Ran avast and it found some files with these associated explanations. Are these really virus?? Thanks for your help.
Welcome to the forums.
Actually I can’t really tell from what you have there. I’m assuming that they are password protected files and avast can’t open them.
What does it say when you run a scan?
Is there any other information that you could provide such as log files or screenshots of what you are seing?
Thanks for your response. Here is a list of what it says:
A0000235.SYS C:/ System Volume Information restore_{CF8E667D-CB57-47BB-9730-22c52981C2013}\RP17 Win32:Proected B [Rtk]
A0000247.SYS C:/ System Volume Information restore_{CF8E667D-CB57-47BB-9730-22c52981C2013}\RP18 Win32:Proected B [Rtk]
A0000256.SYS C:/ System Volume Information restore_{CF8E667D-CB57-47BB-9730-22c52981C2013}\RP19 Win32:Proected B [Rtk]
A0000268.SYS C:/ System Volume Information restore_{CF8E667D-CB57-47BB-9730-22c52981C2013}\RP20 Win32:Proected B [Rtk]
A0000286.SYS C:/ System Volume Information restore_{CF8E667D-CB57-47BB-9730-22c52981C2013}\RP21 Win32:Proected B [Rtk]
A0000295.SYS C:/ System Volume Information restore_{CF8E667D-CB57-47BB-9730-22c52981C2013}\RP22 Win32:Proected B [Rtk]
A0000310.SYS C:/ System Volume Information restore_{CF8E667D-CB57-47BB-9730-22c52981C2013}\RP23 Win32:Proected B [Rtk]
A0000370.SYS C:/ System Volume Information restore_{CF8E667D-CB57-47BB-9730-22c52981C2013}\RP24 Win32:Proected B [Rtk]
A0000382.SYS C:/ System Volume Information restore_{CF8E667D-CB57-47BB-9730-22c52981C2013}\RP25 Win32:Proected B [Rtk]
A0000407.SYS C:/ System Volume Information restore_{CF8E667D-CB57-47BB-9730-22c52981C2013}\RP26 Win32:Proected B [Rtk]
A0000788.SYS C:/ System Volume Information restore_{CF8E667D-CB57-47BB-9730-22c52981C2013}\RP27 Win32:Proected B [Rtk]
A0000801.SYS C:/ System Volume Information restore_{CF8E667D-CB57-47BB-9730-22c52981C2013}\RP28 Win32:Proected B [Rtk]
A0000821.SYS C:/ System Volume Information restore_{CF8E667D-CB57-47BB-9730-22c52981C2013}\RP29 Win32:Proected B [Rtk]
A0000830.EXE C:/ System Volume Information restore_{CF8E667D-CB57-47BB-9730-22c52981C2013}\RP30 Win:32 Small-MRS [Drp]
Ati5fixx.sys C:\WINDOWS\SYSTEM32\DRIVERS Win32:Protected B [Rtk]
kernel32.dll C:\WINDOWS\SYSTEM32 NO VIRUS DETECTED
rs32net.exe C:\WINDOWS\SYSTEM32 win32:Small-MRS[Drp]
Winsosck.dll C:\WINDOWS\SYSTEM32 NO VIRUS DETECTED
WVP79123599783215.cpx C:\WINDOWS\SYSTEM32 win32 Wali [Cryp]
May I ask what you are using to create this log file? Is it from Avast, or HJT, or what?
I googled ati5fixx.sys and I can’t find anything about it. I’d suggest that it may be a suspicious file. If you can, upload it to http://virustotal.com and paste the analysis.
As for the rs32net.exe file, that’s a suspicious file, and hopefully you can send it to the virus chest.
All of the system volume restore files may be infected with a virus, so you may have to disable system restore until you remove all traces of malware/viruses, then turn it back on when your computer is clean.