Computer was running slowly so I updated and ran my Malwarebytes…came up clean.
I run McAffee + a fire wall + Avast as it is a work computer. The McAffee has to stay on due to work requirements. It has proved to be f’ing useless in the past. I ran a scan in Avast and came up with a few hundred hidden rootkits.
I am running the free version of Avast…how I find an output of the scan log in order to attach?
Thanks you! Sorry for my newbiness. I’ve been around computers forever but if I ever find a serious virus I usually just re-install to factory specs. However, I don’t think I got a reboot disc with this computer and I don’t want to end up screwed…
Having two resident anti-virus scanners installed is one too many and not recommended as rather than provide twice the protection it can cause conflicts that could leave you more vulnerable. Not to mention avast free shouldn’t be running on a business system, even if it were the only AV.
These conflicts can present themselves in many ways, detection of the others processes is just one. Since you don’t say what the file name and location of this hidden rootkit/s are or what detected them (presumably avast) ?
If avast, you don’t state what scan you did regular on-demand scan (Quick, Full or Custom and settings) or if it was the anti-rootkit scan 8 minutes after boot ?
If this is a work system and you are forced to run McAfee, you aren’t left with much choice but to uninstall avast.
I can’t help with the OTL log as it isn’t something that I’m familiar with.
The Avast picked them up…however, upon a restart and a second scan now it is coming up clean. I picked them up in Avast…the Mcaffee found nothing. I keep both as Avast routinely finds things that McAffee misses - for whatever reason. They were PID files. Not sure why this second scan is coming up clean. Do you recommend I rely just on MalwareBytes and MCAffee and delete the Avast?
My guess is that you are doing a Custom scan in which you have elected to scan Memory and that all these detections are in memory PID or Process: in the path indicate memory locations. Since they aren’t physical files they can’t be moved to the chest, deleted, etc. so there is no action that can be taken, hence the Apply button being greyed out.
The detections in memory are frequently other security applications loading unencrypted virus signatures into memory. Having set off a scan of memory by an antivirus application looking for virus signatures, don’t be too surprised if it finds some in memory.
So if you can give some examples of the items in the list and the type of scan you did it will help us to help you.
It isn’t so much a recommendation I would say a necessity as the two resident AVs can conflict, at best this will cause duplication of scanning and resource use, at worst the drivers could conflict, locking up your system. Just imaging what this would be like if it happens during boot.
Well, I just finished up a complete full system scan and it came up with nothing this time. I then deleted Avast. My McAffee detects nothing either. I appreciate your help!
A Full System Scan, won’t find anything as the Custom scan with Memory selected goes much deeper than the limited memory checking in the Quick or Full System Scan.