Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Consumer Products
»
Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier)
(Moderators:
hectic-mmv
,
LudekS
,
chytil2
) »
sptd.sys likely a false positive
« previous
next »
Print
Pages:
1
2
3
[
4
]
Go Down
Author
Topic: sptd.sys likely a false positive (Read 31588 times)
0 Members and 1 Guest are viewing this topic.
cadremis
Guest
Re: sptd.sys likely a false positive
«
Reply #45 on:
June 02, 2011, 06:59:18 AM »
Since I never received and answer form Avast and since I do not use Alchohol and Deamon Tools I decided to use killbox to get rid of that file on re-boot, now my sistem is clean again and not receiving such alerts.
Thanks..rm
See attached picture
«
Last Edit: June 02, 2011, 07:06:43 AM by cadremis
»
Logged
essexboy
Malware removal instructor
Avast Überevangelist
Probably Bot
Posts: 40589
Dragons by Sasha
Re: sptd.sys likely a false positive
«
Reply #46 on:
June 02, 2011, 07:44:33 PM »
No that looks OK - when I had the case aswMBR put rootkit in big bright red letters next to it
Logged
MeDIeVaL
Guest
Re: sptd.sys likely a false positive
«
Reply #47 on:
June 10, 2011, 11:13:19 AM »
I do not use either Alchohol nor Deamon Tools but still got the sptd.sys warning today. Scanned with aswMBR and I got this...
aswMBR version 0.9.5.256 Copyright(c) 2011 AVAST Software
Run date: 2011-06-10 17:08:16
-----------------------------
17:08:16.417 OS Version: Windows 6.0.6002 Service Pack 2
17:08:16.417 Number of processors: 2 586 0x170A
17:08:16.418 ComputerName: LOGAM-PC UserName: Logam
17:08:19.521 Initialize success
17:08:33.442 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
17:08:33.444 Disk 0 Vendor: WDC_WD3200BEVT-75ZCT2 11.01A11 Size: 305245MB BusType: 3
17:08:35.504 Disk 0 MBR read successfully
17:08:35.508 Disk 0 MBR scan
17:08:35.511 Disk 0 unknown MBR code
17:08:37.515 Disk 0 scanning sectors +625137345
17:08:37.614 Disk 0 scanning C:\Windows\system32\drivers
17:08:44.481 Service scanning
17:08:46.514 Disk 0 trace - called modules:
17:08:46.555
ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x864341f8]<<
17:08:46.556 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x866141c8]
17:08:46.556 3 CLASSPNP.SYS[8c3a28b3] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x8647e8a0]
17:08:46.556
\Driver\atapi[0x85ab86e8] -> IRP_MJ_CREATE -> 0x864341f8
17:08:46.557 Scan finished successfully
17:12:01.940 Disk 0 MBR has been saved successfully to "C:\Users\Logam\Documents\MBR.dat"
17:12:01.945 The log file has been saved successfully to "C:\Users\Logam\Documents\aswMBR.txt"
What should I do next?
Logged
Pondus
Probably Bot
Posts: 37527
Not a avast user
Re: sptd.sys likely a false positive
«
Reply #48 on:
June 10, 2011, 11:33:02 AM »
Try this
kaspersky TDSSKiller
http://support.kaspersky.com/faq/?qid=208283363
if still problems, starte a new topic in the "virus an worms" section
http://forum.avast.com/index.php?board=4.0
Follow this guide from our expert malware remover Essexboy
http://forum.avast.com/index.php?topic=53253.0
( post the logs in the new topic you start )
To avoid using multiple post with copy and paste you have to attach the log`s
Lower left corner: Additional Options > Attach ( Malwarebytes log / OTS log ) save OTS log as ANSI
Essexboy will look at the logs when he arrive later today...
Logged
essexboy
Malware removal instructor
Avast Überevangelist
Probably Bot
Posts: 40589
Dragons by Sasha
Re: sptd.sys likely a false positive
«
Reply #49 on:
June 10, 2011, 12:53:46 PM »
Good call that suggest a TDLO3 infection
Logged
Print
Pages:
1
2
3
[
4
]
Go Up
« previous
next »
Avast WEBforum
»
Consumer Products
»
Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier)
(Moderators:
hectic-mmv
,
LudekS
,
chytil2
) »
sptd.sys likely a false positive