system
1
Avast Free 6.0.1203
Windows 7 - 64bit
When I started up the PC this morning, I logged in to my limited privilege account. After a minute or two, Avast put up a red alert that a rootkit had been found. It recommended that I select ‘delete’, which I did. it also recommended that I perform a boot-time rootkit scan, which I also did.
The boot-time scan did not find anything of interest.
Now I’d like to find out the name of the file that contained the root kit, the file which Avast deleted. I looked through the log files, but did not see an entry naming the deleted file.
How can I find out what the name of the file was that avast thought contained a rootkit and that avast deleted?
Thanks.
system
2
Start up Avast,then go to Maintenance (on left hand side) then Virus Chest
system
3
The suspect file was not moved to the virus chest, it was deleted, per the suggestion from the alert.
There is nothing in the virus chest.
DavidR
4
Check the C:\ProgramData\AVAST Software\Avast\log\aswAr.log file using notepad, that should contain any detection information (this folder may be hidden so you will need to change that).
system
5
Thanks. That was the ticket.
DavidR
6
Well what was it that you deleted ?
Personally I opt for confirmation before deletion rather than after.