e-mailing a file

Avast Free Antivirus / Premium Security
1

I just ran a scan using the archives function and avast picked up a file that it could not access, saying it was corrupt. I am not worried about it, it is very old (2002) and the computer runs fine. It’s an old IBM setup file that I guess is no longer needed as there have been many updates to this computer.

I tried to e-mail the file within the avast program, but it’s too big (more than 1024). How would I send this file?

Thank you.

2

Personally I wouldn’t worry about it as it may be nothing more than avast can’t unpack the archive file or doesn’t have the unpacker to do it.

Remember files that can’t be scanned are just that, not an indication they are suspicious/infected, just unable to be scanned.

You can change the file sizes related to the chest in Program Settings, Chest, but there is no why I would contemplate sending a 1GB (or higher) file to avast.

3

Thanks, DavidR,
It’s exactly as you describe. I guess what alarmed me was that in the chest, it was under ‘infected’ files.

Thanks again.

4

Another question though. Should I restore the file from the chest and then have avast ignore it or leave it it the chest?

5

Why is it in the chest, did you send it there at the end of the scan ?

If so yes you can restore the file from the chest (right click on the file and select restore).

What was the original file name and location ?

avast shouldn’t need to ignore it if it isn’t infected no problem, so it will appear on the list of files that can’t be scanned at the end of your scan, you can ignore any on this list provided the reason is legit, like corrupt (as in this instance), password protected (many security applications do this), etc. see below.

Many programs (usually security based ones) password protect their files for legitimate reasons such as AdAware and Spybot Search & Destroy, there are others (and avast doesn’t know the password or have any way of using it even if it did know it).

When you run scans with the above programs and you delete harmful entries that they detect, a copy is kept (in quarantine/restore/backup) in case you need to reverse what you did. These are usually password protected, you should do some housekeeping and delete old backup/recovery/quarantine entries (older than two weeks or so), this will reduce the numbers of files that can’t be scanned.

By examining 1) the reason given by avast! for not being able to scan the files, 2) the location of the files, you can get an idea of what program they relate to. You may need to expand the column headings to see all the text.

6

It was put in the chest automatically after avast said it couldn’t open it. It was under the ‘infected’ tab.
It has an .ex2 extension.
At the end of the scan, when it said it couldn’t open it, there was a file (I don’t remember the exact name) with an .bin extension.

The file is: c:\ibmtools\spps\pcdrwin\setup2.ex2

7

avast doesn’t put anything in the chest automatically, it requires user input having made a decision on what action to take.

Sorry I’m somewhat confused, what I can see is how it can be both infected and corrupt at the same time. If avast can’t open it to check it I can’t see how it can say it is infected. Check the avast! Log Viewer (right click the avast ‘a’ icon), Warning section, this contains information on all avast detections. Does this file feature in the warning section, if so what is the malware name ?

8

You are correct, my bad, I put the file into the chest. There is nothing in the log viewer under ‘warning’.
After the scan, there is the box saying avast cannot open the file. There, using the action button, I put it into the chest. It shows up in the chest under the infected tab.

After the file name, after the scan, it has ‘wise0056.bin’

I’m pretty sure it’s nothing to worry about. I just want to know how to handle it.

9

So setup2.ex2 isn’t in the chest, Infected Files section, if so nothing to do, otherwise scan inside the chest if it is just the can’t scan corrupt file then restore it.

Scan the wise0056.bin from within the chest and report the results, if a detection is made leave it in the chest. There is no rush to delete anything from the chest, a protected area where it can do no harm. Anything that you send to the chest you should leave there for a few weeks. If after that time you have suffered no adverse effects from moving these to the chest, scan them again (inside the chest) and if they are still detected as viruses, delete them.

10

I’m sorry this is so confusing. Setup2.ex2 is in the chest. I scanned and no virus.
The wise.bin shows up after the initial scan. This is where I move it to the chest where it just show up as setup2.ex2.

Anyway, I don’t think it’s a threat.
I guess I’ll leave it in the chest and see how everything works, or restore it and tell avast to ignore it.

11

Do you need this file? Why do you want to restore it?
It’s a strange extension ex2 … ???

12

I don’t think I need it, that’s why I think I’ll leave it in the chest and see how things go.

I think it might have something to do with the IBM set up (date is 2002) and I have updated the computer through IBM many times since, so maybe it’s just left over?

It only shows up when I enable archives in a scan.

Thanks.

13

Safer is keeping in Chest like you’re saying…

14

Yes, I think so.

Thanks for your input. :slight_smile:

15

If you have scanned both files in the chest and they aren’t detected then the simple answer is you should restore them, they should only remain in the chest if they are infected.

You could take a further step if you really want to be 100% sure.
You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner I feel virustotal is the better option as it uses the windows version of avast (more packers supported) and there are currently over 30 different scanners.
Or Jotti - Multi engine on-line virus scanner if any other scanners here detect them it is less likely to be a false positive. Whichever scanner you use, you can’t do this with the file in the chest, you will need to move it out.

16

I have figured out that this file is from pc doctor for windows, a program that came with this old IBM laptop. Maybe this version is proprietary to IBM?
I have run pc doctor without this file in the directory and it runs fine.
I have scanned the file many times and it always comes up- no virus.
I can’t even open the file.
When I put it in the chest, it just goes in the ‘infected files’ tab, by default, I guess.

I think it’s as you say DavidR, when doing a scan, avast can’t open it and doesn’t know what to do with it so it just alerts me.

I have done a search on Google and this file pops up with other AVs as no virus or ‘no action taken’.

So, I’m 99.9% sure it’s not a problem. I have deleted it from the directory, but kept it in the chest in case I have to restore it. Then I would just have avast ignore it during a scan.

DavidR, if I decide to run the on line scanners as you suggest, can I have the file in both the directory and chest?

Thanks you guys for your help on this, thumbs up!. You guys are what makes avast and this forum so great. It probably was much ado about nothing, but you never know.

17

It can’t be scanned by uploaded from the chest as it is a protected area. So ast the instruction said in bold text, you have to move it out of the chest. Either export or restore, restore sends it to the original folder which isn’t advisable if it were infected, Export allows you to choose a temporary location (a copy will remain in the chest).