ing showing up saying some important files are missing and to put in the Windows XP SP2 disk. But she does not have it. Does it sound like an FP if this thing saying critical files are missing is popping up? She will upload a pic of what it says soon.

She sent me the photo.

http://img.photobucket.com/albums/v210/nami05/thisthing.jpg

I doubt it's an FP if you're missing files. Sounds like a mess. If you can find out what files are missing, you may be able to get them somehow of the internet, but the disk would be best. More details would help. Click the "More Information" button and see what it says.

here is the screen shot that i got after i clicked on "more information" http://img.photobucket.com/albums/v210/nami05/moreinfo.jpg

Which button should i click on since i already clicked on "more information"? Should I click retry button or cancel? And should i restore the files? i dont know what to do. does this mean that i wont gonna be able to get back to my desktop anymore when i restart my computer? because i really dont want that to happen again. And that thing popped up after I clicked to "move to chest" so im guessing it's a false positive?

One thing I noticed in your screenshots is that you are in serious need of the PC Decrapifier (http://www.pcdecrapifier.com/apps). Toshiba is one of the worst offenders when it comes to crapware on their new PCs.

May you list the infected file names please ...

-{ Quote: "May you list the infected file names please ..." }-

If you're responding to me....I was only speaking of all the trialware that slows down your startup and seriously puts the sludge into performance. Your screenshot shows your desktop is loaded with trialware that you can easily get rid of with the program I linked to above.

You're right.. But Sorry, I am asking Sooflymami.

-{ Quote: "May you list the infected file names please ..." }-
Where do i go to in order to find out the infected files? And should I click retry button or cancel on the screen shot thats posted above?

If you don't have the "Windows CD", I think you don't have any choice but "Cancel" .

-{ Quote: "If you don't have the "Windows CD", I think you don't have any choice but "Cancel" ." }-
Oh ok. Can you tell me if it might be false positives or not? Where do I go in order to find out the file names?

I got it..I found out what the infected files are.
C://Windows/I386
C://Windows/I386/OEMBIOS.BI_
C://Windows/system32

Should I restore all those 3 files or what should I do? I'm afraid to shut down my computer today because I'm worried what if it wont let me go to Windows screen when I restart? Someone please help.

Okay, may you Right-Click on status panel (on Number of infected files) and select "Last Scan Results.." from the menu.. please.

-{ Quote: "Okay, may you Right-Click on status panel (on Number of infected files) and select "Last Scan Results.." from the menu.. please." }-
I can't find it..can you send me a screen shot how to do it or tell me where to go to? And today was the last scan so does this mean that these are the ones that were detected today?
http://img.photobucket.com/albums/v210/nami05/viruschest.jpg
That's not an old one that was detected previously? It's from today?

207753

-{ Quote: "I doubt it's an FP if you're missing files. Sounds like a mess. If you can find out what files are missing, you may be able to get them somehow of the internet, but the disk would be best. More details would help. Click the "More Information" button and see what it says." }-

I don't think it is FP..

-{ Quote: "207753" }-
ok heres the screen shot of it
http://img.photobucket.com/albums/v210/nami05/avastresults.jpg

i thought it's a false positive because this happened after i quarantined it. that notice stuff popped up right after that. But what should I do? Am I safe and do you think it should still take me to the windows screen if i shut down my computer?

I think you have a trojan.. I am not sure..

What should she do?

-{ Quote: "If you don't have the "Windows CD", I think you don't have any choice but "Cancel" ." }-
I clicked cancel and asking me "U chose to restore the original versions to the files. This may affect Windows stability. Ru sure u want to keep these unrecognized file versions?" after i click No, it's not letting me exit out from that thing that I posted a screen shot of. What should i do?

http://forum.avast.com/

You guys really should post this on over at the Avast! forums.

-{ Quote: "I clicked cancel and asking me "U chose to restore the original versions to the files. This may affect Windows stability. Ru sure u want to keep these unrecognized file versions?" after i click No, it's not letting me exit out from that thing that I posted a screen shot of. What should i do?" }-
If you click YES does Avast want the Windows CD?

I ask because Avast has an option IF taken advantage of when OS is in a healthy state. This option is right update on the right click menu. Something like VPT or something. If backed up in Avast these system files can be easily restored.

-{ Quote: "If you click YES does Avast want the Windows CD?

I ask because Avast has an option IF taken advantage of when OS is in a healthy state. This option is right update on the right click menu. Something like VPT or something. If backed up in Avast these system files can be easily restored." }-


VRDB generator is what your trying to think of.

It is suggested that you run the VRDB every two weeks or so in order to build a data base of your files so they can be restored if a virus should attack. But there is no 100% that using this method will fix the problem,so like I said,you might wanna ask over at the Avast! forums.

