SVC:MBAMSwissArmy Rootkit Detected

Started cold boot, 8 Minute scan by Avast! came up with this. Definitions 120902-1. Was updating MBAM at the time. Options were to either delete or ignore, followed by a request for a boot-time scan. Ignored and no boot-time scan done yet.

FP?

Yep that is MBAM’s low level driver

Oh, is ok? Seems it’s a service that would only be running when the gui is open as in downloading updates.

No its runs all the time … Even on the free version

not the first time it is detected …

just curious, how low is l
o
w?

(For the mbam system driver)