How can I delete rootkit files?

swag72

swag72

Suspended / Banned
Messages
7,969
Name
Sara
Edit My Images
Yes
I use Avast anti virus and while doing a scan I found that I have over 500 rootkit files that Avast will not allow me to delete, repair or quarantine. I have looked on the net and tried all free programmes that say you can find and delete these files, but most of them don't even find any.

I have wondered if it was a false positive from Avast, so uninstalled and reinstalled it and I have the same. The Avast database is up to date.

I am happy to pay for a programme to sort this, but as all the free ones have failed so far to sort it, I don't want to pay for something that will not work.


What have I tried so far?
  • Kaspersky TDSS Killer
  • Rootkit buster
  • Sophos anti rootkit
  • Unhack me
  • and one that worked through the command prompt (command exe I think it was called)
Can any one make any more suggestions?
 
Last edited:
No - I did try using safemode and deleting them from there, but for some reason Avast wasn't available in safe mode, but that's the only software that seems to pick them up.
 
I don't know Avast as I've never used it but a quick scan of their forum for this problem says it is usually a false positive so I wouldn't panic too much yet.
 
I'll have a look at that false positive stuff - Too many programmes have come back with nothing for it to be anything else I suppose. Not good though, how do I know the difference between a false positive and a real threat?
 
Personally I trust Kaspersky. They do a free trial. If you want to reassure yourself uninstall avast, install kaspersky and do a full scan. You can always go back to avast afterwards. If you did want to buy kaspersky you can probably find an older version cheap online. upgrades to the latest version are free.

Most viruses will not let you install AV software as they block the install process to defend themselves. the fact that you have already removed and successfully reinstalled avast also points to a false positive.
 
Have you tried Malwarebytes Anti-Rootkit BETA 1.1.0.1009. This new program should help you out. Also run the regular MalwareBytes AntiMalware. Both are free.
 
Thanks for that, that last link is a very good read - I run Malwarebytes as a matter of course. I did run the TDSSKiller and that showed up no threats, so just one more to do then I'll be happy that Avast really was showing me almost 600 false positives!!

Thanks for the help on here guys, much appreciated.
 
Ditch Avast and get Kaspersky would be my advice.
 
is your avast definitely up to date? not having (or ever had) any bother here.

we did have an issue with sophos at work recently with false positives, its something that does happen to all AV vendors at some point. its how quickly the issue is rectified..
 
Last edited:
You must log in or register to reply here.
Back
Top