Author Topic: New version finds rootkit hidden files - can't delete & nothing else does  (Read 49582 times)

0 Members and 1 Guest are viewing this topic.

Offline Crowella

  • Jr. Member
  • **
  • Posts: 21
Re: New version finds rootkit hidden files - can't delete & nothing else does
« Reply #15 on: December 03, 2008, 03:15:38 PM »
Erm, when i run it i get a spybot s&d window, not Avast. It runs a scan (takes seconds) and says aswArO.dll  nothing found.

I'm doing something wrong aren't i?!

Christine

Offline Vlk

  • Avast CEO
  • Serious Graphoman
  • *
  • Posts: 11665
  • Please don't send me IM's. Email only. Thx.
    • ALWIL Software
Re: New version finds rootkit hidden files - can't delete & nothing else does
« Reply #16 on: December 03, 2008, 03:37:10 PM »
Wait a moment. You have to DOWNLOAD the file, and place it to the avast\data folder.
Not RUN it. :)

Cheers
Vlk
If at first you don't succeed, then skydiving's not for you.

Offline Crowella

  • Jr. Member
  • **
  • Posts: 21
Re: New version finds rootkit hidden files - can't delete & nothing else does
« Reply #17 on: December 03, 2008, 03:46:24 PM »
Hi there, sorry but when i click on the link it just downloads and i get a litle icon on my desktop, i assumed you wanted me to run it. I'm afraid you'll have to clarify what you mean, i'm a complete lemon when it comes down to anything technical! Or maybe someone else on the forum may be a better bet?

Sorry for being a pain.

Christine

Offline Vlk

  • Avast CEO
  • Serious Graphoman
  • *
  • Posts: 11665
  • Please don't send me IM's. Email only. Thx.
    • ALWIL Software
Re: New version finds rootkit hidden files - can't delete & nothing else does
« Reply #18 on: December 03, 2008, 03:53:13 PM »
Aha, OK, no problem. What browser are you using?

Thanks
Vlk
If at first you don't succeed, then skydiving's not for you.

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31345
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: New version finds rootkit hidden files - can't delete & nothing else does
« Reply #19 on: December 03, 2008, 03:54:57 PM »
Right click the link Vlk gave you, choose "save as".
Download and save the file to C:\program files\Alwill software\avast4\data\
(assuming you have a default avast installation)
If you get a message that the file already excists, overwrite the current file.

Offline Crowella

  • Jr. Member
  • **
  • Posts: 21
Re: New version finds rootkit hidden files - can't delete & nothing else does
« Reply #20 on: December 03, 2008, 04:11:36 PM »
I use Firefox. I right clicked and got 'save link as', and a window appeared, not sure what to do from there... ???

Christine

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31345
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: New version finds rootkit hidden files - can't delete & nothing else does
« Reply #21 on: December 03, 2008, 04:16:38 PM »
Ok, that is good. Select in the window the folder Vlk and I gave you (C:\program files\Alwill software\avast4\data\), then choose to download the file.

Offline Maxx_original

  • Avast team
  • Super Poster
  • *
  • Posts: 1479
Re: New version finds rootkit hidden files - can't delete & nothing else does
« Reply #22 on: December 03, 2008, 04:25:09 PM »
how about disabling the self-defense first? don't know if this has been done already..

Offline Crowella

  • Jr. Member
  • **
  • Posts: 21
Re: New version finds rootkit hidden files - can't delete & nothing else does
« Reply #23 on: December 03, 2008, 04:36:33 PM »
Sorry guys, but this isn't happening, i get a window and in the text field for file name i've got aswArO. It seems to want to save this to my desktop.

Can hear gnashing of teeth already!

Offline Vlk

  • Avast CEO
  • Serious Graphoman
  • *
  • Posts: 11665
  • Please don't send me IM's. Email only. Thx.
    • ALWIL Software
Re: New version finds rootkit hidden files - can't delete & nothing else does
« Reply #24 on: December 03, 2008, 04:48:37 PM »
Hi Christine,

don't worry about it. Maybe someone else with the same problem will follow up.

We don't want you to spend the whole afternoon with this! :)

Cheers
Vlk
If at first you don't succeed, then skydiving's not for you.

Offline Crowella

  • Jr. Member
  • **
  • Posts: 21
Re: New version finds rootkit hidden files - can't delete & nothing else does
« Reply #25 on: December 03, 2008, 05:00:31 PM »
So sorry about that, it's obviously not my day!

Just out of interest, if these false positives keep coming up, how am i to know when i real one is there? After all, i don't want to damage my machine by deleting something i shoudn't, it's a bit like the boy who cried 'Wolf!. I'm wondering whether it's a good idea to carry on using Avast if i can't trust the results. What do you guys think?

p.s. And i am very grateful for your help, please don't think the question above is a reflection on you guys, not meant in that way!

Christine  :)

Offline Vlk

  • Avast CEO
  • Serious Graphoman
  • *
  • Posts: 11665
  • Please don't send me IM's. Email only. Thx.
    • ALWIL Software
Re: New version finds rootkit hidden files - can't delete & nothing else does
« Reply #26 on: December 03, 2008, 05:44:42 PM »
You can ignore the "suspicious file" type of warnings. However, don't ignore the "A virus was found" warnings (if any).
If at first you don't succeed, then skydiving's not for you.

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31345
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: New version finds rootkit hidden files - can't delete & nothing else does
« Reply #27 on: December 03, 2008, 05:45:44 PM »
Disable the self protection (steps 4 - 6 on THIS website

Then click HERE and open (run) that file,
or save it and then double click it.

It will do exactly what Vlk told. (downloading and installing the file in the correct folder.

Edit:
Vlk, for your information: That little .exe is just a installer that places the aswAr0.dll in the data folder for her.
« Last Edit: December 03, 2008, 05:49:00 PM by Eddy »

Offline Crowella

  • Jr. Member
  • **
  • Posts: 21
Re: New version finds rootkit hidden files - can't delete & nothing else does
« Reply #28 on: December 03, 2008, 06:39:36 PM »
Hi there,

Did as you asked, even got a nice orangey screen with my name on it (i'm easily pleased!); it's now sitting as an icon on my desktop, should i run it?

C

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31345
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: New version finds rootkit hidden files - can't delete & nothing else does
« Reply #29 on: December 03, 2008, 07:07:01 PM »
On the screen with your name on it, click next, then click install (after you have disabled the self-protection)
That is all you have to do.
It you done it, you can enable the self protection again.

This has copied aswArO.dll to the correct folder as Vlk asked you.
I leave it up to him to guide you further.

You can remove the icon from your desktop if you want.