I have 3 trojans that as suggested I have “moved to chest”. Is anything further needed? Can I just delete them?

Malware is stored in an inactive form in the chest. (Quarantine is a term other progs often use.)

There is no need to delete them. In fact, you should leave them there just in case avast! has identified a legitimate file as malware. This happens from time to time with all anti-malware programs, which is why most send detected malware into quarantine, so that you can restore the file if it is in fact something you need.

You can always clear out the chest after a couple of weeks when you’re sure the identification is not a false positive.

What was the virus name, what was the file name, where was it found example (C:\windows\system32\infected-file-name.xxx) ?

With this information we could have some idea as to it was a correct detection and if you might need to take any other action. Check the avast! Log Viewer, right click the avast icon, select Start avast! Log Viewer, Warning section.

The trojans are Win32- Larger-Q (trj)
Win32-Rootkit-C (trj)
Win32-Tibs-an (trj)
Win32-Downloader
Win 32-CTX
Win 32-downlloader was discovered by Ad-Aware

The file name and location are more helpful to us when trying to check on them, using google, etc. where you can get an idea when a particular file name and location is associated with a virus/malware. We can’t do anything with just a virus name.

The “warning” area does not show the file name. I did write down two of them. They are:C\Windows\system32\hmezxqvu.exe and Windows\system32\vfkxmeyj.exe

Well both of those would appear to be randomly named files, this is backed up by the fact that there are no hits on a google search for them. So the detections would appear to be correct.

The description column should show the path including the file name, you might need to expand the column width, see image.

If you haven’t already got this software (freeware), download, install, update and run it, preferably in safe mode. Ewido Security Suite

Also worth downloading:

1. Ad-Aware
2. Spybot Search and Destroy
3. Spywareblaster Don’t install this until you are clean.

This seems to be beyond my capabilities. I couldn’t figure out how to use the program.I will just follow the original advice , wait two weeks and then delete the trojans.

Hover the mouse pointer, between the column headings until you see the pointer change (see image) and either double click which should show the complete text or left click and hold it depressed and drag to the right.

As I said, I don’t know how to do this. I clicked on the attachment which opened Windows Picture &O fax viewer. All it does is show a fuzzy image of a file. I am using firefox as my browser. I don’t know if it makes any difference. Letsl forget it.

I finally figured out what you were talking about. Here is the info:
Win 32 Larger-Q Windows 32 taskdir.dll file
Win 32 Rootkit Windows 32 jthhwfzy.pkv file
Win 32 Tibs-an trj Windows 32 hnezxqvu.exe
Win 32 Ctx- Windows 32 activescan/set48.tmp

The taskdir.dll looks like a good detection also (see below), the next two we have covered and the activescan\set48.tmp could well be a detection of Panda’s unencrypted signature files, but that one isn’t one of the usual signature files. Have you used Panda’s on-line scanner ?
http://www.avast.com/eng/virus_detection_and.html#idt_1554

taskdir.dll - check out this link - http://fileinfo.prevx.com/fileinfo.asp?PXC=501014072277-TASK11505192

I’m not sure if I used Panda on line scanner. I tried several but some aborted before it finished. I will be getting high speed service in a couple of days, so will try to remove taskdir.dll then. When you say “we have next two covered” does that mean I should delete them or just leave them alone? Let me know what further action, if any , I should take.

If there is a sub folder called activescan in the windows\system32\ folder then delete it, this is for panda’s on-line scanner. It annoys me why they place this junk in the system folders as trying to get rid of it can be a pain, not to mention their unencrypted virus signatures. There are plent of on-line scanners not to have to use panda. On-line Virus Scanners and other useful Links Security-Ops.eu.tt

When you say "we have next two covered" does that mean I should delete them or just leave them alone? Let me know what further action, if any , I should take.

Those two we already determined were correctly detected, not to mention I thought they were already in the chest ("I have 3 trojans that as suggested I have "moved to chest"") where they can do no harm ?

As you can tell I am not very computer literate. I did a search for files & folders on drive C for: Windows/system32. but nothing came up. I will continue to leave the others in the “chest”