Author Topic: aswAr.run - Rootkit.HiddenFile or false positive?  (Read 2639 times)

0 Members and 1 Guest are viewing this topic.

mv54

  • Guest
aswAr.run - Rootkit.HiddenFile or false positive?
« on: June 29, 2013, 07:44:57 AM »
I was doing a virus/malware hunt scan today with Avast antivirus, Malwarebytes and Comodo Cleaning Essentials. Comodo Cleaning Essentials is telling me it has found a Rootkit.HiddenFile in C:\ProgramData\AVAST Software\Avast\aswAr.run. I was wondering if anyone could help me verify if it is in fact a rootkit or a false positive. I've scanned with Comodo Cleaning Essentials and I have never gotten any similar results. I don't want to touch anything at this time because I'm worried I might mess something up. All help is needed and appreciated, thanks.

Offline DavidR

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 87645
  • No support PMs thanks
Re: aswAr.run - Rootkit.HiddenFile or false positive?
« Reply #1 on: June 29, 2013, 01:03:49 PM »
The aswAR range of file names relate to the avast anti-rootkit scan (presumably the aswAr.run would run the anti-rootkit scan), so when it is checking for rootkits it has to work at a low level and may well be hidden. This is the sort of thing you get when digging into your system with other security software.

The fact that it hasn't happened before could either be coincidence, an avast AR scan running when you checked or changes in the scan method of the 3rd party security scan.

I would leave the aswAr.run file alone.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 23.4.6062 (build 23.4.8118.762) UI 1.0.762/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security