I would definitely ask at the Avast forum.
The VRDB creates and stores copies of only a few system files in the chest. The technology is not that new, so the files selected to be backed up seem to be those that were most likely to be compromised "back in the day..."
(I guess the landscape has changed.)
The ones in my chest are:-{ Quote: "kernel32.dll
winsock.dll
wsock32.dll" }-
These bear no relationship to the files you show as being recently quarantined, which is probably why the "repair" option would not have been available to you.
This may be a FP (or three FP's) but may also be the real deal. I would not be in a hurry to restore them because of the possibility of infection.
Do you have the OEM install or repair disk?
Have you any OS backups? A repair may be possible using the recovery partition if you don't have the disk/s. But you should also prepare for a reinstall.
What were you doing online when this infection was encountered?

PS. in your image posted here, (http://img.photobucket.com/albums/v210/nami05/avastresults.jpg) what you should do is drag the column headers left and right as appropriate, so you can read the entire infection under the "result" header. (That may also give you a clue why some of the files above were marked "unable to scan.")
Post the results, preferably at the Avast forum, but here too, if you want.
If you are fortunate, it won't be the Vitro virus (since the detection starts with "C".)

Before doing that, would it still be safe to restart my computer? do you think it will let me go back on my desktop?

-{ Quote: "Before doing that, would it still be safe to restart my computer? do you think it will let me go back on my desktop?" }-

Do not restart the computer until you know exactly what files are being dealt with here.

You may have a system crash,so before you do anything goto the Avast forums!!!

Agree. Don't restart it.
Was this detection the result of a manual scan or an on-access (out-of-the-blue) detection?
Have you recently updated this computer?

Don't restart you PC while OEMBIOS.BIN is missing..

-{ Quote: "Don't restart you PC while OEMBIOS.BIN is missing.." }-
After I restore that file from the Avast, should i be ok?

-{ Quote: "After I restore that file from the Avast, should i be ok?" }-

Let me tell you this:

If you have files that are not in use and your operating system restarts, you will not be able to post anywhere, anything about the problems you are currently having,period. Your operating system will be possibly corrupted,etc.

So do the right thing,and find out what exactly avast has detected,goto their forums,start researchin this or you'll mess it up to the point of reformating and losing everything.

If you want Az7 to email you, you should pm him/her.
Not too wise to put your email address on a public forum, sooner or later a spambot might find it, then stand by for incoming:o ....

-{ Quote: "Hey it's not letting me reply u back but please email me..*****@hotmail.com I dont have MSN but please email me on there." }-

Okay.

-{ Quote: "Okay." }-
I just emailed you..did you receive it? And I just restored 1 infected OEMBIOS.BIN file. But I dont know how to upload it on virustotal.com because i dont know how to find that file so i can upload it. what should i do?

-{ Quote: "Let me tell you this:

If you have files that are not in use and your operating system restarts, you will not be able to post anywhere, anything about the problems you are currently having,period. Your operating system will be possibly corrupted,etc.

So do the right thing,and find out what exactly avast has detected,goto their forums,start researchin this or you'll mess it up to the point of reformating and losing everything." }-
I tried posting it on Avast fourm but nobody has responded back to my posts. Is there any other way to find out?

-{ Quote: "I tried posting it on Avast fourm but nobody has responded back to my posts. Is there any other way to find out?" }-

Their pretty good about replying back on their forums,give them some time.

It's 4 in the morning in the UK, slightly later than that in Europe, and whatever the time is where you are in the US.
'Course it's a reasonable time where I am, but you don't seem interested in my advice.
You should at least move the column headers so that when folk do respond, they know what they are dealing with.
Screenshots can be attached to the forum post by clicking on "additional options, attachments" on the forum page.

i restored the files..clicked restore and then clicked close only. but when i go to the chest, all the 3 files are still there. but it told me it was completed. am i okay? is it restored?

-{ Quote: "i restored the files..clicked restore and then clicked close only. but when i go to the chest, all the 3 files are still there. but it told me it was completed. am i okay? is it restored?" }-

Yes it is.

-{ Quote: "ing showing up saying some important files are missing and to put in the Windows XP SP2 disk. But she does not have it. Does it sound like an FP if this thing saying critical files are missing is popping up? She will upload a pic of what it says soon." }-
It,s windows asking for windows CD to repair some critical system files that are infected( and possible deleted by virus or avast).

Either put windows CD or there is another way, I don,t remember now. U have to put some command in Run menue and it wil do same job via i386 folder if it,s there on ur PC. Anyone?

http://forums.techguy.org/windows-nt-2000-xp/494003-sfc-scannow-asks-service-pack.html

http://support.microsoft.com/kb/904677

-{ Quote: "If you don't have the "Windows CD", I think you don't have any choice but "Cancel" ." }-

Yes, but you could try a Windows installation CD disk of someone else, since it is a NTFS file repair

Regards Kees

-{ Quote: "Yes, but you could try a Windows installation CD disk of someone else, since it is a NTFS file repair

Regards Kees" }-

Sure!, but as you can see, the original files are stored in the Avast! chest. so Windows File Protection (WFP) asking for files (already in the chest) and by one mouse click you can bring them back to the system, the Windows CD is not important in this case.

-{ Quote: "Sure!, but as you can see, the original files are stored in the Avast! chest. so Windows File Protection (WFP) asking for files (already in the chest) and by one mouse click you can bring them back to the system, the Windows CD is not important in this case." }-

Understand, but I thought these were infected files