virus chest ?

[roadhawk1]

The following files were detected by avast , and I had them sent to the Virus Chest. I'm not sure to delete them permentely , and would cause a more serious problem. I've been getting Yellow Alert messages on it. Also my pc been slow , and receving Spyware Guard messages(but disable it on task manager.) Also svchost.exe has been eating up 99 % cpu usage.

A0010310.exe    ~(was detected as Win 32:Rootkit)
A0012298.dll ~
A0013298.dll~
A0013306.dll~
A0013308.exe (this was detected as Win32Fasec)
iefka.exe(Win 32 Fasec)
iehelper.dll(Win32 ROOTkit)

Okay now, can someone please help me on this ASAP. That would be great.

[micky77]

You definitely have some rogue programs on your pc, download,install, UPDATE, these 2 programs, and post the log/scan results

http://filehippo.com/download_malwarebytes_anti_malware/
http://filehippo.com/download_superantispyware/

[roadhawk1]

micky. What should I do with the files on the virus chest. Leave them there or deleate them.

[micky77]

Definitely leave them there

[DavidR]

micky. What should I do with the files on the virus chest. Leave them there or deleate them.

There is no rush to delete anything from the chest, a protected area where it can do no harm. Anything that you send to the chest you should leave there for a few weeks. If after that time you have suffered no adverse effects from moving these to the chest, scan them again (inside the chest) and if they are still detected as viruses, delete them.

[frusa1]

I clicked on a website in a search results list and immediately got a pop up and voice from avast of a trojan.  I cannot remember what all was stated on the pop up.  I did what it said to do, it brought up another avast pop up and suggested to send the trojan to the chest.  I did and immediately an ie error page appeared, lost connection, bad address........  I saw this forum, so did the trojan go to the chest and where is the chest file that it can be checked in a few weeks as suggested by these postings.

[Lisandro]

Seems that besides the WebShield block, something passed through... besides what you've sent to Chest, something get messed.
I suggest:

1. Clean your temporary files.
2. Schedule a boot time scanning with avast with archive scanning turned on. If avast does not detect it, you can try DrWeb CureIT! instead.
3. Use SUPERantispyware, MBAM or Spyware Terminator to scan for spywares and trojans. If any infection is detected, better and safer is send the file to Quarantine than to simple delete them.
4. Test your machine with anti-rootkit applications. I suggest avast! antirootkit or Trend Micro RootkitBuster.
5. Make a HijackThis log to post here or this analysis site. Or even submit the RunScanner log to to on-line analysis.
6. Disable System Restore and then reenable it again.
7. Immunize your system with SpywareBlaster.
8. Check if you have insecure applications with Secunia Software Inspector.

[roadhawk1]

So far my pc is "stable" , right now. If I do scan again, and those same files come up as virus/rootkits then they are legit threats right.

[Lisandro]

So far my pc is "stable" , right now. If I do scan again, and those same files come up as virus/rootkits then they are legit threats right.

No. There is no sure they're legit and false positive detected.
Please, post the file name and path or, better, submit them to www.virustotal.com and post back the link of the results table.

[roadhawk1]

So far my pc is "stable" , right now. If I do scan again, and those same files come up as virus/rootkits then they are legit threats right.

No. There is no sure they're legit and false positive detected.
Please, post the file name and path or, better, submit them to www.virustotal.com and post back the link of the results table.

Tech. I tried to type the location where the files are at on the virus total but it kept saying  there on the site "0 bytes sent".

[roadhawk1]

A0010310.exe    ~(was detected as Win 32:Rootkit)
A0012298.dll ~
A0013298.dll~
A0013306.dll~
A0013308.exe (this was detected as Win32Fasec)
iefka.exe(Win 32 Fasec)
iehelper.dll(Win32 ROOTkit)

okay should I continue to chest them or what.  Btw, I havent downloaded all of this item is that because the cpu keeps spiking high.

[Lisandro]

Tech. I tried to type the location where the files are at on the virus total but it kept saying  there on the site "0 bytes sent".

Copy them to another folder (like C:\Suspect) and add this folder (C:\Suspect) to avast exclusion lists.
Otherwise, file is block to be sent.

[frusa1]

Seems that besides the WebShield block, something passed through... besides what you've sent to Chest, something get messed.
I suggest:

1. Clean your temporary files.
2. Schedule a boot time scanning with avast with archive scanning turned on. If avast does not detect it, you can try DrWeb CureIT! instead.
3. Use SUPERantispyware, MBAM or Spyware Terminator to scan for spywares and trojans. If any infection is detected, better and safer is send the file to Quarantine than to simple delete them.
4. Test your machine with anti-rootkit applications. I suggest avast! antirootkit or Trend Micro RootkitBuster.
5. Make a HijackThis log to post here or this analysis site. Or even submit the RunScanner log to to on-line analysis.
6. Disable System Restore and then reenable it again.
7. Immunize your system with SpywareBlaster.
8. Check if you have insecure applications with Secunia Software Inspector.

[frusa1]

Tech:I have run the microsoft scan, no infections found.  The avast scan found no infection but could not scan C:\\windows\softwaredistribution\download\..........mpsigstub.exe.  DrWeb curit express scan and complete scan found no viruses.  Superantispyware listed only the cookies.  At this point can I assume I am ok or should I continue with your other steps.  Thanks.

[Lisandro]

Seems you're clean, the other steps will just update your computer. They won't harm