealed that something had gone wrong with my registry and no matter how I set the radio buttons, hidden files would not display. I found a registry repair article and performed it and restored the hidden files view, but there are no visible system restore files in the C:\ folder.  I did a file search which revealed the file was indeed there, and I deleted it from within the search window, but the machine did not appreciate this and warned me about something, and balked at deleting the file. At least I think it deleted it.  I seem to remember that those files cannot be displayed without a special registry change. ---- If I find and perform that registry change and get them to display, will I be able to delete any infected system restore file? ---- Is there a better way?
Gateway 1200 Select, 1.20GHZ, 0.98GB RAM, 60GB HD + 30GB HD, Windows XP Home-SP3, avast V5.1.889 Free. Comodo Firewall

Dell Dimension 8400, 4CPU 3.20GHZ, 3.1 3.25GB RAM, 80GB HD, Windows XP Pro Media Edition -SP3, avast V5.1.889 Free. Comodo Firewall

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 85950
  • No support PMs thanks
Re: Restoring files from chest & finding files it can't fix
« Reply #1 on: December 14, 2007, 07:27:30 PM »
These are in the System Files section of the chest and are back-up copies of important system files in case the originals become infected. Only avast can use them, if you try to restore them windows will block you because the originals are running.

Leave them as they are.

The only files that are of concern to you are in the 'Infected Files' section.
There is no rush to delete anything from the chest, a protected area where it can do no harm. Anything that you send to the chest you should leave there for a few weeks. If after that time you have suffered no adverse effects from moving these to the chest, scan them again (inside the chest) and if they are still detected as viruses, delete them.

What were the full details of the system restore file ?
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.9.2494 (build 21.9.6698.703) UI 1.0.672/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67247
Re: Restoring files from chest & finding files it can't fix
« Reply #2 on: December 14, 2007, 09:06:55 PM »
will I be able to delete any infected system restore file? ---- Is there a better way?
If you disable system restore, click 'apply', than reenable it again, all old (possibly infected) restore points are gone forever.
The best things in life are free.

Offline Bigbro

  • Jr. Member
  • **
  • Posts: 45
  • Hello good friends!
Re: Restoring files from chest & finding files it can't fix
« Reply #3 on: December 15, 2007, 04:25:40 AM »
will I be able to delete any infected system restore file? ---- Is there a better way?
If you disable system restore, click 'apply', than reenable it again, all old (possibly infected) restore points are gone forever.

This I knew, but if avast finds only one restore point infected, I only wish to delete that restore point.  This will ensure I have someplace to start over should something go wrong during all this.
Gateway 1200 Select, 1.20GHZ, 0.98GB RAM, 60GB HD + 30GB HD, Windows XP Home-SP3, avast V5.1.889 Free. Comodo Firewall

Dell Dimension 8400, 4CPU 3.20GHZ, 3.1 3.25GB RAM, 80GB HD, Windows XP Pro Media Edition -SP3, avast V5.1.889 Free. Comodo Firewall

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 85950
  • No support PMs thanks
Re: Restoring files from chest & finding files it can't fix
« Reply #4 on: December 15, 2007, 04:32:13 AM »
avast should be able to 'move' just the infected restore point to the chest and not all restore points.

Something you want to get in the habit, you don't want to select delete, it is a final option with no fall back, 'first do no harm' move the virus to the chest and investigate.

If for any reason avast can't move it to the chest whilst windows is running (very occasionally) then if you have XP, vista32bit or Win2k, you could enable a boot time scan. Right click the avast icon, select Start avast! Antivirus, Menu, 'Schedule boot-time scan...' Or see http://www.digitalred.com/avast-boot-time.php.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.9.2494 (build 21.9.6698.703) UI 1.0.672/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67247
Re: Restoring files from chest & finding files it can't fix
« Reply #5 on: December 15, 2007, 12:31:16 PM »
This I knew, but if avast finds only one restore point infected, I only wish to delete that restore point.  This will ensure I have someplace to start over should something go wrong during all this.
You have two ways: delete all the restore points or all except the last one (http://www.bleepingcomputer.com/tutorials/tutorial56.html#delete) using DiskCleanup from Windows.
The best things in life are free.

