Forgive me if I seem a little naive on this, I’m not techy when it comes to viruses and malware. Basically, yesterday night, soon after logging into my laptop, Avast alerted me of two or three rootkits and prompted me to restart to remove them. I restarted, and it initiated a scan with a black screen and white text. I then remembered that I didn’t have much power left in my laptop so I bypassed the scan with ‘esc’ and shut down my laptop and went to bed (I was tired at the time).
Anyway I logged on today, and did a scan with avast, it detected nothing though. Then I went to quarantine and noticed the following item.
Name: cachesrvr.exe
Original Location: C:/Program Files/Hewlett-Packard/Simpl…
Transfer Time: (here it said yesterday)
Virus: Win64:Rootkit-gen [Rtk]
So that must of got put there recently, then I went to scan history and noticed that it said 3 infected items were found in a quick scan dated yesterday. Although when I clicked ‘view details’ only two items showed so I’m guessing the item in quarantine was one that was removed? Anyway, the following two items show in the scan results now.
File Name: C:/Program Files/Hewlett-Packard/…/cachesrvr.exe
Severity: High
Status: Threat: Rootkit: hidden file
File Name: SVC: Cachedrv server > C:/…/cachesrvr.exe
Severity: High
Status: Threat:Win64:Rootkit-gen [Rtk]
After seeing these, I selected actions for each of them then applied. First I selected ‘Fix Automatically’ for each of them, then after restarting, I saw they were still there. Then I tried ‘Move to Chest’ but after it restarting, they were still there. Then came ‘Delete’ and they were still even there after that, and neither of these two rootkits have been added to my quarantine yet. They just remain in the scan results for the quick scan from yesterday.
So I don’t know what to do now, I’d very much appreciate some help.