avast says virus win5678.dll

Daughter was on her computer today and several things not related to avast popped up saying her computer was infected click here to fix … she did not click but had a heck of a time “X” out of a bunch of small boxes. So I had her run a scan on the C: drive, she had downloaded the Avast free home edition when she got her new computer a few months ago.

Avast says virus in C: windows/system32/win5678.dll
win32 malware-gen vps 091117-1

it finished scanning and only showed the 1 infection

I did a google search for win5678.dll but couldn’t find any help.
I had her send it to the chest because I didn’t know what else to have her do. Is there anything else we have to do?

Hi, mom2three, welcome to the forum.
That is the correct course of action. It can do no harm from the chest, where it can be left indefinitely.

I’d look for a second opinion concerning the file. A quick investigation (using Google) offers only the one hit, which is itself suspicious, in that most legitimate files will return many hits from a google search.

The order of the steps I’d take involve making sure the computer is secure, first, and investigating what it is and is it indeed dangerous second.

First part of a second opinion would be to install a good demand scanner. Download MBAM from here, install it, update it, and have it run a quick scan.
Following the scan, select everything found and click on “remove selected”. (This will quarantine any items of malware found.) If MBAM prompts for a reboot to remove some items, do so promptly.
Please post the scan report. (As a .txt file, see “additional options” to the left of this forums’ reply window, and upload it.)

Create a new folder on the C:\ drive titled “suspicious”. (no quotes.)
Left-click on the system tray icon for Avast, and click “standard shield”, then “customize”, then “advanced”. In the lower part of the pane, add “C:\Suspicious” to the list of exclusions.
Open the Avast chest. Right click the file just quarantined, and select “Extract” and select “C:\Suspicious”.
Open a browser tab up to www.virustotal.com and upload the file from the newly created folder to it. Allow it to scan the file, and when it is complete, please post the URL of the scan result here.

Sounds complex, especially if it’s the first time you’ve done anything like this.If you have any questions please fire away.
What comes later will involve a determination of what this file actually is, and is it a threat or a false detection, the sending of the file to Avast, and maybe a few other things if more cleaning is required.

Thanks Tarq57 … Thanks for letting me know it is fine for me to go to bed … since it’s in chest ;). I printed up your instructions and will work on it tommorrow at daughters house when I am less stressed and tired.