Author Topic: sptd.sys = Rootkit: hidden file??  (Read 12462 times)

Offline Hanziness

  • Full Member
  • ***
  • Posts: 139
  • Gender: Male
  • Programmer
    • My website (Hungarian)
    • Personal Message (Offline)
sptd.sys = Rootkit: hidden file??
« on: May 31, 2011, 04:04:53 PM »
Good evening!
Avast! has just downloaded its new database, and... (see the picture)

So I got a rootkit alarm about sptd.sys - and it can't be a virus, bucause the same message popped up at my brother too (after avast! updated its database)

Is this a false positive?

EDIT #1:
Translation:

ROOTKIT DETECTION
A hidden suspicious object (rootkit) has been detected in Your system. This refers to a malicious infection. It is recommended to remove this object immediatly.

---------

ROOTKIT INFORMATIONS
File name.....|.....Rootkit name
....sptd.sys..|.....Rootkit: hidden file

----------

ACTIONS
Delete now (recommended)
Ignore

....
Sorry if it does not match with the English translation.
« Last Edit: May 31, 2011, 04:13:24 PM by Hanziness »
My "jobs":
- Emsi Software GmbH Translator (Online Armor) (to: Hungarian)
- Avast! Translator (Mobile Security) (to: Hungarian)

' I made some wallpapers too, you can see them on my Windows Live profile - just ask for a link ;)

Offline Pondus

  • avast! Überevangelist
  • Maybe Bot
  • *****
  • Posts: 21649
  • Gender: Male
    • Personal Message (Offline)
Chief Wiggum: Uh, no, you got the wrong number. This is 9-1…2.


Offline Hanziness

  • Full Member
  • ***
  • Posts: 139
  • Gender: Male
  • Programmer
    • My website (Hungarian)
    • Personal Message (Offline)
Re: sptd.sys = Rootkit: hidden file??
« Reply #2 on: May 31, 2011, 04:15:55 PM »
Oh, sorry for posting it, I just didn't find a topic so I posted it to tell that it appeared again.

Thank you very much!
My "jobs":
- Emsi Software GmbH Translator (Online Armor) (to: Hungarian)
- Avast! Translator (Mobile Security) (to: Hungarian)

' I made some wallpapers too, you can see them on my Windows Live profile - just ask for a link ;)

Offline Pondus

  • avast! Überevangelist
  • Maybe Bot
  • *****
  • Posts: 21649
  • Gender: Male
    • Personal Message (Offline)
Re: sptd.sys = Rootkit: hidden file??
« Reply #3 on: May 31, 2011, 04:25:16 PM »
Oh, sorry for posting it, I just didn't find a topic so I posted it to tell that it appeared again.

Thank you very much!
your welcome.....

and you where the only one posting it in the right section of the forum "virus and worms"   ;D
Chief Wiggum: Uh, no, you got the wrong number. This is 9-1…2.


Offline Hanziness

  • Full Member
  • ***
  • Posts: 139
  • Gender: Male
  • Programmer
    • My website (Hungarian)
    • Personal Message (Offline)
Re: sptd.sys = Rootkit: hidden file??
« Reply #4 on: May 31, 2011, 04:30:20 PM »
"...also FP solving..." :D

I told avast! to remember ignoring it, at my brother it said that it's a suspicious file - and not a rootkit.

Is it a little "bug" that when I selected ignore and pressed "OK", it said that "In order to complete cleaning your system, you should run a boot time scan. Do you want to restart you computer and start a scan?" - or something similar?
My "jobs":
- Emsi Software GmbH Translator (Online Armor) (to: Hungarian)
- Avast! Translator (Mobile Security) (to: Hungarian)

' I made some wallpapers too, you can see them on my Windows Live profile - just ask for a link ;)

Offline DavidR

  • avast! Überevangelist
  • Certainly Bot
  • *****
  • Posts: 69200
  • Gender: Male
  • No support PMs thanks
    • Personal Message (Offline)
Re: sptd.sys = Rootkit: hidden file??
« Reply #5 on: May 31, 2011, 04:34:57 PM »
Personally I wouldn't recommend that action as a) there doesn't appear to be a way to reverse it and b) you would never know if it was resolved, e.g. when it no longer alerts.

So I would just go for the Ignore option only so as to know what is going on on my system.
Core2Duo E8300/ 4GB Ram/ WinXP ProSP3/ avast! free 2014 9.0.2016/ Outpost Firewall Pro9.1/ Firefox 28.0, NoScript, RequestPolicy/ MailWasher Pro/ DropMyRights/ MalwareBytes AntiMalware Premium 2.0.1/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security

Offline MANU77

  • Newbie
  • *
  • Posts: 1
    • Personal Message (Offline)
Re: sptd.sys = Rootkit: hidden file??
« Reply #6 on: June 01, 2011, 06:11:18 AM »
"...also FP solving..." :D

I told avast! to remember ignoring it, at my brother it said that it's a suspicious file - and not a rootkit.

Is it a little "bug" that when I selected ignore and pressed "OK", it said that "In order to complete cleaning your system, you should run a boot time scan. Do you want to restart you computer and start a scan?" - or something similar?
same problem for me since yesterday.....I tried boot time scan and it didn't worked for me!!!
it is reporting me again as rootkit.What to do?? ??? can any one help me plzzz :)

Offline Pondus

  • avast! Überevangelist
  • Maybe Bot
  • *****
  • Posts: 21649
  • Gender: Male
    • Personal Message (Offline)
Re: sptd.sys = Rootkit: hidden file??
« Reply #7 on: June 01, 2011, 08:07:33 AM »
"...also FP solving..." :D

I told avast! to remember ignoring it, at my brother it said that it's a suspicious file - and not a rootkit.

Is it a little "bug" that when I selected ignore and pressed "OK", it said that "In order to complete cleaning your system, you should run a boot time scan. Do you want to restart you computer and start a scan?" - or something similar?
same problem for me since yesterday.....I tried boot time scan and it didn't worked for me!!!
it is reporting me again as rootkit.What to do?? ??? can any one help me plzzz :)
Did you check the link in my first reply above ?
Chief Wiggum: Uh, no, you got the wrong number. This is 9-1…2.


Offline Hanziness

  • Full Member
  • ***
  • Posts: 139
  • Gender: Male
  • Programmer
    • My website (Hungarian)
    • Personal Message (Offline)
Re: sptd.sys = Rootkit: hidden file??
« Reply #8 on: June 01, 2011, 11:17:07 AM »
"...also FP solving..." :D

I told avast! to remember ignoring it, at my brother it said that it's a suspicious file - and not a rootkit.

Is it a little "bug" that when I selected ignore and pressed "OK", it said that "In order to complete cleaning your system, you should run a boot time scan. Do you want to restart you computer and start a scan?" - or something similar?
same problem for me since yesterday.....I tried boot time scan and it didn't worked for me!!!
it is reporting me again as rootkit.What to do?? ??? can any one help me plzzz :)
Click Special, make sure that the "remember" is checked, select "Ignore" and press OK, this a False positive - as I think ;)
Do not run a boot time scan if it asks you (about restarting your computer and running a boot time scan, click NO)

OR

Try to update your virus signatures - open the GUI (Graphical User Interface) -> Maintenance -> Update -> Click Update under definitions
My "jobs":
- Emsi Software GmbH Translator (Online Armor) (to: Hungarian)
- Avast! Translator (Mobile Security) (to: Hungarian)

' I made some wallpapers too, you can see them on my Windows Live profile - just ask for a link ;)

 

Google Chrome

AVAST recommends using the FREE Google Chrome™ browser.

Download Google Chrome Now