Author Topic: Why avast didnt delete the infected files throughly  (Read 1871 times)

0 Members and 1 Guest are viewing this topic.

Offline vhintech

  • Newbie
  • *
  • Posts: 1
Why avast didnt delete the infected files throughly
« on: January 08, 2010, 09:35:21 AM »
Why avast didnt delete the infected files throughly????..
I installed Avast Home Edition and did a boot-scan, it detects a viruses on my pc hardisk and on usb drive thats currently plug in.. i chose to delete the infected files.. When i browse the files in my usb drive its gone, but when i turn to view the hidden files, the infected files still there at location, it just turn or change to hidden files..Why is avast turn the infected files to hidden files. it didnt deleted throughly the file so the virus still there.????. Please help me....Thank you very much

Offline Tarq57

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 3695
  • If at first you don’t succeed; call it version 1.0
Re: Why avast didnt delete the infected files throughly
« Reply #1 on: January 08, 2010, 09:39:20 AM »
Hi vhintech, welcome to the forum.
Please post the full filenames and paths for each detection, and beside each one, the name Avast assigned to each file.
For example "win32: trojan-gen" (the Avast detection) in C/Windows/System32/drivers etc/syz.exe (a sample file path and name.)
Windows 10,Windows Firewall,Firefox w/Adblock.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67247
Re: Why avast didnt delete the infected files throughly
« Reply #2 on: January 08, 2010, 12:39:55 PM »
Of course avast does not hidden the file only...
Seems you're experiencing a recurring infection (or rootkit), which is much more different.
I suggest:

1. Clean your temporary files.
2. Schedule a boot time scanning with avast with archive scanning turned on. If avast does not detect it, you can try DrWeb CureIT! instead.
3. Use MBAM (or SUPERantispyware or even Spyware Terminator) to scan for spywares and trojans. If any infection is detected, better and safer is send the file to Quarantine than to simple delete them.
4. Test your machine with anti-rootkit applications. I suggest avast! antirootkit or Trend Micro RootkitBuster.
5. Make a HijackThis log to post here or this analysis site. Or even submit the RunScanner log to to on-line analysis.
6. Clean your Hosts file (replacing it) with HostsMan tool.
7. Disable System Restore and then reenable it again.
8. Immunize your system with SpywareBlaster.
9. Check if you have insecure applications with Secunia Software Inspector.
The best things in life are free.