needed file put in quarantine but lost during uninstallation

Hello there,

I accidentally uninstalled Avast 7 (Free) and I lost the file in the quarantine:

oem_uninst.exe

MD5: 08dcb405944419a035c27fd07a515fe6
SHA1: bacb066c772df1297cff72af267cd61f18d5e7dc
215475 byte

I need this file to exchange my recently bought computer: I bought it with this trojan in C:\Windows, and I don’t trust the machine is safe anymore. I called the vendor one evening, and the next morning, the scan logs (in/with Comodo Firewall) were gone!

Is there a way to get it back, on my machine (file retriever), or from Avast, since I sent it to them (Ticket ID: OGA-782131)? I know this is a special request, but I have only good intentions.

(I was expecting a dialog about files & settings during uninstalltion…)

Thank you,

mattbel78

Files in the chest are removed/deleted when you uninstall avast.

That means they aren’t sent to the recycle bin, their gone. Under normal circumstances you might be able to recover deleted files using a file recovery application like undelete or other app.

Your problem is complicated in that the file was in the chest, here the file name is changed and the contents of the chest are encrypted, this would make recovery almost impossible. Even if you managed it the encryption is the next serious issue, making the task even less likely to succeed.

The only other possibility would be to try a system restore going back before the uninstall. The problem here is the system restore isn’t a backup utility and may not be able to fully restore avast including the chest and its content. If it did manage to do that then it may be possible to extract the file from within the chest.

what do you need this file for?

https://www.virustotal.com/file/66a7c7ead67e8395a9064a554c58080809e0437e9c84b93805fa72212590e194/analysis/

First seen by VirusTotal
2008-09-08 00:58:53 UTC ( 4 år, 3 måneder ago )

Thank you. I was expecting news in my email.

System restore was the first thing I tried, with no success. Avast is good, but it really should have asked me what I wanted to keep during uninstallation…

My last option I guess: I had sent the file to an Avast technician (Miroslav Jenšík, Ticket ID: OGA-782131). Is there no way to get it back from him, or someone?


One last question: how would I know if this file had created some problem somewhere else on the machine, perhaps in the bios?

Thx.

I honestly don’t know an easy way to guess what this file might do as there is insufficient information. Even the virustotal result don’t give much of a clue as most of the malware names are generic.

So short of doing a full analysis with other tools there is no way to say what it might be able to do. But BOIS settings are not a regular target, MBR (Master Boot Record) is more common but then you also get into the areas that avast is monitoring (rootkits, etc.).

So, if I’m getting you right, Avast would be able to see rootkits in the boot sector, or Master Boot Record.

I know this is getting a bit off track, but is there a simple way to check that the BIOS hasn’t been affected? Just to make sure…

TY

https://www.google.no/search?q=how+to+check+bios+for+malware&ie=UTF-8&oe=UTF-8&hl=nb&client=safari