Help !!! False-positive moved to chest ....

[Dita]

Hi everybody ! I'm a newbie at this forum.
I've researched a while before posting but I'm kind of lost with this virus stuff. Probably the answer is somewhere in this forum, so really sorry if somebody posted it already.

Situation that happened: A week ago I put my UBS in my computer. The USB had a bunch of files. Avast icon appeared stating BLOCKED FALSE POSITIVE VIRUS MOVED TO CHEST. I was left with 3 files from the load I had. Avast moved forty two names (files) to the virus chest.

Action taken: All my files are in the VIRUS CHEST... I think at this point I don't know, it happened fast. I checked the properties of one file, it says infected files. The description is WIN 32: Agent - ALZ J [Trj]. Another one says INF: Auto Run - gen [Wm]. I took one of the files. Sent it to the virus lab with my email. Do they respond to me or they just use it for info ?

So what do I do now ? Or should I say, is there anything I could do ? I wish I could have this files back, is it possible, a few are important.     

Thank you and sorry again if it was posted before.                               

[Pondus]

if you righet click the file(s) in chest and rescan, does it come up clean or infected?
make sure your avast is updated before you try, latest VPS is 110123-0

you can also upload files to www.virustotal.com and test them with 43 malware scanners
you can then copy the URL in the address bar and post here for us to see the result

[Dita]

Hi again, can anybody tell me how bad is this result (if it's good better) by virus total
http://www.virustotal.com/file-scan/compact.html?id=cd6dc594e3ebd6eebaca067812961b1f599ee8d58dc0bcfe5f7bb1804cc487df-1294929487
p.s. I did right click the file/scan but same result. I also do have the latest version of Avast.
Many thanks !

[Pondus]

It is easyer to see if you post the direct link to the scan result   

http://www.virustotal.com/file-scan/report.html?id=cd6dc594e3ebd6eebaca067812961b1f599ee8d58dc0bcfe5f7bb1804cc487df-1294929487

and that looks as a very infected file as it gets a 42/43 score

So this is not a file you want to have/recover

[Dita]

hi again, is this one better
http://www.virustotal.com/file-scan/report.html?id=cd6dc594e3ebd6eebaca067812961b1f599ee8d58dc0bcfe5f7bb1804cc487df-1294929487
So if this file is super infected, you said 42/43, you mean ... there is really no way of using it again .... :'(  But I have a few files that I really need ....there must be a way ?
Anothing thing, should I test all the files that went to the virus chest, one by one. I'm no expert, but the files all went to the virus chest, one after the other, when the virus alert happened, so they must have the same infected score than this one right ?
Thanks a lot
 

[Pondus]

hi again, is this one better
http://www.virustotal.com/file-scan/report.html?id=cd6dc594e3ebd6eebaca067812961b1f599ee8d58dc0bcfe5f7bb1804cc487df-1294929487

That is the same file as in the link i posted and the first you posted



The more AV vendors that detect a file as malware the lower the possibilities of a False Positive detection.....

[Dita]

Hi again, these are the steps I do to scan a file with virus total.com.
1- Open Virus Total Uploader 2.0/ Select file and upload
2- Another window appears with the results(with a few tabs html and others) with html address. Now that's the one I posted.
What's the other way so I can send you another address ?
Thanks and have a nice weekend !