Virus Total scans (3)
Each of the scans above are files within the WinRAR folder that will open when right-clicking a shortcut on the desktop, Online Armor would alert and ask for permission for that file to connect to the internet. I did not click “remember my answer”, and so the file was allowed to temporarily connect. It is important to note the last two processes (and that is what they are) are childs of the first Rarext.dll, which is the parent process. The former calls the latter, each in succession, and no alert is seen from Avast! Installation point of WinRAR is on a backup drive, not the main os drive.
I had some difficulty in uninstalling WinRAR, as the parent process, Rarext.dll, is always running, and got an access denied error when trying to delete the folder directly. I found an uninstaller file within that folder, ran that, and got the original file and a new one, Rarext.dll.0.tmp. A restart took care of the .dll.tmp flile, leaving only the original installation file. As this file was originally downloaded in 2008, it was out of date, and was not one I downloaded either.
Can anyone explain why Avast! did not alert on this somewhat suspicious behavior, especially as the WinRAR program was installed on a separate backup drive, and should not have had the ability to run a process automatically when calling up shortcut options when right-clicking a shortcut link on drive C:/?
There has been a definite improvement in os responsiveness since Online Armor alerted to this behavior, and COMODO Firewall Free was uninstalled. and I then removed WinRAR.