Author Topic: PlayOn rootkit?  (Read 2466 times)

0 Members and 1 Guest are viewing this topic.

wile_e

  • Guest
PlayOn rootkit?
« on: August 01, 2010, 07:45:47 PM »
I just finished installing the new version of PlayOn software on my Win7 PC. During installation, Avast found hidden rootkit. It doesn't show filename. It just says "C:\Program Files", Rootkit: hidden service.

Is this a false positive with PlayOn? Or was Avast doing a real-time background scan and found something else?

Adam Riley

  • Guest
Re: PlayOn rootkit?
« Reply #1 on: August 02, 2010, 10:10:12 AM »
Hi wile_e

I would suggest that you run a full scan to see if anything is found on your system now; if you think that something could be a false positive you can check it at jotti: http://virusscan.jotti.org/en-gb

Best,
Adam

Online DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88900
  • No support PMs thanks
Re: PlayOn rootkit?
« Reply #2 on: August 02, 2010, 04:47:59 PM »
I'm not a fan of Jotti as a) I believe it uses the unix/linux version of avast and b) it has far less scanners than VirusTotals 41 of them.

You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner and report the findings here the URL in the Address bar of the VT results page. You can't do this with the file securely in the chest, you need to extract it to a temporary (not original) location first, see below.

Create a folder called Suspect in the C:\ drive. Now exclude that folder in the File System Shield, Expert Settings, Exclusions, Add, type (or copy and paste) C:\Suspect\*
That will stop the File System Shield scanning any file you put in that folder.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: PlayOn rootkit?
« Reply #3 on: August 02, 2010, 07:39:16 PM »
I believe it uses the unix/linux version of avast

That's right..!!
Here's another alternative: http://www.virscan.org/
asyn
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0