sirefef:AAP[Rtk] found on cercsr6.sys

[Rick F]

My guess is that you may not be seeing all files.  Dell is not that screwed up.

If you're using Windows Explorer (not to be confused with internet explorer), make sure you're viewing all files.  Open Windows explorer, click on 'tools' pull down; then 'folder options'. Next click the 'view' tab. Under files and folders you should see the option, 'show hidden files and folders'.  It should look like this:

[DavidR]

Search (and perhaps Dell support, may not find it in the C:\WINDOWS\system32\drivers folder as it is normally a hidden folder, unless you change the windows explorer Tools, Folder Options, View, Hidden Files and Folders as suggested by Rick F.

[puter illit]

Search (and perhaps Dell support, may not find it in the C:\WINDOWS\system32\drivers folder as it is normally a hidden folder, unless you change the windows explorer Tools, Folder Options, View, Hidden Files and Folders as suggested by Rick F.

Daaaaa! I've never seen windows explorer on my puter? XP Pro However Dell did open all windows\system32\drivers folder and check hidden files as well. This is really not good as it being missing or corrupted I'm vulnerable to all kinds of attacks.  If I ever have to delete avast and reinstall for whatever reason it will remove it from the chest completely. WHY is it not giving me the OPTION to RESTORE?

[DavidR]

When you the windows folder structure, that is windows explorer, see image, but that would still need to have view Hidden Files and Folders as mentioned before.

When you 'open' the chest and right click on the cercsr6.sys file in C:\WINDOWS\system32\drivers folder - Is it giving you the option to Extract ?

If so that is a similar deal, which allows you to extract (copy) to a different location other than the original. But you can point it at the C:\WINDOWS\system32\drivers folder.

[ky331]

You mentioned having a cercsr6.sys file dated 12/13/2004. 
For what it's worth, here's the file information on my copy of CERCSR6.sys (with the same date):

[Actual] Size:  38.9 KB (39,904 bytes)
Size on Disk:  40.0 KB (40,960 bytes)
Created & Modified on Monday, December 13, 2004, 5:14:00 PM

File version: 4.1.0.7405
Description: DELL CERC SATA1.5/6ch Miniport Driver
Copyright: Copyright 2003 Adaptec, Inc. All rights reserved
Intertal name: cercsr6.sys.B7405
Product name: Dell RAID Controller

========================

Furthermore, I verified that my copies (in the two separate subdirectories) were identical.   You can do this as follows:
Click on START, then RUN, and in the "open" box type COMMAND and hit OK.  That should open up the "DOS" COMMAND.COM prompt.  Very carefully type-in the following line

fc   c:\windows\system32\drivers\cercsr6.sys   c:\windows\dell\cercsr6\cercsr6.sys   /b

and hit ENTER.   If it responds with "FC: no differences encountered", the two files are the same (even if they have different times/dates).

[You close the command prompt by typing in    EXIT   then hitting ENTER. ]

[puter illit]

You mentioned having a cercsr6.sys file dated 12/13/2004. 
For what it's worth, here's the file information on my copy of CERCSR6.sys (with the same date):

[Actual] Size:  38.9 KB (39,904 bytes)
Size on Disk:  40.0 KB (40,960 bytes)
Created & Modified on Monday, December 13, 2004, 5:14:00 PM

File version: 4.1.0.7405
Description: DELL CERC SATA1.5/6ch Miniport Driver
Copyright: Copyright 2003 Adaptec, Inc. All rights reserved
Intertal name: cercsr6.sys.B7405
Product name: Dell RAID Controller

========================

Furthermore, I verified that my copies (in the two separate subdirectories) were identical.   You can do this as follows:
Click on START, then RUN, and in the "open" box type COMMAND and hit OK.  That should open up the "DOS" COMMAND.COM prompt.  Very carefully type-in the following line

fc   c:\windows\system32\drivers\cercsr6.sys   c:\windows\dell\cercsr6\cercsr6.sys   /b

and hit ENTER.   If it responds with "FC: no differences encountered", the two files are the same (even if they have different times/dates).

[You close the command prompt by typing in    EXIT   then hitting ENTER. ]

Thanks for the info but Now I'm really in a pickle Says no such file exist's

[puter illit]

When you the windows folder structure, that is windows explorer, see image, but that would still need to have view Hidden Files and Folders as mentioned before.

When you 'open' the chest and right click on the cercsr6.sys file in C:\WINDOWS\system32\drivers folder - Is it giving you the option to Extract ?

If so that is a similar deal, which allows you to extract (copy) to a different location other than the original. But you can point it at the C:\WINDOWS\system32\drivers folder.

