little nervous

[Student]

While trying to access a site today, I got notification of a sign of a trojan in my temp internet files. I was unable to move it to chest because I kept getting a notice saying that the file I was trying to move was in use. I ending up selecting "delete" from the list of options that Avast gave me. After deleting, I ran a standard scan (including archives) through my updated version of Avast and also ran the latest version of Ad-Aware. Everything was fine. I used the computer all afternoon with no problems. My question is: Can I just relax and forget about it or can I expect problems in the future?

Thanks

[polonus]

Hi Student,

You might have visited a malcode redirect site with your browser, avast shield flagged it and enabled to disconnect from it before you could get infected. So you are safe. Can you see in the avast logs what it was that avast flagged there?

polonus

[Student]

It was actually on my work computer (which is why I am so nervous) so, unfortunately I can't access that information right now. I remember looking at it though and the message was that there was a sign of a trojan detected in a temporary INt file (sorry I don't have a name). If there were any remnants of the infection remaining after deletion of the file, wouldn't Avast have picked it up in the scan? thanks again.

[polonus]

Hi Student,

Don't worry, avast has done what it should do, and saved you from getting infected. Work ATF cleaner on that machine from an USB stick and you could cleanse all temporal files, good practice actually for everyday or after a browsing session anyways, but I am sure avast dealt with that temp file. Your work computer will be fine, believe me. Have a nice and relaxed weekend,

polonus

[Student]

Thanks Polonus. I was worried about the fact that I had requested that Avast delete the file rather than moving it to chest which is what was what was originally recommended. I have no idea how to clean my temporal files - I usually delete them periodically by going into internet options and the control panel.

Thanks again for your help!

Student

[cinchez]

U could use a cleaning program like CCleaner to clean ur temporary files and some unwanted stuffs^^

-AnimeLover^^

[DavidR]

Thanks Polonus. I was worried about the fact that I had requested that Avast delete the file rather than moving it to chest which is what was what was originally recommended.
<snip>

If as in your first post you can't send the file to the chest because it is in use or some other reason, deletion doesn't have to be the only option.

If you have XP, vista32bit or Win2k, you could enable a boot time scan. Right click the avast icon, select Start avast! Antivirus, a memory scan will take place followed by the opening of the Simple User Interface, Menu, 'Schedule boot-time scan...' Or see http://www.digitalred.com/avast-boot-time.php.

So from a boot-time the file shouldn't be in use so you should be able to send it to the chest from a boot-time scan.

Whilst in this case deletion isn't a serious problem as it was a temporary file and no real damage was done, but it is a bad habit to get into, having deleted a file you have no more options.

[Student]

at risk of asking a stupid question, what actually happens when you delete a virus versus sending it to the "chest"? If the file that it is associated with is unimportant, wouldn't it be cleaner to delete it? I assume that once it's deleted, it can't return (?) A virus in a 'chest' doesn't sound as safe to me.

[Lisandro]

at risk of asking a stupid question, what actually happens when you delete a virus versus sending it to the "chest"? If the file that it is associated with is unimportant, wouldn't it be cleaner to delete it? I assume that once it's deleted, it can't return (?) A virus in a 'chest' doesn't sound as safe to me.

Send to Chest is delete the file from the original location and send it to Chest.
It's safer than direct remove as it allows further investigation.
Once in Chest, it's safe to be kept, can't return to your system (although, the malware could recreate the file sometimes).

[DavidR]

First lets be straight you aren't deleting it, but as it says on the tin 'Move to Chest.' So it is literally moved to the avast chest and that is the only place it exists.

Files in the chest are encrypted and can't be accessed from outside the chest. You can access the physical chest folder using windows explorer, but you won't find the file that was moved there as the file name is also changed, so to applications they see only the name generated by avast, but they still cant do anything with it.

How do you know if a file is unimportant ?
Answer you probably don't, so what happens having deleted it, you are up the creek without a paddle and no more options, deletion is in my opinion crazy. It must be fully investigated and confirmed there would be no problem, which you can't do if you have already deleted it.

[Student]

True. I would rather have moved it to chest as Avast recommended but, in this case,  I didn't know how to do that. In response to your question;
"how do you know if a file is unimportant?", I knew that it was referencing a temporary file (as per Avast) and I assume that all temporary files are unimportant(?). I'm probably totally wrong in that regard too.

thanks for the info on "the chest".

[DavidR]

When you get an alert there is normally an option to 'Move to chest' and that is the conventional method of doing so. If you can't do so whilst windows is running, e.g. file in use, etc. then you do a boot-time scan as I mentioned and gave a link to how to initiate one in Reply #6.

The boot-time scan also gives the option to move to the chest.

As I said in my first reply it is more to do with getting a fixed routine, but never delete as a first option, you have none left. Some temporary files which are in use could be so for a legitimate (not malicious) purpose so by initiating a boot-time scan and rebooting would close down what it was doing tidily (and not crash what it was doing by deletion). As I said in Reply #6 (quoted below), not a good habit to get into.

Whilst in this case deletion isn't a serious problem as it was a temporary file and no real damage was done, but it is a bad habit to get into, having deleted a file you have no more options.