I am new to avast! and a trojan was detected on my computer during a scan. The recommendation was to move the file to the virus chest. So now what? How do I remove the trojan from the file? Can I, or do I just leave it all in the chest? The virus is Win32:Zbot-AVH [Trj] and the file is ProgramData\Microsoft\Windows\WER\ReportArchive\Report07f884c0\Report.cab
There is information about removing the virus when first detected, but the recommendation of the program when detected was to move it to the chest.
Moving it to the chest will remove it from the original location.
Deletion isn’t really a good first option (you have none left), ‘first do no harm’ don’t delete, send virus to the chest and investigate.
There is no rush to delete anything from the chest, a protected area where it can do no harm. Anything that you send to the chest you should leave there for a few weeks. If after that time you have suffered no adverse effects from moving these to the chest, scan them again (inside the chest) and if they are still detected as viruses, delete them.
However report.cab on its own I don’t believe would be active unless unpacked and run, etc. so it might have some friends, possibly hidden or undetected.
If you haven’t already got this software (freeware), download, install, update and run it and report the findings (it should product a log file).
MalwareBytes Anti-Malware, On-Demand only in free version http://download.bleepingcomputer.com/malwarebytes/mbam-setup.exe, right click on the link and select Save As or Save File (As depending on your browser), save it to a location where you can find it easily later. - 2. SUPERantispyware On-Demand only in free version.
Don’t worry about reported tracking cookies they are a minor issue and not one of security, allow SAS to deal with them though. - See http://en.wikipedia.org/wiki/HTTP_cookie.
Thank you David for the information. One more question. I have scanned the file in the chest and it definetly has the trojan.
Will this other software you are suggesting remove the trojan? Since this is a system file I do not wish to delete it but would like to get rid of the trojan. Or do I have to do a system recovery to get rid of it?
PS I am not a tech person, so am not familiar with tech details.
avast removed the file it detected and in the chest it can do no harm.
The point of the other applications is to ensure it didn’t bring any friends to the party. As I explained the file name and malware name combo seem strange as a .cab file in isolation to me doesn’t seem right.
However report.cab on its own I don't believe would be active unless unpacked and run, etc. so it might have some friends, possibly hidden or undetected.