Rootkit hidden filefloppy sys

[set1]

 

The update 1) did not fix the problem - I am still getting the false positive and 2) it rebooted my computrer WITHOUT asking me while I was in the middle of writing an important work email!!!

[montybanks]

Time now 1630 gmt English time.
Still getting message re rootkit kidden sfloppy/sys.
How soon before false positive fixed. any ideas???

[REDACTED]

Hi

In Poland I have the same problem now. It started 30 minutes ago...

[calcu007]

Be sure you have the VPS 111206-2 or late

[SaRaGoN]

With this update 111206-2 Avast fix the problem.

[DavidR]

As mentioned ensure you have the latest VPS update 111206-2 and reboot 8 minutes after the boot the rootkit happens and you shouldn't get an alert.

See image extract of the end of the aswAR.log file run after a reboot on my system with that VPS.

[zing]

Yep, updated to VPS 111206-2 and it's fixed. No more rootkit messages about sfloppy.sys, after rebooting.

[polonus]

Cześć bombeczkaATgmail.com,

You do not want spammers on your back, then give your nick "bez małpy"
Did you update to the last engine and virus definitions?

pozdrawiam,

polonus

[msgreyberry]

Had the same problem 5 minutes ago...I was about to press "delete" but then I figured out something's not right...no viruses, no dangerous websites, no anything, nothing dangerous...using loads of precautions and antimalware engines I freaked out..Thank you Avast! for the quick update!
So I assume it is safe to "ignore" the notice?

[DavidR]

Yes, and ensure you have VPS 111206-2 as mentioned earlier and reboot.

[rob24]

Well that seems to have sorted that OK , once I updated VPS manually to 111206-2.

What I don't understand it that on the first indication today after PC started, Avast recommended Delete followed by boot scan. The latter was clean and PC continued to start with no further warnings. I turned pc off again about an hour later, and later still I started up to the same warning, with the same recommendation. It appeared not to have deleted the file. It was at that point I consulted this thread whilst I still had the warning up, and took the advice to 'Ignore'.

[BlueCrab405]

Hi all. Having the same issue this morning. Using Avast Free version on windows XP (man..i need to upgrade  ). I did the same thing at first and chose delete (which did not happen).

I see in the engine and definitions update that version 111206-2 is out, however my system will not update the latest definitions for some reason. it's still stuck on 111206-0. I've been trying to update for over 2 hours now.

anyone else having this issue?

[DavidR]

Well that seems to have sorted that OK , once I updated VPS manually to 111206-2.

What I don't understand it that on the first indication today after PC started, Avast recommended Delete followed by boot scan.
<snip>

Certain detections will suggest doing a boot-time scan, rootkit based detections would be one area were boot-time scan would be suggested as by their nature rootkits seek to hide something (other malware). The boot-time scan operating before windows is running may well be able to see what would otherwise have been hidden if windows was running.

[DavidR]

Hi all. Having the same issue this morning. Using Avast Free version on windows XP (man..i need to upgrade  ). I did the same thing at first and chose delete (which did not happen).

I see in the engine and definitions update that version 111206-2 is out, however my system will not update the latest definitions for some reason. it's still stuck on 111206-0. I've been trying to update for over 2 hours now.
<snip>

What errors are you getting when you try to update ?

- Try a repair of avast:
XP - Add Remove programs, select 'avast! Anti-Virus,' click the Change/Remove button and scroll down to Repair, click next and follow.

[Henry-Finland]

The same as everybody else and on both computers.
Deleted and did the scan.
Vanished.

XP and Free Avast.

Henry