During my scan with Avast A warning appeared saying
" Suspicious file found. Suspicious files have been detected [using a heuristic method]. This may be a sign of malware infection. Please allow the files to be submitted to our virus lab for analysis."
Some files are found in C:\windows\system32, or C:\windows\assembly\gac_msil. Whenever I choose ignore, or delete now, I get another pop up saying
“Avast has detected a virus in the operating memory. Since it is very dangerous to work with the computer while the virus is active, it is strongly recommended that you restart the computer and let Avast scan all your data in the boot phase, before a virus can be activated. Do you want to schedule the boot time scan and restart the computer?”
I choose yes, than do the boot scan and the scan finds nothing. the problem has been reproduced four times. At one time I chose no to the restart message, the virus scan freezes. So an apparent virus is operating and I can’t find it. Anyone has ideas?
Dr web cureit detected an item and removed it. It is the old combofix I use long ago I forgot to delete it. As for the files, I don’t know where the scan log is. The ones I found in the warning log [Sign of “Rootkit: hidden file” has been found in “C:\WINDOWS\SYSTEM32\spoolsv.exe\prtprocs\w32x86\filterpipelineprintproc.dll” file.] There must be about 100 files. I might not be able to submit them all, as I won’t be able to find them all.
I found the scan log, but found that it is too big to post in the forum. I am wondering what the way is to post the log, or if I am in the proper part of the forum to do this. The log is real big, so I wonder if I should upload it as an attachment, or if there is another part of the forum where I am suppose to do this. Also I used rootkitrevealer and found some items. Since root kits were the issue I did that scan and retained the log to post it in the most appropriate part of the forum. Thanks.
If I interpret it correctly I had the sensitivity of the scan at the highest. I should have known by the nature of rootkit scans that to avoid false positives, you are suppose to have every other program closed, but guess what. Not being aware that the updates were including rootkit detections, I was surfing, playing a game, and doing editing during the scan.
So I simply set the scan sensitivity down a notch, and didn’t get the described reading again.
Well I don’t believe there is any different level in the sensitivity of the anti-rootkit scan all you might do is actually not run the anti-rootkit scan, so that is avioding a symptom rather than treating the problem.
The Standard and Thorough scans run the anti-rootkit as part of the scan but the Quick scan doesn’t run it as your link confirms, what we need to do is try to find a solution to the problem rather than avoid it.
So as Maxx suggests do a manual program update (right click the avast ‘a’ icon, select) Updating, Program Update, reboot and then run a Standard scan again and see if that resolves the problem.