Avast WEBforum
Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: Para-Noid on March 11, 2011, 06:21:34 PM
-
During a scan avast found two rootkits. c:\##aswsnx...\googletalkplugin.exe and c:\##aswsnxpri...\6bFYfi3B.exe
When I re-booted to delete nothing happened. Yes, I did a boot-time scan and nothing. All scan since have detected nada...zilch...nothing. I use a custom scan and was doing a full rootkit scan and have since been using a quick scan for rootkits. I have a feeling these were false positives. Any other opinions?
They cannot be deleted or moved to the chest. What gives?
-
Well I guess you are using one of your 'Para-Noid' Custom Scans again ?
As you are scanning the contents of the avast sandbox and as such is protected.
-
Well I guess you are using one of your 'Para-Noid' Custom Scans again ?
As you are scanning the contents of the avast sandbox and as such is protected.
No need for sarcasm! Nothing was in the sandbox. If you read my OP I have changed the rootkit scan from "full" to "quick". And have not had the same results since. The main point is... are these false positives? The results have nothing to do with the sandbox.
There is absolutely nothing wrong with a custom scan. After all that is always an option. The results did not show up after a boot scan or a default scan. I did change the settings for rootkits.
-
Just referring to your self proclaimed screen name ;D
That is always going to be the problem when you dig too deep or set heuristics too sensitive you get things reported that you otherwise wouldn't get.
So what is wrong with the custom scan, not knowing what kind of results you are going to get when changing or setting options and when you get them knowing why it happened. Clearly this was the case here. That is why I feel that the Quick and Full System pre-defined scans are more than adequate.
They aren't false positives, how do you think that the sandbox or safezone work to protect you from malware, by isolating (effectively hiding) them from others.
-
Well I guess you are using one of your 'Para-Noid' Custom Scans again ?
As you are scanning the contents of the avast sandbox and as such is protected.
Nothing was in the sandbox. The results have nothing to do with the sandbox.
the paths of the 2 detections clearly show that they ARE in the sandbox c:\##aswsnx...\googletalkplugin.exe and c:\##aswsnxpri...\6bFYfi3B.exe
-
Well I guess you are using one of your 'Para-Noid' Custom Scans again ?
As you are scanning the contents of the avast sandbox and as such is protected.
Nothing was in the sandbox. The results have nothing to do with the sandbox.
the paths of the 2 detections clearly show that they ARE in the sandbox c:\##aswsnx...\googletalkplugin.exe and c:\##aswsnxpri...\6bFYfi3B.exe
Thank you. I didn't know what aswsnx meant.
-
Just referring to your self proclaimed screen name ;D
That is always going to be the problem when you dig too deep or set heuristics too sensitive you get things reported that you otherwise wouldn't get.
So what is wrong with the custom scan, not knowing what kind of results you are going to get when changing or setting options and when you get them knowing why it happened. Clearly this was the case here. That is why I feel that the Quick and Full System pre-defined scans are more than adequate.
They aren't false positives, how do you think that the sandbox or safezone work to protect you from malware, by isolating (effectively hiding) them from others.
I have been using those settings (full scan for rootkit) ever since I started using avast almost a year ago. They never showed up till now! And haven't showed up since. So it is not the settings. Evidently the sandbox made the difference. I wasn't "paranoid" I was wanting information. And...No I don't mind using my screen name for fun as long as it is accompanied with a solid answer. In fact I rather enjoy the fun. As far as the scan goes I like as deep of a scan as I can get without getting weird results. That is the reason I use different settings for the custom scan. I agree there is nothing wrong with the default scan...I just want the best scan I can get. I have a good reason, I had a very bad incident with AVG and ever since I have not trusted a default scan since. Avast has saved my butt more than once. I will sing the praises of avast to anyone and everyone.
-
I always wondered about your signature
I used to be dumb and blond...I'm just not blond anymore!
Now I know you are not blond but I am questioning the first part! ;)
-
@ Para-Noid
Well excuse me for bothering. I will try to remember not to waste my time in the future.
-
I always wondered about your signatureI used to be dumb and blond...I'm just not blond anymore!
Now I know you are not blond but I am questioning the first part! ;)
I was wondering when someone was going to pick up on that.
@DavidR...Please do assist whenever possible. I had no reason to ask before because I was using "free" now I have to get used to AIS and the concept of a sandbox. It's a new experience. Like I said I don't mind the sarcasm as long as I get a decent answer. By all means have fun with my screen name!
-
I was wondering when someone was going to pick up on that.
@DavidR...Please do assist whenever possible. I had no reason to ask before because I was using "free" now I have to get used to AIS and the concept of a sandbox. It's a new experience. Like I said I don't mind the sarcasm as long as I get a decent answer. By all means have fun with my screen name!
You should be familiar with being a MALPATIENT.
-
<snip>
@DavidR...Please do assist whenever possible. I had no reason to ask before because I was using "free" now I have to get used to AIS and the concept of a sandbox. It's a new experience. Like I said I don't mind the sarcasm as long as I get a decent answer. By all means have fun with my screen name!
The answer was direct and to the point I told you is was because you were scanning the sandbox contents and you were doing a custom scan which can lead to unexpected results.
If you can't recognise that then I can't help.
-
<snip>
@DavidR...Please do assist whenever possible. I had no reason to ask before because I was using "free" now I have to get used to AIS and the concept of a sandbox. It's a new experience. Like I said I don't mind the sarcasm as long as I get a decent answer. By all means have fun with my screen name!
The answer was direct and to the point I told you is was because you were scanning the sandbox contents and you were doing a custom scan which can lead to unexpected results.
If you can't recognise that then I can't help.
You have always been a big help it's just ArtemisFOwl showed me that the results were in the sandbox. As in "aswsnx". That was the answer I was looking for. Don't get upset I am like many others getting used to the new and improved avast. I am not a computer "geek". I am, however, learning and always will be. Thanks for all your help...seriously.