Yes Had extract, I followed your instruction took me a while to get to C:\WINDOWS\system32\drivers  folder I didn't desigant just click on folder heading? don't know if it worked or not did not give me any confirmations.

[ky331]

Didn't you say you had a copy of cercsr6.sys dated 12/13/2004 ?
if so, how does your file information compare to what I listed above?

[puter illit]

Didn't you say you had a copy of cercsr6.sys dated 12/13/2004 ?
if so, how does your file information compare to what I listed above?

Haven't th faintest Idea , I typed exactly as you said and that's what came up

fc   c:\windows\system32\drivers\cercsr6.sys   c:\windows\dell\cercsr6\cercsr6.sys   /b

[Rick F]

That command you typed is correct.  Did you press 'enter' after that?  It should have told you 'no differences encountered'.

[DavidR]

When you the windows folder structure, that is windows explorer, see image, but that would still need to have view Hidden Files and Folders as mentioned before.

When you 'open' the chest and right click on the cercsr6.sys file in C:\WINDOWS\system32\drivers folder - Is it giving you the option to Extract ?

If so that is a similar deal, which allows you to extract (copy) to a different location other than the original. But you can point it at the C:\WINDOWS\system32\drivers folder.

Yes Had extract, I followed your instruction took me a while to get to C:\WINDOWS\system32\drivers  folder I didn't desigant just click on folder heading? don't know if it worked or not did not give me any confirmations.

The means of checking is by inspection, look in the c:\windows\dell\cercsr6\ folder and see if the cercsr6.sys file is present.

Generally if you don't get an error it is a reasonable result, but needs positive inspection to confirm.

[puter illit]

The means of checking is by inspection, look in the c:\windows\dell\cercsr6\ folder and see if the cercsr6.sys file is present.

Generally if you don't get an error it is a reasonable result, but needs positive inspection to confirm.
[/quote]

OK, I found it BUT I'm not sure it's it's the one the DELL tech did ( a Copy & paste Don't know from were) so I think what he did was incorrect. But by the time stamp on the only one I found it was around 4:45 EST so I think that's around the time I did the extracted. however I can't find the earlier one DELL did? I had never set the foums time to match mine so I am assuming the time differential. Just set it, lol.

[DavidR]

I think the main concern is that you have the one present in the c:\windows\dell\cercsr6\ folder, no matter how it got there.

You need to set your time zone in the forum profile, look and layout settings, then the forum time will match yours.

[Strafe35]

CONFIRMING:   the F/P has been FIXED in definitions 12 06 30 - 0   

I thank avast for the timely response to my posting the F/P [in the other thread]... but feel bad about the others who have posted in this thread, who didn't realize it was (or know about) a F/P . 

Per a remark by Purplemuse [elsewhere], I just checked on my system, and discovered that I DO have a copy of that file in my
C:\WINDOWS\dell\cercsr6
subdirectory [and have compared with the system32\drivers file to confirm its the same version].  Hopefully, those who deleted theirs may be fortunate enough to find they do too.

==============================

to Strafe:
1) Being "delete trigger happy" is not a good thing.   As you've now experienced, anti-virus programs are ocassionally guilty of making False Positive detections --- it's a fact of life, and there's nothing that can be done about it.
I strive to keep my systems "squeaky clean", so ANY time I get a virus warning [which is extremely rare for me], I treat it as likely being a F/P.   First and foremost, NEVER DELETE files:  once deleted, it may be impossible to get it back.   QUARANTINE (VIRUS VAULT) is preferable, in that you can always restore it from the vault to your system.   However, even quarantine is not foolproof:   in the extreme case, if the F/P is for a critical WINDOWS SYSTEM FILE and you quarantine it, you may find that your system will not boot up again :-(   That's why I do my research, and posting, before quarantining.
A great place to start is by uploading the file to https://www.virustotal.com/ which will then have it analyzed by 42 different anti-virus companies.   in the case of cercsr6.sys , only 2 of 42 companies reported it infected.   [Note:  In order to be able to access/upload this file, I had to add it as an exclusion to avast's file system shield --- otherwise, I couldn't get near it.]
2) Be very careful with tinkering with System Restore:   when you disable it, you are REMOVING ALL of your restore information...  meaning when you re-enable it, it's starting with NO data there!

Thanks again for the information I will be more careful from now on. I was lucky for some strange reason the cercsr6.sys even after I ordered the boot scan to delete, it was still there on the dell directory so I quarantined it and after seeing this post of yours I then restored it back to its original location. I also now the danger of tinkering with the SR I did something before with it that helped me remove a trojan back in 2009 as suggested. Just one question, is it possible for the Boot Scan to fail in deleting a file?