Author Topic: AVAST Home edition cant fix this. repeat problem  (Read 2661 times)

0 Members and 1 Guest are viewing this topic.

bgg

  • Guest
AVAST Home edition cant fix this. repeat problem
« on: January 12, 2009, 03:28:08 AM »
The following files has veen detected byAvast home edition as  (on my win xp pro, sp2)

- rootkit: hidden file
- hidden service

usbkbd.sys,
tdiip.sys
extfs.sys

then I choose to delete. then avast suggests to reboot, scans, finds and deletes again. BUT when in normal mode, the files come back again.

any idea?

Thanks
 

CharleyO

  • Guest
Re: AVAST Home edition cant fix this. repeat problem
« Reply #1 on: January 12, 2009, 07:28:44 AM »
***

Welcome to the forums, bgg.   :)

I suggest you try using malwarebytes antimalware to remove these.

http://www.malwarebytes.org/mbam.php


***

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67194
Re: AVAST Home edition cant fix this. repeat problem
« Reply #2 on: January 12, 2009, 02:32:53 PM »
I suggest:

1. Clean your temporary files.
2. Schedule a boot time scanning with avast with archive scanning turned on. If avast does not detect it, you can try DrWeb CureIT! instead.
3. Use SUPERantispyware, MBAM or Spyware Terminator to scan for spywares and trojans. If any infection is detected, better and safer is send the file to Quarantine than to simple delete them.
4. Test your machine with anti-rootkit applications. I suggest avast! antirootkit or Trend Micro RootkitBuster.
5. Make a HijackThis log to post here or this analysis site. Or even submit the RunScanner log to to on-line analysis.
6. Disable System Restore and then reenable it again.
7. Immunize your system with SpywareBlaster.
8. Check if you have insecure applications with Secunia Software Inspector.

I suggest you visit this page http://www.antirootkit.com/software/index.htm for antirootkit detection, removal & protection.

You can also run a full computer on-line scanning:
Kaspersky
Trendmicro housecall
Ewido
F-Secure
Spysweeper
The best things in life are free.