Avast WEBforum

Other => Viruses and worms => Topic started by: Sartigan on May 31, 2011, 06:04:53 PM

Title: sptd.sys = Rootkit: hidden file??
Post by: Sartigan on May 31, 2011, 06:04:53 PM
Good evening!
Avast! has just downloaded its new database, and... (see the picture)

So I got a rootkit alarm about sptd.sys - and it can't be a virus, bucause the same message popped up at my brother too (after avast! updated its database)

Is this a false positive?

EDIT #1:
Translation:

ROOTKIT DETECTION
A hidden suspicious object (rootkit) has been detected in Your system. This refers to a malicious infection. It is recommended to remove this object immediatly.

---------

ROOTKIT INFORMATIONS
File name.....|.....Rootkit name
....sptd.sys..|.....Rootkit: hidden file

----------

ACTIONS
Delete now (recommended)
Ignore

....
Sorry if it does not match with the English translation.
Title: Re: sptd.sys = Rootkit: hidden file??
Post by: Pondus on May 31, 2011, 06:07:30 PM
http://forum.avast.com/index.php?topic=79072.0
Title: Re: sptd.sys = Rootkit: hidden file??
Post by: Sartigan on May 31, 2011, 06:15:55 PM
Oh, sorry for posting it, I just didn't find a topic so I posted it to tell that it appeared again.

Thank you very much!
Title: Re: sptd.sys = Rootkit: hidden file??
Post by: Pondus on May 31, 2011, 06:25:16 PM
Oh, sorry for posting it, I just didn't find a topic so I posted it to tell that it appeared again.

Thank you very much!
your welcome.....

and you where the only one posting it in the right section of the forum "virus and worms"   ;D
Title: Re: sptd.sys = Rootkit: hidden file??
Post by: Sartigan on May 31, 2011, 06:30:20 PM
"...also FP solving..." :D

I told avast! to remember ignoring it, at my brother it said that it's a suspicious file - and not a rootkit.

Is it a little "bug" that when I selected ignore and pressed "OK", it said that "In order to complete cleaning your system, you should run a boot time scan. Do you want to restart you computer and start a scan?" - or something similar?
Title: Re: sptd.sys = Rootkit: hidden file??
Post by: DavidR on May 31, 2011, 06:34:57 PM
Personally I wouldn't recommend that action as a) there doesn't appear to be a way to reverse it and b) you would never know if it was resolved, e.g. when it no longer alerts.

So I would just go for the Ignore option only so as to know what is going on on my system.
Title: Re: sptd.sys = Rootkit: hidden file??
Post by: MANU77 on June 01, 2011, 08:11:18 AM
"...also FP solving..." :D

I told avast! to remember ignoring it, at my brother it said that it's a suspicious file - and not a rootkit.

Is it a little "bug" that when I selected ignore and pressed "OK", it said that "In order to complete cleaning your system, you should run a boot time scan. Do you want to restart you computer and start a scan?" - or something similar?
same problem for me since yesterday.....I tried boot time scan and it didn't worked for me!!!
it is reporting me again as rootkit.What to do?? ??? can any one help me plzzz :)
Title: Re: sptd.sys = Rootkit: hidden file??
Post by: Pondus on June 01, 2011, 10:07:33 AM
"...also FP solving..." :D

I told avast! to remember ignoring it, at my brother it said that it's a suspicious file - and not a rootkit.

Is it a little "bug" that when I selected ignore and pressed "OK", it said that "In order to complete cleaning your system, you should run a boot time scan. Do you want to restart you computer and start a scan?" - or something similar?
same problem for me since yesterday.....I tried boot time scan and it didn't worked for me!!!
it is reporting me again as rootkit.What to do?? ??? can any one help me plzzz :)
Did you check the link in my first reply above ?
Title: Re: sptd.sys = Rootkit: hidden file??
Post by: Sartigan on June 01, 2011, 01:17:07 PM
"...also FP solving..." :D

I told avast! to remember ignoring it, at my brother it said that it's a suspicious file - and not a rootkit.

Is it a little "bug" that when I selected ignore and pressed "OK", it said that "In order to complete cleaning your system, you should run a boot time scan. Do you want to restart you computer and start a scan?" - or something similar?
same problem for me since yesterday.....I tried boot time scan and it didn't worked for me!!!
it is reporting me again as rootkit.What to do?? ??? can any one help me plzzz :)
Click Special, make sure that the "remember" is checked, select "Ignore" and press OK, this a False positive - as I think ;)
Do not run a boot time scan if it asks you (about restarting your computer and running a boot time scan, click NO)

OR

Try to update your virus signatures - open the GUI (Graphical User Interface) -> Maintenance -> Update -> Click Update under definitions