Author Topic: PlayOn rootkit?  (Read 2204 times)

0 Members and 1 Guest are viewing this topic.

Offline wile_e

  • Jr. Member
  • **
  • Posts: 20
PlayOn rootkit?
« on: August 01, 2010, 07:45:47 PM »
I just finished installing the new version of PlayOn software on my Win7 PC. During installation, Avast found hidden rootkit. It doesn't show filename. It just says "C:\Program Files", Rootkit: hidden service.

Is this a false positive with PlayOn? Or was Avast doing a real-time background scan and found something else?

Adam Riley

  • Guest
Re: PlayOn rootkit?
« Reply #1 on: August 02, 2010, 10:10:12 AM »
Hi wile_e

I would suggest that you run a full scan to see if anything is found on your system now; if you think that something could be a false positive you can check it at jotti: http://virusscan.jotti.org/en-gb

Best,
Adam

Offline DavidR

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 84911
  • No support PMs thanks
Re: PlayOn rootkit?
« Reply #2 on: August 02, 2010, 04:47:59 PM »
I'm not a fan of Jotti as a) I believe it uses the unix/linux version of avast and b) it has far less scanners than VirusTotals 41 of them.

You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner and report the findings here the URL in the Address bar of the VT results page. You can't do this with the file securely in the chest, you need to extract it to a temporary (not original) location first, see below.

Create a folder called Suspect in the C:\ drive. Now exclude that folder in the File System Shield, Expert Settings, Exclusions, Add, type (or copy and paste) C:\Suspect\*
That will stop the File System Shield scanning any file you put in that folder.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.3.2459 (build 21.3.6164.561) UI 1.0.609/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline Asyn

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 70257
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: PlayOn rootkit?
« Reply #3 on: August 02, 2010, 07:39:16 PM »
I believe it uses the unix/linux version of avast

That's right..!!
Here's another alternative: http://www.virscan.org/
asyn
W 8.1 [x64] - Avast PremSec 21.4.2463.B4 [UI.617] - EEK - Firefox ESR 78.10.1 [NS/uBO/PB] - TB 78.10.1
Avast-Tools: Secure Browser 90.1 - Cleanup 21.1 - SecureLine 5.11 - Driver Updater 21.1 - CCleaner 5.78
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0