Author Topic: Putting files into chest  (Read 3876 times)

0 Members and 1 Guest are viewing this topic.

Offline oenkitt

  • Newbie
  • *
  • Posts: 5
Putting files into chest
« on: February 25, 2009, 02:42:43 AM »
I recently found a virus on my laptop the other day, so my dad has been installing several antivirus software trying to find the problem. When we downloaded avast, the virus was detected (win32: vitro), and the only option that would work was sending the infected files to the chest. Apparently my dad sent everything to the chest, and since then windows hasn't been running properly (all that ever shows up is my wallpaper, and task manager doesn't open). It wont even run in safe mode, which leads me to assume that some files that are vital to running windows were sent to the chest. Since I can't do anything through windows now, and therefor can't access avast that way, I don't know any other way to empty the chest to restore windows. And since I'm not an expert at computers, I don't know if what I'm speculating is correct, or perhaps this is all due to the virus and nothing to do with the files in the chest.

Can anyone tell me what I should do? Is this just the virus, or is it possible that I put somethings I shouldnt have into the chest? I'm just at a complete loss now.  ???

Offline Confused Computer User

  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 700
  • The answer is 42
Re: Putting files into chest
« Reply #1 on: February 25, 2009, 04:18:22 AM »
Hi oenkitt,

Well I hope I can help. I say that because I am not an expert but I do know a few things about avast.

Quote
Apparently my dad sent everything to the chest, and since then windows hasn't been running properly
This is hard to fix since I have no idea what the files were. I can say that if they were sent they were no vitally needed by Windows. Any file that is a required part of the OS will have a certain property that prevents the user from tampering with it. Ergo, it won't be sent to the virus chest.

Quote
When we downloaded avast, the virus was detected (win32: vitro)
I've never seen this win:32 vitro before but a quick google leads me back to the avast forum. more specifically here:
http://forum.avast.com/index.php?topic=42709.0
it seems quite serious and as far as I can tell there doesn't seem to be a solution.

Unfortunately you might have to replace the hard drive altogether from what I gather... I'll post back when I get more news.
Computer Systems:

Intel Pentium 4 641 / 2GB RAM / Vista Home Basic SP2 / avast! 5.0 Home / SAS Free / MBAM Free / Windows Defender / Windows Firewall / Spyware Blaster/ Secunia PSI / Firefox 3.6 / Opera 10.5

Core2Duo T8300 / 4GB RAM / Vista Home Premium SP2 (32 bit version) / Same Software.

Offline oenkitt

  • Newbie
  • *
  • Posts: 5
Re: Putting files into chest
« Reply #2 on: February 25, 2009, 04:47:26 AM »
I thought the same thing, that any really vital files wouldn't be allowed to be tampered with. But my dad says a couple times avast! would point out that the files that were going into the chest were important system files, and it would ask if we'd like to continue putting it in the chest. He didn't really know what that meant, and by that time we were both pretty desperate to get rid of the virus, so we just hit yes to all.

And I saw that topic as well. The virus is supposed to infect executable files, which further leads me to think that the files I put into the chest might have been of some significance. The only thing that shows up is my wallpaper, so it seems like the problem is that the executable files that should be starting up at that time are stuck in the chest.

The only thing I'm really concerned about is getting my files out and saved somewhere else (I know I should have done this before  :-X ). Otherwise I'm willing to reformat/reinstall/get a new HD, or whatever I need to completely get rid of the virus.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67247
Re: Putting files into chest
« Reply #3 on: February 25, 2009, 01:59:49 PM »
But my dad says a couple times avast! would point out that the files that were going into the chest were important system files, and it would ask if we'd like to continue putting it in the chest. He didn't really know what that meant, and by that time we were both pretty desperate to get rid of the virus, so we just hit yes to all.
Some files are kept into Chest as backup ones. They're clean and are in the System folder of the Chest.
Infected ones are kept in the proper folder there.
I suggest you help your dad with the general cleaning procedure:

1. Clean your temporary files.
2. Schedule a boot time scanning with avast with archive scanning turned on. If avast does not detect it, you can try DrWeb CureIT! instead.
3. Use SUPERantispyware, MBAM or Spyware Terminator to scan for spywares and trojans. If any infection is detected, better and safer is send the file to Quarantine than to simple delete them.
4. Test your machine with anti-rootkit applications. I suggest avast! antirootkit or Trend Micro RootkitBuster.
5. Make a HijackThis log to post here or this analysis site. Or even submit the RunScanner log to to on-line analysis.
6. Disable System Restore and then reenable it again.
7. Immunize your system with SpywareBlaster.
8. Check if you have insecure applications with Secunia Software Inspector.

And I saw that topic as well. The virus is supposed to infect executable files
It's a very dangerous virus. Backup your important documents and data.
But it also could be a false positive: http://forum.avast.com/index.php?topic=42926.msg358864#msg358864
The best things in life are free.

Offline DavidR

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 85947
  • No support PMs thanks
Re: Putting files into chest
« Reply #4 on: February 25, 2009, 04:28:41 PM »
@ oenkitt

Before you do anything, what is the infected file name, where was it found e.g. (C:\windows\system32\infected-file-name.xxx) ? 
Check the avast! Log Viewer (right click the avast 'a' icon), Warning section, this contains information on all avast detections. C:\Program Files\Alwil Software\Avast4\ashLogV.exe

If they relate to an nvidia file it may well be a false positive detection, do a manual VPS update and scan the file in the chest again.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.9.2494 (build 21.9.6698.703) UI 1.0.672/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline oenkitt

  • Newbie
  • *
  • Posts: 5
Re: Putting files into chest
« Reply #5 on: February 26, 2009, 01:04:24 AM »
Well the problem is that now I can't access ANYTHING because the only thing that windows will load now is my wallpaper. I don't know if this is due to the virus, or due to putting system files in the chest when I ran avast. So, I can't really do any of the things you both told me to do (or I'm just not aware any way to do it in my current situation) :-\. The last thing I did before windows stopped working was scan with avast, and there were LOTS of infected files, mostly executables. I can't remember any specific names, but I'm fairly sure they weren't false positives.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67247
Re: Putting files into chest
« Reply #6 on: February 26, 2009, 01:55:33 AM »
oenkitt, you can run avast in SafeMode (repeatedly press F8 while booting).
If avast does not detect it, you can try DrWeb CureIT! instead.
The best things in life are free.

Offline oenkitt

  • Newbie
  • *
  • Posts: 5
Re: Putting files into chest
« Reply #7 on: February 26, 2009, 02:33:45 AM »
Safe mode doesn't work either. My wallpaper is still the only thing that will load.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67247
Re: Putting files into chest
« Reply #8 on: February 26, 2009, 01:15:18 PM »
Safe mode doesn't work either.
You're deeply infected... on Safe Mode nothing should have been loaded...
Read the instructions, download and burn (maybe from another computer), finally use one of this rescue CD's:
1. Avira
2. Kaspersky
3. BitDefender
4. F-Secure
5. Dr. Web
The best things in life are free.