Help!!! Infected by virus

Tuesday, August 26, 2008 by swapna alice | Discussion: WinCustomize Talk

I do trading from my pc. A few days earlier I had downloaded and installed a trading software called TradeAnywhere.
Today when I scanned my system for viruses in boot time mode using Avast antivirus, it said a file in system folder is infected by a virus. I chose to delete. This is the report part:

08/26/2008 19:01
Scan of all local drives

File C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\N3QV0XUW\partner[1].exe is infected by Win32:Rootkit-gen [Rtk], Deleted

Scanning aborted
Number of searched folders: 2132
Number of tested files: 63683
Number of infected files: 1

Was it a system file?
Thanx


13 Reply 8 Referrals
M-203
Reply #1 Tuesday, August 26, 2008 10:51 AM
Don't think so, it looks like something a website loaded into your Internet Explorer's filecache.
As long as you didn't/don't run that file, and your Anti-Virus got rid of it, you should be ok

Philly0381
Reply #2 Tuesday, August 26, 2008 10:54 AM
swapna alice unfortunately AV programs do come up with false postivies. I'm not saying this is the case here.

You may need do a little research. First you might go to Avast and try to verify that there is a known problem with the software you downloaded. Second go to the home page of the maker of the software and get them to verify whether there is a problem. Then you can search the web and see if there is a know problem that may have been identified and posted.

Was this freeware, shareware, free version of a paid program or a paid for program?   

Island Dog
Reply #3 Tuesday, August 26, 2008 10:59 AM

Try this.

http://housecall.trendmicro.com/


warreni
Reply #4 Tuesday, August 26, 2008 11:01 AM
File C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\N3QV0XUW\partner[1].exe is infected by Win32:Rootkit-gen [Rtk], Deleted


While I'm not certain what this file is or does, you can be certain that it's not a system file. Anything located in the Temporary Internet Files\Content.IE5\ directory is something that was downloaded by the user or a website the user visited. It may be an application installer, but with a name like that, it could be virtually anything.

angus1949
Reply #5 Tuesday, August 26, 2008 11:51 AM
You might want to try discussing at this link.

http://forum.avast.com/index.php?topic=34661.0;prev_next=next#new

swapna alice
Reply #6 Tuesday, August 26, 2008 11:57 AM
Its a freeware recommended by a reputed company.
The only reason i fear is its main directory c:\windows
though I have backup of all my data yet i wished to be certain it wasnt a system file.
Thanks

swapna alice
Reply #7 Tuesday, August 26, 2008 12:37 PM
Was it a system file?
Avast deleted it.
Will it deletion cause any instability?

TYCUS
Reply #8 Tuesday, August 26, 2008 12:50 PM
swapna: try to get CCleaner, it will help you to get ride of any "Temporary Internet File", this files aren't part of the main system, they are more like part of your IE history aka cookies'; also, CCleaner can help you fix any registry issues (NOTE: CCleaner may show any problem when you do a Registry scan, if it show more than ten, dont panic! take the time and Google them, each one to see what it is ).

swapna alice
Reply #9 Tuesday, August 26, 2008 12:51 PM
Anyone plz

Philly0381
Reply #10 Tuesday, August 26, 2008 12:55 PM
Was it a system file?


I think reply #4 answers that.

Will it deletion cause any instability?


Nope.

Have you tried to research the problem yet? The program very well be okay.   

starkers
Reply #11 Tuesday, August 26, 2008 9:01 PM
Was it a system file?
Avast deleted it.
Will it deletion cause any instability?


You should be just fine.... often nasties will give the appearance of being a system file to blend in/hide themselves but are they NOT system files and can be safely deleted.

According to the Avast report, the 'offending' file was in your temporary internet cache so you should not experience any system instability due to its deletion. You may find, however, that it may have been an ActiveX type component to assist the downloaded program, in which case it should tell you, but if it works OK without it don't worry about it.

PS, if the program says the file is required, do a check on its properties/abilities, etc , to be on the safe side before reinstalling.

swapna alice
Reply #12 Tuesday, August 26, 2008 10:22 PM
I should trust Avast. I will see in next days what happens. Hopefully nothing. Thanx all.

pjamme
Reply #13 Thursday, August 28, 2008 1:33 PM
Was it a system file?


Anytime you are concerned you have deleted a system file, it can easily be replaced by typing
SFC /Scannow as a Run command it will require your Windows CD unless you have a Utility Partition of Windows.
also helpful if your computer starts acting weird for any reason. It simply makes sure all your Windows Protected foles are intact and replaces your DLL cache.

Please login to comment and/or vote for this skin.

Welcome Guest! Please take the time to register with us.
There are many great features available to you once you register, including:

  • Richer content, access to many features that are disabled for guests like commenting on the forums and downloading skins.
  • Access to a great community, with a massive database of many, many areas of interest.
  • Access to contests & subscription offers like exclusive emails.
  • It's simple, and FREE!
Login

Home | About | Privacy | Upload Guidelines | Terms of Service | Help
Copyright © Stardock Corporation. All Rights Reserved.


web-wc01