It’s been a long time since I needed help with avast, but lately I’ve had some issues, which I need help with. I found 5 system files in the chest. There are 2 “kernel32.dlls”, 2 “winsock.dlls”, and 1 “wsock32.dll”. I scanned them inside the chest and there were no infections found, so I tried to restore them. Both “kernell32.dlls” failed to restore. Both “winsock.dlls” restored successfully. The “wsock32.dll” also did not restore. ---- How do I go about replacing those files if they cannot be restored?
Also a system restore file was listed in the log as infected and I wanted to delete it, but I could not find the file even after checking all my file view settings. Looking for that file revealed that something had gone wrong with my registry and no matter how I set the radio buttons, hidden files would not display. I found a registry repair article and performed it and restored the hidden files view, but there are no visible system restore files in the C:\ folder. I did a file search which revealed the file was indeed there, and I deleted it from within the search window, but the machine did not appreciate this and warned me about something, and balked at deleting the file. At least I think it deleted it. I seem to remember that those files cannot be displayed without a special registry change. ---- If I find and perform that registry change and get them to display, will I be able to delete any infected system restore file? ---- Is there a better way?
These are in the System Files section of the chest and are back-up copies of important system files in case the originals become infected. Only avast can use them, if you try to restore them windows will block you because the originals are running.
Leave them as they are.
The only files that are of concern to you are in the ‘Infected Files’ section.
There is no rush to delete anything from the chest, a protected area where it can do no harm. Anything that you send to the chest you should leave there for a few weeks. If after that time you have suffered no adverse effects from moving these to the chest, scan them again (inside the chest) and if they are still detected as viruses, delete them.
What were the full details of the system restore file ?
This I knew, but if avast finds only one restore point infected, I only wish to delete that restore point. This will ensure I have someplace to start over should something go wrong during all this.
avast should be able to ‘move’ just the infected restore point to the chest and not all restore points.
Something you want to get in the habit, you don’t want to select delete, it is a final option with no fall back, ‘first do no harm’ move the virus to the chest and investigate.
If for any reason avast can’t move it to the chest whilst windows is running (very occasionally) then if you have XP, vista32bit or Win2k, you could enable a boot time scan. Right click the avast icon, select Start avast! Antivirus, Menu, ‘Schedule boot-time scan…’ Or see http://www.digitalred.com/avast-boot-time.php.
Edited: Sorry, this is only available on Vista. I’ve forgotten it…
I’ve looked better on XP and there is said except the latest one. Maybe because I have XP Pro and not Home… :
Don’t forget I said if avast finds an infected restore point it can move or delete only that restore point.
So there is no need to delete all or clean-up and leave only the most recently created one.
If you want to do this then try this - Create Clean Restore Point - Clear old Restore Points.
Create a clean System Restore point:
Click Start, All Programs, Accessories, System tools, System Restore.
In the pop-up that appears fill in the radio button to Create a Restore Point
Click NEXT
Enter a useful name that you will remember if you need to find this again (Clean Restore Point)
Click CREATE
You now have a clean restore point, you should clear the old ones:
Click Start, All Programs, Accessories, System tools, Disk Clean Up
Click OK on the C: drive
Click the More Options tab
In the System Restore section click the Clean Up button
[quote author=DavidR link=topic=32043.msg267987#msg267987 date=1197840888]
Don’t forget I said if avast finds an infected restore point it can move or delete only that restore point.
