Update:
Avast Bootscan insisted Version 1.3.1 Sophos Anti-Rootkit contains Trojan "Win32:Trojan-gen" even after I renamed the executables.
Sophos Anti Root-Kit could not be uninstalled because Avast insists "help.exe" contains "Win32:Trojan-gen" by any name... -which I conld not confirm with any other scanner, but HELP.EXE *is* the uninstaller according to the Registry. Catch 22.
Regardless, after renaming all the executables to *.*.vir, I loaded SOPHOS anti-rootkit 1.5.x overtop the 1.3, which correctly updated the Registry.
That stopped Avast's complaints (at least about the active version)
Running the 1.5.x started well, but after some time complaining of hidden files, it began listing EVERY file on my C: drive as "hidden." Twice. Cold boots in between.
(I stopped it after 3 hours)
The thing I don't understand is that I was NOT running a scan, any scan, when Avast first started yelling "Virus Found".
It (avast) listed "Process:" as "C:\Windows\Explorer.exe" in the original announcements... It wasn't until I did the bootscan that it narrowed down to Help.exe[.vir]
I still have v 1.3.1 "Help.exe.vir" (and sarcli.exe.stop) if anyone wants to look and see if some malware is targetting it..-/
end update.
============ Original message:
Avast reports SOPHOS.EXE trojan. Avast wanted to quaranteen but I specified "Block".
[...]
--
This thread was automatically locked due to age.