General Question

prasad's avatar

Windows System file is moved to virus vault. Help!

Asked by prasad (3859points) August 20th, 2009

I have my computer formatted yesterday and Windows XP (service pack 3) is installed. I have installed “Vista Inspirat” (kinda Vista theme for XP) to get looks of Vista.
Today, I installed AVG 8.5.409 and scanned whole computer. It removed four windows files to virus vault. These files are:
1. C:\WINDOWS\system32\scrnrdr.exe;“Trojan horse Agent.AXNF”;“Moved to Virus Vault”
2. C:\WINDOWS\system32\uodnady.dll;“Virus identified Win32/Cryptor”;“Moved to Virus Vault”
3. C:\WINDOWS\system32\uodnady.dll;“Virus identified Win32/Cryptor”;“Moved to Virus Vault”
4. C:\WINDOWS\system32\winlogon.exe (544);“Virus identified Win32/Cryptor”;“Reboot is required to finish the action”
(I have copied this by exporting scan results overview to a .csv file)
When windows starts, I get an error message saying that “C:\WINDOWS\system32\scrnrdr.exe” file is missing; and this pops up two times. It also said try searching this file. I tried searching it in all computer, with hidden files included in search, but nothing showed up.
There’s no problem so far. Are these files needed? I’m afraid I have to re-format my computer to restore these back, as there’s no option in AVG to restore these files back from the virus vault.

Any suggestions are appreciated.

Observing members: 0 Composing members: 0

17 Answers

sandystrachan's avatar

AVG deletes the file if it thinks its a virus , you might have to revert( system restore) or find away to get the file . Sorry i wasnt any help
Edit : Damn computer started to jump back and forth between questions :S

MrGV's avatar

The AVG detected the Vista Theme as a virus cause it hacked into your system files in order to changed the looks of it.
Pop in the windows CD reboot and when prompt to boot from CD press a key you should have an option of repairing windows. Do it and you should be good.

prasad's avatar

@MrGeneVan Will I then lose some or all looks of Vista theme? Is it once done forever?

dpworkin's avatar

Which is more important to you: a functioning OS, or a good-looking screen shot?

sandystrachan's avatar

Where did you get the vista look from , i have had a few of them for my xp computer and had no problems .

IchtheosaurusRex's avatar

You need to start the system in safe mode and roll back to a restore point. If you don’t have one, you’ll need to restore those files from your OEM setup CD. AVG flagged them as viruses because they probably are. Never download anything that fucks with your system from a 3rd party. FYI, there are a number of Vista-look themes you can download that don’t mess with your system at all.

MrGV's avatar

I use Vista Transformation Pack to have the vista look.

prasad's avatar

Thanks all!

@pdworkin Of course, a functioning operating system is important. I have been using it for years and now like to renew some of the things around. Installing Vista is another alternative, but my parents won’t be comfortable with it. They are now becoming acquainted to XP and moving to Vista would leave them wondering. Also, I’ve heard Vista needs some special/separate software set ups than XP or earlier counterparts. And, “Vista is slower than XP” had also come to my ears.

@sandystrachan I got that set up from a local computer store. He did the formatting and installation of hardwares. Besides, I have downloaded myself a Vista Transformation Pack 9.0.1 (size = 28.6 MB) from internet. I tried out that also. But, I like the one from the vendor (Vista Inspirat 1.1, size = 26.6 MB).

@IchtheosaurusRex I didn’t know it played with system files. How do I know that beforehand? Which Vista themes are there which are safe and don’t play with system or windows?

@MrGeneVan Thanks for the link.

dpworkin's avatar

The whole family should be happy with Win 7.

IchtheosaurusRex's avatar

@prasad , there is a reasonably good tutorial here:

Make sure you read the part about unzipping whatever you get to your C:\WINDOWS\Resources\Themes folder. You should not have to run any kind of installer. A theme for Windows is in a file with a .theme extension, and you can look at it with Notepad or any other text editor. No binaries. If you get anything other than plain text, don’t load it.

I would add that files with a .scr extension should be scanned before you use them. They can contain viruses. The operative phrase there is “scan before you use them.” This is a good idea with anything you download from the Net.

prasad's avatar

Thanks again!

Unfortunately, everything went wrong. I tried both vista themes in hope of they’ll reload/copy the missing system files. But, it didn’t. After, a couple of re-starts, all programs went dead, nothing could be opened. I called back the local vendor. He tried in safe mode and some other things, but couldn’t fix. Finally, he reformatted it. And, this time while loading the vista inspirat, he unchecked the check-box in front of system…while installing vista inspirat.

Now, it’s ok. All other vista lookings are there except for icons, which might be because of that unchecked/un-ticked check-box. I have scanned whole computer with AVG 8.5 and no problem.

One more thing, back in last vista theme, with system files…, I could not open Access 2007; that’s not a big issue for me cuz I don’t use it. And, google chrome couldn’t be installed, I had to uninstall it, install google chrome (back in xp, Access did open again), and re-load vista inspirat.

prasad's avatar

The files moved to AVG virus vault can be restored. I found it accidentally.
Back when I went in menu History->Scan results, there’s no option to restore the files.
However, if you go in History->Virus Vault, two options appear as “Restore” and “Restore As”.

IchtheosaurusRex's avatar

@prasad , I would strongly recommend against restoring the files. If AVG thinks they are infected, they probably are. AVG and other antivirus programs work by detecting the binary signatures of known viruses. These are very specific; note that AVG told you the names of the signatures it detected. There is always a possibility of false positives, but the likelihood of you having 4 of them on a single scan is approximately 0.000000000000000000000001%. Have you tried running a system restore to get back the files as they were originally?

prasad's avatar

@IchtheosaurusRex Ye, got it. I won’t dare to restore viruses which AVG has caught.
Can system restore be simply run? I thought it saves some restore point which I can probably use later when needed.
As I said earlier in the above quip, computer has been reformatted and wholly scanned by AVG and no viruses-no problem.
Thank you for warning me of restoring from AVG virus vault.

IchtheosaurusRex's avatar

XP makes several restore points, depending on how much space you allocate for it. Easiest way to go to it is Start->Help and Support->Undo changes to your computer with System Restore. Follow a couple of steps, and you’ll get to a calendar showing you a number of dates that have restore points. Pick one from before the time you installed the offending files, and it should restore your system to the state it was in on that date. You will not lose data, but you will probably lose some settings. It’s a life saver when something goes really bad.

Response moderated (Writing Standards)
Response moderated (Writing Standards)

Answer this question




to answer.

This question is in the General Section. Responses must be helpful and on-topic.

Your answer will be saved while you login or join.

Have a question? Ask Fluther!

What do you know more about?
Knowledge Networking @ Fluther