Pando Networks\Media Booster\uninst.exe - Rootkit

Hello.
Today after scanning my computer Avast! found “mbamswissarmy.sys” to be a rootkit. I was not sure if this was false or not but I closed it and scanned at boot. This time it did not find mbamswissarmy.sys.
Instead Avast! Found “C:\Program Files\Pando Networks\Media Booster\Uninst.exe|>[UPX] - Win32:Rootkit-gen [Rtk]”
I’m not use If I should remove it or not, Do you think this is a false positive? What should I do?
Thank you in advance!

virus problems are usually posted in the virus and worms section :wink:

mbamswissarmy.sys
belongs to Malwarebytes.....
"C:\Program Files\Pando Networks\Media Booster\Uninst.exe

upload suspicious file(s) to www.virustotal.com and test with 40+ malware scanners
when you have the result, copy the url in the address bar and post it here for us to see

alternative
Jotti http://virusscan.jotti.org/en
VirSCAN http://virscan.org/
Metascan http://www.metascan-online.com/

also i think avast released a update a few minutes ago so you can run a manual update and scan again to see if it still detect

Oh I’m sorry for that, I don’t know what I was thinking…
I tried to upload the file but it looks like it have been uploaded before.

https://www.virustotal.com/file/3f8d50bdb903c0178dadeac4652611e173f7459098250f48f18d509f503934ed/analysis/

probably somone else that have same problem…

did you try manual update and new scan ?

Avast! has confirmed that this is a false-positive, and the issue should be fixed with the latest definition file/VPS.

You can find out about Pando Media Booster here: http://www.pandonetworks.com/pando-media-booster-support-faq

If you have any additional questions, please email us at community@pando.com

  • Pando Support