Author Topic: Everything is a rootkit?  (Read 3910 times)

0 Members and 1 Guest are viewing this topic.

Offline Dongo

  • Newbie
  • *
  • Posts: 2
Everything is a rootkit?
« on: May 11, 2010, 05:35:45 PM »
Hello,

I recently unistalled my AVG anti virus and installed Avast 5. I have avast on another computer and it works just fine. On this one however, it keeps detecting rootkits. I have scanned in safe mode with Spybot S&D, superantispyware, malwarebytes and avast, all turning up clean. Avast seems to flag everything as a rootkit, when I open up notepad, there is a pop saying notepad.exe was moved to the chest. It does it for other things too, like a game I have on both computers, one computer avast flags the other it doesn't. I think it is also intefreing with my printer as I have been having trouble connecting to it (blocks spoolsv.exe that is printer related from what I have googled).

Do I have some virus/malware etc, or is it something else.

Windows XP btw.

Thanks.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67255
Re: Everything is a rootkit?
« Reply #1 on: May 11, 2010, 05:42:36 PM »
Strange... we have other reports today...
It's strange these false positives. Notepad.exe is not being detected in my language Windows 7.
Can you run a boot time scanning and write down the names of the infected files?
Do not harm your computer right now... as you can send to Chest files needed and clean...
The best things in life are free.

Offline nmb

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 3060
Re: Everything is a rootkit?
« Reply #2 on: May 11, 2010, 05:46:16 PM »
@ Tech,

I think it is a false positive, may be.

This detection was added in 100511-0 so may be a fix is on the way.

Although I would recommend uploading the file to virustotal.com and checking.

nmb

Offline logos

  • Avast √úberevangelist
  • Serious Graphoman
  • *****
  • Posts: 9442
Re: Everything is a rootkit?
« Reply #3 on: May 11, 2010, 06:17:01 PM »
Quote
Strange... we have other reports today...

yep, just what I thought...and nothing here either on W7.
w7 - ais7

Offline Dongo

  • Newbie
  • *
  • Posts: 2
Re: Everything is a rootkit?
« Reply #4 on: May 12, 2010, 03:57:23 AM »
Strange... we have other reports today...
It's strange these false positives. Notepad.exe is not being detected in my language Windows 7.
Can you run a boot time scanning and write down the names of the infected files?
Do not harm your computer right now... as you can send to Chest files needed and clean...

Ran the boot scan and it picked up something. Win32:Rootkitgen [rtk]

I guess the previous safe mode scans missed it.

Thanks guys.

Offline Milos

  • Avast team
  • Super Poster
  • *
  • Posts: 2234
Re: Everything is a rootkit?
« Reply #5 on: May 12, 2010, 09:40:46 AM »
@ Tech,

I think it is a false positive, may be.

This detection was added in 100511-0 so may be a fix is on the way.

Although I would recommend uploading the file to virustotal.com and checking.

nmb

Hello,
which detection?

Milos

Offline nmb

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 3060
Re: Everything is a rootkit?
« Reply #6 on: May 12, 2010, 09:33:12 PM »
Hello,
which detection?

Milos

Hello

Win32:Kates-BD [Trj]

Reported by some other user here, in the forum. He too had the same problem - the notepad thing. Searching for that post.. hope I find it.

Thx
nmb