ihave some questions about a virus avast found...

today i noticed my pc was acting very weird. webpages taking forever to load etc etc. so i decided to run a scan and it found 2 virus’.

they are C;/systemvolumeinformation/_restore then a bunch of numbers followed and then beneath that was
win32:bifrose-ckd[trj]

can i find out where i got these from? i havent done any surfing out of the ordinary.
also, why didnt avast catch them before i got them? im a pretty novice computer user so sorry if that was a dumb question…lastly…
what do i do after i move them to the chest? do i have to do something with system restore or anything like that? does putting them in the chest kkill the problem? thank you so much in advance.

I suggest:

  1. Disable System Restore and reenable it after step 3.
  2. Clean your temporary files.
  3. Schedule a boot time scanning with avast with archive scanning turned on.
  4. Use SUPERantispyware and/or Spyware Terminator to scan for spywares and trojans. If any infection is detected, better and safer is send the file to Quarantine than to simple delete than.
  5. Test your machine with anti-rootkit applications. I suggest avast! antirootkit or Trend Micro RootkitBuster.
  6. Make a HijackThis log to post here or, better, submit the RunScanner log to to on-line analysis.
  7. Immunize your system with SpywareBlaster or Windows Advanced Care.
  8. Check if you have insecure applications with Secunia Software Inspector.

Which is your Standard Shield sensibility?

Files into Chest are safe to be kept there. You can delete after one week or two (if you want).

Step 1 will do it.

You have done the right thing, ‘first do no harm’ don’t delete, send virus to the chest and investigate.

There is no rush to delete anything from the chest, a protected area where it can do no harm. Anything that you send to the chest you should leave there for a few weeks. If after that time you have suffered no adverse effects from moving these to the chest, scan them again (inside the chest) and if they are still detected as viruses, delete them.

It is almost impossible to say where these came from, other than if they are in the system volume information restore points they were removed from windows system folders at some point (for some reason) and system restore saves them as a restore point in case you made an error and wish to restore them at some point.

It may be best if your system is clean to Create a Clean Restore Point - Clear old Restore Points. So you will know your system restore points aren’t going to bite you if you use it in the future.

Now you are clear of infection create a clean System Restore point:

  1. Click Start, All Programs, Accessories, System tools, System Restore.
  2. In the pop-up that appears fill in the radio button to Create a Restore Point
  3. Click NEXT
  4. Enter a useful name that you will remember if you need to find this again (Clean Restore Point)
  5. Click CREATE

You now have a clean restore point, you should clear the old ones:

  1. Click Start, All Programs, Accessories, System tools, Disk Clean Up
  2. Click OK on the C: drive
  3. Click the More Options tab
  4. In the System Restore section click the Clean Up button