IEHelp.dll

This morning for tha first time Avast! saw IEHelp.dll in the folder C:\Programmi\TEXTware\QUICKfind\PlugIns\ as a Sign of “Win32:Adware-gen. [Adw]”. I let it move to the \DATA\moved folder.
Then, after a little search, I’ve found that IEHelp.dll is related to the Cambridge Learners Dictionary, which I have installed, and it’s safe.
So I’ve put back that file in its folder, but I’m wondering how can I make Avast! to see it as safe and not start the siren again and again… :wink:
Is there a way?

Thank you,
Maria

You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner I feel virustotal is the better option as it uses the windows version of avast (more packers supported) and there are currently 32 different scanners.
Or Jotti - Multi engine on-line virus scanner if any other scanners here detect them it is less likely to be a false positive. Whichever scanner you use, you can’t do this with the file in the chest, you will need to move it out.

If it is indeed a false positive, add it to the exclusions lists (Standard Shield, Customize, Advanced, Add and Program Settings, Exclusions) and Restore it to its original location, periodically check it (scan it in the chest), there should still be a copy in the chest even though you restored it to the original location. When it is no longer detected then you can also remove it from the Standard Shield and Program Settings, exclusions.

Also see False Positives, how to report it to avast! and what to do to exclude them until the problem is corrected.

Thank you so much for your help.

I’ve scanned it with VirusTotal and the result page is this:
http://www.virustotal.com/vt/en/resultadox?94f98966cd8194f1f36db39c7632c9ec

I’m not very sure anymore about what to do.
Anyway, for now I’ve put it in the exclusion list, then I’ll see how it goes…

And I’ll send it also via email to Avast! following the instructions.

Thanks again!

With 12 detections including avast I’m not so sure it is a bad detection, and is adware (BHO Browser Helper Object) as indicated by the others.

avast has just recently add a Big VPS update over 300KB which is likely to be when this was detected.

There are other hits for iehelp.dll that feel it is adware/spyware http://www.castlecops.com/tk23489-Tencent_Browser_Helper.html.

So you have to gage, 1. its location and 2. confirm it is a file associated with “the Cambridge Learners Dictionary, which you have installed” 3. if so it shouldn’t be a problem and you can obviously exclude it. I don’t know if this is a common file that is being used as a tools by other applications for harm (in the case of the above link) as well as good.

Now it’s in the chest because the resident scan kept on signalling it.
I’m waiting for an answer from virus@avast.com, then I’ll do what they suggest.

Thank you for your help!

Your welcome.

There isn’t an automated answer from them, I mean, an automated email reply. They just contact if needed.
The most of the times, the answer is a virus database update correcting the false positive detection.

Hi DavidR and Tech,

I’m glad to announce that with the new virus database update that IEHelp.dll is not seen as virus anymore!
:slight_smile:

Ciao,
Maria

Glad that the problem is now resolved, thanks for the feedback.

Thanks Maria.