Chest versus Delete

I’m sure that this question has been asked before, but a forum search uncovered such voluminous superficiality that I just capitulated.

To the point: If an Avast scan detects that an unopened file contains evidence of a virus, then is it harmful to just delete the file – why has it been suggested that it must first be moved to the Chest?

If the detection is a false positive and the file is an essential Windows or application component, or the file is an archive containing other clean files that you want/need, then deleting them will be “harmful” to your system and/or your sanity!
Personally, I prefer renaming.

What - to you - is meant by an unopened file?

If avast detected let us say, for hypothesis, a virus in an important file of yours and you move it to the chest then it has the following advantages:

  1. While in the the chest it can do no harm
  2. It gives you time to consider your next steps

If it turns out the file is truly infected then when you delete it, after making it safe in the chest, is a matter of little importance.

If it turns out that this was a false positive discovery by avast you can restore the file from the chest and no harm has been done apart from a little inconvenience.

Perhaps the OP is referring to an unopened email or attachment. It will do no harm to delete one of these, apart from the possibility you might miss seeing something, maybe from a friend, that was worth seeing. Deletion won’t damage your system.

Emails and their attachments cannot be moved with any value to the chest so the point is moot. An email or its attachment can have no existence outside the mail client it was intended for and cannot be maintained in or recovered from the chest.

OK. You live and learn. (Never had to do this, never been spammed, touch wood.)
Still, maybe that’s what the OP is asking about?

I may make some sense if the OP was talking about a file just downloaded from the Internet and so far unopened by the OP.

Then the points above would still apply.

  • please delinete this “renaming” method.
  • how would i know whether the “other” archive files are clean? and how would i know a false positive?

btw, in my case at hand, there are no system files involved.

yes, that is what i mean by “unopened”.

If you believe that every virus reported by avast is real then you are in for a rude awakening. If you peruse this forum you will find plenty of false positives reported by our fellow users. This is a risk you run with any anti-malware product.

Given the length of my presence in this forum you may expect that I have some faith in avast. In the years of my use of avast it has never found a real virus in my system. In the same period it has reported a number of my files as infected. If I had deleted those files before avast corrected what has been, in every case, a false report I would have been put to considerably more trouble than moving them to the chest while I investigated, sought further information here and elsewhere and awaited a correction to the detection by the avast team.

Had any of the files really been infected then the steps above would still have been worthwhile (with the file rendered harmless) before finally, at leisure rather than the heat of the moment, deleting it.

As DavidR, one of the best sources of help in this forum, frequently says in relation to the handling of files reported as infected “First, do no harm”. Even thought this is frequently (and incorrectly) thought to be part of the Hippocratic Oath it is a precept that makes a whole lot of sense.

firstly, why the Chest – couldn’t the same effect be realized by deleting it into the “recycle bin”?

2nd, with the suspect file in the Chest, how do you “investigate” and determine whether it is indeed a false positive?

3rd, how many false reports has avast given you in the last 3 years? I have been using avast for more than a year – this is the first positive report. Have you experienced false negatives?

No. Chested files are safe kept, encrypted, unaccessible. Files into recycle byn could be restored (even by the malware itself).

You can right click the file and then:
a) rescan it with avast.
b) extract it and submit it to www.virustotal.com.

Yes, from time to time… They’re improving generic detection, so false positives appear.

b) extract it and submit it to www.virustotal.com.
please explain what you mean by "extract"
Have you experienced false negatives?

Sorry to be nit-picky but a false negative would be a positive :slight_smile:

I have had 3 false positives from avast in as many months …

  1. WinRar
  2. Home page of Yahoo.com
  3. Spywareblaster

… and all were speedily corrected by the avast team.

Oopss… I’ve read false positives instead of false negatives…

Right click the file into Chest and choose which folder you want to copy (extracting the file from Chest and putting it into this particular folder you’ve chosen).

Sorry to be nit-picky but a false negative would be a positive
true, but the question sits: have you encountered cases where avast failed to find a virus, which then caused trouble?
Sorry to be nit-picky but a false negative would be a positive
true, but the question sits: have you encountered cases where avast failed to find a virus, which then caused trouble?

No, I have not … but that is like trying to prove that I have no unknown viruses.

I should add that I do perform regular on demand scans with other products - they have never detected a virus.

I had, more than once… living dangerously and paying for my adventure…