Author Topic: New version finds rootkit hidden files - can't delete & nothing else does  (Read 53200 times)

0 Members and 1 Guest are viewing this topic.

gcon60

  • Guest
Re: New version finds rootkit hidden files - can't delete & nothing else does
« Reply #45 on: December 05, 2008, 12:24:44 PM »
Vik,

I have emailed the avar.txt file - good luck.  I know, not luck....but ...SKILL.

Gerard

Offline Vlk

  • Avast CEO
  • Serious Graphoman
  • *
  • Posts: 11664
  • Please don't send me IM's. Email only. Thx.
    • ALWIL Software
Re: New version finds rootkit hidden files - can't delete & nothing else does
« Reply #46 on: December 05, 2008, 12:33:46 PM »
Great, thanks for that.
Could you please also send the scan log? (so that we can match these logs together)?

Thanks
Vlk
If at first you don't succeed, then skydiving's not for you.

Crowella

  • Guest
Re: New version finds rootkit hidden files - can't delete & nothing else does
« Reply #47 on: December 06, 2008, 01:26:51 PM »
Hi all,

So is there a verdict on this yet? Are we clean (and can i carry on with my internet crimbo shopping?!) or full of 'orrible nasties?  :o

Cheers guys,

Christine

boston

  • Guest
Re: New version finds rootkit hidden files - can't delete & nothing else does
« Reply #48 on: December 06, 2008, 03:39:00 PM »
I'm having the same rootkit issues here.  Is progress being made on how to solve this?

anjana

  • Guest
Re: New version finds rootkit hidden files - can't delete & nothing else does
« Reply #49 on: December 15, 2008, 07:49:44 AM »
My computer is been acting weird, in fact ewhen i turned it on a couple of days ago, rebooted my windows XP to a few years ago, I lost all my info .
I ran and antivirus today and it froze when i came back on the log I found that every 2 seconds it has found "rootkit: hidden file" has been found in...actually in many places
I could not complete the scam because it froze after an hour running
Is this a real threat or just something else.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67241
Re: New version finds rootkit hidden files - can't delete & nothing else does
« Reply #50 on: December 15, 2008, 03:40:13 PM »
anjana, some recent hidden files detections were false positives. Update your avast and check if the problem persists.
If so, can you say what is the infected file name, where was it found (C:\windows\system32\infected-file-name.xxx)?
The best things in life are free.

gcon60

  • Guest
Re: New version finds rootkit hidden files - can't delete & nothing else does
« Reply #51 on: December 15, 2008, 06:17:33 PM »
Vik,

I still get a load of rootkit hidden file comments when I run a thorough scan.  This afternoon a single file report popped up without having to run an Avast scan at all.  I did the usual; ignore, reload and run bootscan...... as before, NIL found.

Are you any nearer finding the problem with this?  I am going to revert back to version 1229 to avoid rootkits in the meantime, unless I can do any more to help.

Regards

Gerard

anjana

  • Guest
Re: New version finds rootkit hidden files - can't delete & nothing else does
« Reply #52 on: December 15, 2008, 08:20:40 PM »
I update automatically regularly.
i also get a load of rootkit hidden file comments when I run a thorough scan .
i run the scan again last night,and again after an hour it froze.
for the first hour every second or two this came out:
"rootkit hidden file" has been found inC:\WINDOWS\softwaredistribuition\download\59fc8f12b80caa9911...

then this come out:
Sign of "rootkit hidden file" has been found inC:\WINDOWS\SYSTEM.CB\mapi32.dll"file
Sign of"rootkit hidden file" has been found inC:\WINDOWS\SYSTEM.CB\MAPISRVR.EXE"file
Sign of"rootkit hidden file" has been found inC:\WINDOWS\system.ini\mapi32.dll"file
Sign of"rootkit hidden file" has been found inC:\WINDOWS\system.ini\MAPISRVR.EXE"file

thanks!


Crowella

  • Guest
Re: New version finds rootkit hidden files - can't delete & nothing else does
« Reply #53 on: December 15, 2008, 10:29:06 PM »
It's still happening to me too, and i'm getting a bit fed up of it. Was anything found when i emailed the log?

Thanks all!

Christine

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67241
Re: New version finds rootkit hidden files - can't delete & nothing else does
« Reply #54 on: December 15, 2008, 10:38:16 PM »
Did you update to the latest virus database?
The best things in life are free.

anjana

  • Guest
Re: New version finds rootkit hidden files - can't delete & nothing else does
« Reply #55 on: December 16, 2008, 06:53:04 AM »
yes, I did...

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67241
Re: New version finds rootkit hidden files - can't delete & nothing else does
« Reply #56 on: December 16, 2008, 11:53:52 AM »
yes, I did...
Do you have an Acer computer?
The best things in life are free.

gcon60

  • Guest
Re: New version finds rootkit hidden files - can't delete & nothing else does
« Reply #57 on: December 16, 2008, 03:29:39 PM »
I have an Acer laptop although I don't see what that has to do with it as I updated another Acer last week to 1296 and it was fine.

Gerard

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67241
Re: New version finds rootkit hidden files - can't delete & nothing else does
« Reply #58 on: December 16, 2008, 03:37:22 PM »
I have an Acer laptop although I don't see what that has to do with it as I updated another Acer last week to 1296 and it was fine.

Gerard
Some Acer computers are affected by a bug (in avast or in Acer, we don't know yet).
Disable rootkit scanning in the Troubleshooting tab of program settings as a workaround.
The best things in life are free.

gcon60

  • Guest
Re: New version finds rootkit hidden files - can't delete & nothing else does
« Reply #59 on: December 16, 2008, 03:48:00 PM »
Interesting!  My Acer has co-existed with the Avast program for several years now and works fine with version 1229, so I guess the bug is in 1296.

Gerard