Author Topic: AVAST ALARMED. POSSIBLE ROOTKIT DETECTED?  (Read 3500 times)

0 Members and 1 Guest are viewing this topic.

bobo1

  • Guest
AVAST ALARMED. POSSIBLE ROOTKIT DETECTED?
« on: September 15, 2012, 08:20:00 AM »
Hi,
Had an Avast alert red popup this morning.

Possible rootkit detected on todays virus definitions on behavior sheild on max sensitiviy setting.

"C:/WINDOWS/ SYSTEM32  DRIVERS  MBAMSWISSARMY. SYS."

Was running malware bytes at the time? doing a routine scan today.

Need more info if this alarm is true or false or if it is a false alert? or a file related to Malwarebytes? . If it is a true detection will have to scrub my computer then? if it is a rootkit????? :o
« Last Edit: September 15, 2012, 08:22:49 AM by bobo1 »

Theo Peterbroers

  • Guest
Re: AVAST ALARMED. POSSIBLE ROOTKIT DETECTED?
« Reply #1 on: September 15, 2012, 09:15:51 AM »
That's what you get when on max sensitivity.

It's a Malwarebytes file, see http://forums.malwarebytes.org/index.php?showtopic=81945

Congratulations, if that was the only alert avast gave you.

Offline ajey

  • Jr. Member
  • **
  • Posts: 66
  • Safe with avast! :)
    • Ajey's computer blog
Re: AVAST ALARMED. POSSIBLE ROOTKIT DETECTED?
« Reply #2 on: September 15, 2012, 04:11:38 PM »
Kwartet! is right it is just due to the high sensitivity you have...
It's not a malware 100% sure :) ;)




Stay safe :)
Windows 10 | avast! premium security | https://ajeyscomputerblog.blogspot.com/

iroc9555

  • Guest
Re: AVAST ALARMED. POSSIBLE ROOTKIT DETECTED?
« Reply #3 on: September 15, 2012, 04:49:38 PM »
Bobo1.

Old detection. Weird is back.

Did you have MBAM UI open when Avast! looking for rootkits 8 min after boot ? MBAMSWISSARMY. SYS shows in Drivers only with MBAM UI open or it updates.

http://forum.avast.com/index.php?topic=98405.msg784695#msg784695

For sure a F/P.
« Last Edit: September 16, 2012, 03:54:21 PM by iroc9555 »

bobo1

  • Guest
Re: AVAST ALARMED. POSSIBLE ROOTKIT DETECTED?
« Reply #4 on: September 16, 2012, 01:08:47 PM »
Yes i did. And avast does the rootkit check/ scan after computer has booted.
Malwarebytes was running at the time. Avast was not opened to gui at the time just running in the system tray. Alert popped up within 3mins after computer was running.
Poss just a blip?. Was running malwarebytes this morning as a routine check once a fortnight.
« Last Edit: September 16, 2012, 01:15:06 PM by bobo1 »

Offline CraigB

  • Avast √úberevangelist
  • Serious Graphoman
  • *****
  • Posts: 11244
  • No support PM's thanks
Re: AVAST ALARMED. POSSIBLE ROOTKIT DETECTED?
« Reply #5 on: September 16, 2012, 01:25:16 PM »
Another reason why the Malwarebytes developers suggest excluding there program from antiviruses  :)

akama1

  • Guest
Re: AVAST ALARMED. POSSIBLE ROOTKIT DETECTED?
« Reply #6 on: September 17, 2012, 01:27:58 PM »
Hi,
Had an Avast alert red popup this morning.

Possible rootkit detected on todays virus definitions on behavior sheild on max sensitiviy setting.

"C:/WINDOWS/ SYSTEM32  DRIVERS  MBAMSWISSARMY. SYS."

Was running malware bytes at the time? doing a routine scan today.

Need more info if this alarm is true or false or if it is a false alert? or a file related to Malwarebytes? . If it is a true detection will have to scrub my computer then? if it is a rootkit????? :o

avast behaviour shield has a max sensitivity setting? how did you get that? O.o