Offline Bigbro

  • Jr. Member
  • **
  • Posts: 45
  • Hello good friends!
Re: Restoring files from chest & finding files it can't fix
« Reply #6 on: December 16, 2007, 08:56:02 PM »
This I knew, but if avast finds only one restore point infected, I only wish to delete that restore point.  This will ensure I have someplace to start over should something go wrong during all this.
You have two ways: delete all the restore points or all except the last one (http://www.bleepingcomputer.com/tutorials/tutorial56.html#delete) using DiskCleanup from Windows.

How is this done, In XP Home's System Properties all I see is the first option?
Gateway 1200 Select, 1.20GHZ, 0.98GB RAM, 60GB HD + 30GB HD, Windows XP Home-SP3, avast V5.1.889 Free. Comodo Firewall

Dell Dimension 8400, 4CPU 3.20GHZ, 3.1 3.25GB RAM, 80GB HD, Windows XP Pro Media Edition -SP3, avast V5.1.889 Free. Comodo Firewall

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67247
Re: Restoring files from chest & finding files it can't fix
« Reply #7 on: December 16, 2007, 09:05:36 PM »
How is this done, In XP Home's System Properties all I see is the first option?
Edited: Sorry, this is only available on Vista. I've forgotten it...
I've looked better on XP and there is said except the latest one. Maybe because I have XP Pro and not Home...  ::)
« Last Edit: December 16, 2007, 09:07:51 PM by Tech »
The best things in life are free.

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 85950
  • No support PMs thanks
Re: Restoring files from chest & finding files it can't fix
« Reply #8 on: December 16, 2007, 10:34:48 PM »
Don't forget I said if avast finds an infected restore point it can move or delete only that restore point.

avast should be able to 'move' just the infected restore point to the chest and not all restore points.
<snip>

So there is no need to delete all or clean-up and leave only the most recently created one.
If you want to do this then try this - Create Clean Restore Point - Clear old Restore Points.

Create a clean System Restore point:
1. Click Start, All Programs, Accessories, System tools, System Restore.
2. In the pop-up that appears fill in the radio button to Create a Restore Point
3. Click NEXT
4. Enter a useful name that you will remember if you need to find this again (Clean Restore Point)
5. Click CREATE

You now have a clean restore point, you should clear the old ones:
1. Click Start, All Programs, Accessories, System tools, Disk Clean Up
2. Click OK on the C: drive
3. Click the More Options tab
4. In the System Restore section click the Clean Up button
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.9.2494 (build 21.9.6698.703) UI 1.0.672/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline Bigbro

  • Jr. Member
  • **
  • Posts: 45
  • Hello good friends!
Re: Restoring files from chest & finding files it can't fix
« Reply #9 on: December 17, 2007, 06:39:13 AM »
Don't forget I said if avast finds an infected restore point it can move or delete only that restore point.

avast should be able to 'move' just the infected restore point to the chest and not all restore points.
<snip>

Thanks for your help DavidR.

Gratefully,
Big Bro

Gateway 1200 Select, 1.20GHZ, 0.98GB RAM, 60GB HD + 30GB HD, Windows XP Home-SP3, avast V5.1.889 Free. Comodo Firewall

Dell Dimension 8400, 4CPU 3.20GHZ, 3.1 3.25GB RAM, 80GB HD, Windows XP Pro Media Edition -SP3, avast V5.1.889 Free. Comodo Firewall

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 85950
  • No support PMs thanks
Re: Restoring files from chest & finding files it can't fix
« Reply #10 on: December 17, 2007, 03:07:33 PM »
Your welcome.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.9.2494 (build 21.9.6698.703) UI 1.0.672/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security