The following files were detected by avast , and I had them sent to the Virus Chest. I’m not sure to delete them permentely , and would cause a more serious problem. I’ve been getting Yellow Alert messages on it. Also my pc been slow , and receving Spyware Guard messages(but disable it on task manager.) Also svchost.exe has been eating up 99 % cpu usage.
A0010310.exe ~(was detected as Win 32:Rootkit)
A0012298.dll ~
A0013298.dll~
A0013306.dll~
A0013308.exe (this was detected as Win32Fasec)
iefka.exe(Win 32 Fasec)
iehelper.dll(Win32 ROOTkit)
Okay now, can someone please help me on this ASAP. That would be great.
There is no rush to delete anything from the chest, a protected area where it can do no harm. Anything that you send to the chest you should leave there for a few weeks. If after that time you have suffered no adverse effects from moving these to the chest, scan them again (inside the chest) and if they are still detected as viruses, delete them.
I clicked on a website in a search results list and immediately got a pop up and voice from avast of a trojan. I cannot remember what all was stated on the pop up. I did what it said to do, it brought up another avast pop up and suggested to send the trojan to the chest. I did and immediately an ie error page appeared, lost connection, bad address… I saw this forum, so did the trojan go to the chest and where is the chest file that it can be checked in a few weeks as suggested by these postings.
Seems that besides the WebShield block, something passed through… besides what you’ve sent to Chest, something get messed.
I suggest:
Clean your temporary files.
Schedule a boot time scanning with avast with archive scanning turned on. If avast does not detect it, you can try DrWeb CureIT! instead.
Use SUPERantispyware, MBAM or Spyware Terminator to scan for spywares and trojans. If any infection is detected, better and safer is send the file to Quarantine than to simple delete them.
No. There is no sure they’re legit and false positive detected.
Please, post the file name and path or, better, submit them to www.virustotal.com and post back the link of the results table.
Tech:I have run the microsoft scan, no infections found. The avast scan found no infection but could not scan C:\windows\softwaredistribution\download.…mpsigstub.exe. DrWeb curit express scan and complete scan found no viruses. Superantispyware listed only the cookies. At this point can I assume I am ok or should I continue with your other steps. Thanks.
Tech: I appreciate your help. Since I am new to this another question is what was the microsoft firewall doing when I accessed the bad site. The firewall is active on my machine. Also, I notice the microsoft, avast and cureit scans took about 90 mins. to run, the superantispyware only took about 30 mins. Is this ok. Thanks.
Probably nothing, I don’t know which windows firewall you have XP (has zero outbound protection) or Vista (has outbound protection, but is disabled by default).
Any request that comes from your computer will allow the corresponding inbound traffic unmolested. So if you had a downloader on your system it would have unfettered access to the internet to download what it liked. Just as when you want to download a program it flies through your firewall because the request came from your system.