Hi, i was wondering if there was anyone who could help me.
my avast! antivirus thingie notified me of a virus, Win32: Vbgen- DL [wrm], that was in my system. i had to reboot my computer and have avast run during start up. it moved to chest about 104 infected files 3 system files… and i don’t know what i’m supposed to do now!
how do i get rid of the virus and repair the files or whatever? i’m sorry, i’m a bit of a noob at all this, i have no clue what i’m doing. the virus was pretty wide spread i want to know what i’m supposed to do and how to fix it… what am i supposed to do with the files in the virus chest?
any help or info that could be offered would be appreciated!
The chest is an area used to keep infected files in quarantine (indeed, other anti-malware programs usually call the same feature ‘quarantine’). The files there are encrypted and cannot be run- they are safe and inactive. You don’t need to get rid of these files- it is in fact best to leave them there, at least for a while, as sometimes legitimate files may be wrongly identified as malware and put in the chest. There is an option to restore files from the chest if they have been wrongly identified as malware.
The three system files in the chest have not been infected- they are clean files put in a separate ‘back-up’ area of the chest. If these system files become infected in the future, you can replace them with the clean versions in the chest.
The repair option is used when a virus attaches itself to a legitimate file. A repair needs to be carried out before malware is sent to the chest. Malware like worms and Trojans cannot be repaired because the malware is not attached to a legitimate file.
If you have found a lot of malware, I’d suggest running scans with AVG Anti-Spyware (Ewido), Ad-Aware, Spybot Search & Destroy and BlackLight rootkit detector, just to make sure you have found everthing.
As Frank has implied, you need MORE than an antiVIRUS program to protect you. And a good
start is the FREE 30 day "trial" of AVG Antispyware from www.ewido.net . You have the "Full"
program, which includes a "Resident Shield" & Automatic Updates, during the 30 days. If you let
the 30 days "expire" without buying the program, those 2 features cease, but the rest of the
program continues.
Hopefully you have a software, 3rd party firewall !?
Thankyou FreewheelinFrank and Spiritsongs for your help and info.
FreewheelinFrank, thank you for explaining about the virus chest, i had no idea before but your info has helped me understand. i’m just wondering though, the files in the chest that are infected… you said they could be restored if they were found to be wrongly identified as malware. well how do i figure out if that’s the case? how am i supposed to know if it’s wrongly identified or really is infected? and also if i find that it is really infected and choose to delete does that mean i lose my file? it’s just that there are several infected files that are word documents and such and i don’t really want to lose them, is there anyway i can repair it or make a new copy of the originals?
also i d/l the programs you suggested and am running new scans with them as well. i didn’t realise that i was supposed to have so many security programs.
Spiritsongs, thanks for your help too. i d/l the AVG Antispyware like you suggested.
and about the 3rd party firewall… i’m sorry i have no clue what that is. i’m such a noob! so idk if i have one or not. but i have Sygate personal firewall, is that a 3rd party firewall? the only other security programs i have are Avast! Antivirus, Ad-aware SE personal, Snoopfree Privacy Shields, Spyware Blaster, Spyware Guard and now on FreewheelinFrank’s suggestion AVG Anti Spyware, BlackLight rootkit detection and Spybot Search & Destroy.
is that a good amount of programs? are there any more that i should get?
If the file in the chest were an essential file over a short time that should become apparent.
There is no rush to delete anything from the chest, a protected area where it can do no harm. Anything that you send to the chest you should leave there for a few weeks. If after that time you have suffered no adverse effects from moving these to the chest, scan them again (inside the chest) and if they are still detected as viruses, delete them.
It may appear that there are three infected system files, you don’t say which, but I believe you are talking about three files in the System Files section of the chest. If so these are not infected but copies of important system files in case the original got infected.
The Infected Files and User Files (here you can add files you are suspicious of) sections, are the only parts of the chest that contain infected or suspect files.
If you can give some examples of the 104 files, file name, location and malware name (mainly the word ones) ?
Check the avast! Log Viewer (right click the avast icon), Warning section, this contains information on all avast detections.
You have things you can do within the chest, right click on an infected file and you will see a number of options, unfortunately you can repair within the chest but you could elect to restore them but this is not a good idea at the moment (until we see some of the examples).
Ad David mentioned, it should be apparent if a legitimate file has been mistaken for malware and put in the chest- usually because something stops working. You can enter the file names into Google to check on any files in the chest. You will get information about known application/system files and known malware files. If there’s no information about the file, it’s more likely to be malware, especially if the file has an apparently random name which just looks like a string of letters and numbers- legitimate application files are more likely to have a meaningful name, but it’s not a guarantee.
Yes. if you select delete, files are lost forever as you though, so sending to the chest is always the best option.
Word files may contain a macro script which can be infected with a virus. avast! might be able to repair these files by removing the virus and leaving your data. I suspect you would need to restore the file (remove it from the chest), rescan and try the repair option- I’ve never had this problem so I can’t give you any definite info.
The programs I mentioned are non resident (AVG has a free trial of the resident scanner which expires after 30 days. This means they don’t take up any system resources, apart from a little hard disk space. Update and do a scan every week or two- if you’re not finding anything, you can remove them if you want to, but I’d recommend keeping AVG Anti-Spyware: it has an on-demand scanner which you can use to double-check downloaded files.