Avast WEBforum

Other => Viruses and worms => Topic started by: solidsnake44 on July 13, 2011, 09:53:15 PM

Title: Rootkit c:\windows\SoftwareDistribution\download\b18c8e918883751dfbf19ad251c8c35
Post by: solidsnake44 on July 13, 2011, 09:53:15 PM

Hello everybody,


Today I did a scan with Avast 6 and Avast found a Rootkit (:modification system) in :

c:\windows\SoftwareDistribution\download\b18c8e918883751dfbf19ad251c8c352\x86_06ba0d35a05397d17859b3f9cb08ec23_b77a5c561934e089_6.0.6002.22621_none_e61fa5ebd64c1392.manifest

The threat is classified in HIGH

I think it's a false positive, but I want to be sure to inform Avast.

I Did a scan with Malwarebyte anti-malware and spybot = Nothing
Avast had never shown an alert during use. Only in Scan.

Thank you :)

Title: Re: Rootkit c:\windows\SoftwareDistribution\download\b18c8e918883751dfbf19ad251c8c35
Post by: Pondus on July 14, 2011, 12:31:14 AM

Quote

I think it's a false positive, but I want to be sure to inform Avast.

have you tested the file at www.virustotal.com ?

Title: Re: Rootkit c:\windows\SoftwareDistribution\download\b18c8e918883751dfbf19ad251c8c35
Post by: solidsnake44 on July 14, 2011, 09:57:56 AM

Hello.

During the scan I deleted the file (It wasn't very important). And I didn't have Internet.

I installed the pc on Internet during 4 days only. And I didn't visit risky websites.

Title: Re: Rootkit c:\windows\SoftwareDistribution\download\b18c8e918883751dfbf19ad251c8c35
Post by: Pondus on July 14, 2011, 10:09:24 AM

Quote

And I didn't visit risky websites......

you dont have to.....


Website infected every 3.6 seconds
http://www.scmagazine.com.au/News/150874,website-infected-every-36-seconds.aspx

Title: Re: Rootkit c:\windows\SoftwareDistribution\download\b18c8e918883751dfbf19ad251c8c35
Post by: solidsnake44 on July 14, 2011, 04:54:04 PM

Ouah !  :o

It's huge. 

You think it's a false Positive ?

Title: Re: Rootkit c:\windows\SoftwareDistribution\download\b18c8e918883751dfbf19ad251c8c35
Post by: Asyn on July 14, 2011, 05:16:40 PM

Quote from: solidsnake44 on July 14, 2011, 04:54:04 PM

You think it's a false Positive ?

Difficult to say, as you already deleted it, there's nothing to check.

Title: Re: Rootkit c:\windows\SoftwareDistribution\download\b18c8e918883751dfbf19ad251c8c35
Post by: solidsnake44 on July 15, 2011, 09:50:39 AM

Ok Thank you :)

Title: Re: Rootkit c:\windows\SoftwareDistribution\download\b18c8e918883751dfbf19ad251c8c35
Post by: Asyn on July 15, 2011, 10:53:39 AM

Quote from: solidsnake44 on July 15, 2011, 09:50:39 AM

Ok Thank you :)

You're welcome..!