« previous next »
Pages: [1]   Go Down

Author Topic: Avast detects system driver file as trojan  (Read 2777 times)

0 Members and 1 Guest are viewing this topic.

johndoe

  • Guest
Avast detects system driver file as trojan
« on: September 26, 2008, 04:58:40 AM »
Today I ran Avast and during memory scanning, it detected this file us30kbd2k.sys in C:\Windows\System32\Drivers, as a trojan. I took Avast's suggestion to move it to the chest. After restarting my PC, my keyboard stopped working. I found out that the file Avast detected as a trojan was a file related to the keyboard's function. I restored the file from the chest, restarted my PC and all keyboard functions were working as normal. Just wanted to give everyone a heads up incase they run into this problem like I did.
Logged

ardvark

  • Guest
Re: Avast detects system driver file as trojan
« Reply #1 on: September 26, 2008, 05:40:27 AM »
Quote from: johndoe on September 26, 2008, 04:58:40 AM
Today I ran Avast and during memory scanning, it detected this file us30kbd2k.sys in C:\Windows\System32\Drivers, as a trojan. I took Avast's suggestion to move it to the chest. After restarting my PC, my keyboard stopped working. I found out that the file Avast detected as a trojan was a file related to the keyboard's function. I restored the file from the chest, restarted my PC and all keyboard functions were working as normal. Just wanted to give everyone a heads up incase they run into this problem like I did.

Hi...

Just as a suggestion, you may want to run the file through an online scanner like jotti to make sure that it isn't infected....

http://virusscan.jotti.org/

If it comes out clean, you can exclude the file from both the main and realtime scanners. :)

Best Regards...
Logged

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67194
Re: Avast detects system driver file as trojan
« Reply #2 on: September 26, 2008, 04:26:06 PM »
To know if a file is a false positive, please submit it to VirusTotal and let us know the result. If it is indeed a false positive, send it in a password protected zip to virus@avast.com. VirusTotal has a file size limit of 10Mb. Please, mention in the body of the message why you think it is a false positive and the password used. Thanks.

Maybe you need to disable Hide protected operating system files and enable View hidden files and folders to manage the file(s).

As a workaround, you can add these files to the Standard Shield provider (on-access scanning) exclusion list.
Left click the 'a' blue icon, click on the provider icon at left and then Customize. Go to Advanced tab and click on Add button...
You can use wildcards like * and ?. But be careful, you should 'exclude' that many files that let your system in danger.
Logged
The best things in life are free.

CharleyO

  • Guest
Re: Avast detects system driver file as trojan
« Reply #3 on: September 27, 2008, 09:16:58 AM »
***

Information on us30kbd2k.sys ......

Quote
The file is a keyboard driver, can record inputs.

http://www.file.net/process/us30kbd2k.sys.html


***
Logged
Pages: [1]   Go Up
« previous next »