move to the chest and delete

Hello, Tech,

I still have a qustion why we should move the virus in the chest first before deleting it when there’s a virus detected, although I find one answer here-http://discussions.virtualdr.com/showthread.php?t=231675

I was wondering if you could account it for me in the more detailed way. The answer I found tells me that moving it to the chest would be the choice if there’s any possibility that it’s a false positive. But I sill do not get it, if it is fasle positive, then I delete it, is there something wrong with it? What is gonna happen?

Thanks for your help.

;D

False positive is a CLEAN file that is missdetected as being infected.
You’re deleting a CLEAN file if you do not send it to Chest.
Chest allow further investigation, restore, scan again, etc. There is no rush to delete a file sent to Chest. Chest (quarantine) is the wiser decision.

It is simply best practice to send to the chest - Deletion isn’t really a good first option (you have none left), ‘first do no harm’ don’t delete, send virus to the chest and investigate.

There is no rush to delete anything from the chest, a protected area where it can do no harm. Anything that you send to the chest you should leave there for a few weeks. If after that time you have suffered no adverse effects from moving these to the chest, scan them again (inside the chest) and if they are still detected as viruses, delete them.

Hey- if it’s a FP and it might just be a file you NEED
and you DELETE it…
OOPS

Hello, DavidR,

Thank you, your reply is pretty clear to me.

Then I have a another question. In the chest, there’s “Infected files”, and “User files”, “System files”, and then I find three files in the “System files”, which are “kernel32.dll”, “winsock.dll”, “wsock32.dll”, what are they? I mean, these three files also belong to “Infected files”, I should delete them after all ?

Thanks for your help.

;D

They are backup copies of important system files (used by avast) should the original file become infected, leave them alone.

The Infected Files section is self explanatory.

The User Files section allows a user to import suspect files (where they can do no harm) that avast doesn’t detect. From here they can be sent for analysis.

Thank you, DavidR. :slight_smile:

You’re welcome.