sptd.sys likely a false positive

I ended up uninstalling Alchohol trial version today but same alert is coming everytime I re-start the computer… now what? this is really anoying! I asked Avast to delete the file but every time I re-start the computer it comes back.

Guys,
I need help here! what do I do?

False positive with certainty, and so searched the forum Daemon T. this file
is used to secure the registration of the program, and also connected to this virtual drive.

I’ll stick with the option to ignore until the next update…

Search Results for "sptd.sys"
Rootkit.Agent/Gen-Haxdoor.Process

Rookit that may log user information and possibly block access to certain security related sites.

Category : TROJAN



http://www.fileresearchcenter.com/search.html?searchitem=sptd.sys&search=Search…

If it is a real Trojan why Avast doesn’t do anything about it, I have deleted the file and made 4 boot scans according Avast recomendations but still there.

Mbmam does not detect it, Superantispyware is not detecting it either.

Please let me know the real way to get rid of this thing that it is really anoying me…rm

The most effective way of removing the file would be at SPTD.SYS DuplexSecure uninstaller.

That usually is at: start / all programs / DAEMON tools lite / SPTDSetup

Of course, if your case is linked to Daemon T.

I’ll still wait for an update in avast because I have no intention of removing the SPTD and Daemon from my system.

You can upload the file on this link and see what it says about your specific sptd.sys file.

http://www.virustotal.com/index.html

Someone did it before…

http://www.virustotal.com/file-scan/report.html?id=ccac2cc44f90001da973d2b6e644ff37fa6c31c7a3abd936645382537fa63edd-1306837223

Which was a bit of a pointless exercise as this is the anti-rootkit scan that is flagging this, something which can’t be run from VT. So I wouldn’t expect it to find anything and that is the same reason why the standard scans of avast don’t detect anything.

What is considered suspicious I don’t completely know, but most certainly it must be a hidden process/driver, why it needs to be run hidden is beyond me.

As for why after asking avast to delete it and it coming back, well I don’t know if avast is only removing the hidden driver and not the actual file from the system32\drivers folder. So there is some program which uses this driver and is reloading it. Finding what that might be is going to be the hard part.

I don’t have the sptd.sys file on my XP Pro SP3 system, is your alert on the XP or win7 system ?

I’m using Windows Vista Ultimate SP1/Avast v.6.0.1125/110531-1 free and am getting the same message mentioned by other users in Avast.

For now I’m still cranking mode’‘ignore’’ when I get the message.

I will remain so until he had more details, or perhaps the ‘‘problem’’ solved in a next update.

The alert is only in Windows 7 for the moment, in that computer I installed Alchohol 3 days ago, Now as I said I uninstalled it but the alert is still driving me crazy…rm

And do you have Alchohol or Daemon tools in that PC?

Yes, I have only Daemon tools lite (installed about 2 years without changing anything in)
together and installed the driver (SPTD).

Let’s wait an answer for Avast tomorrow, I will ignore the alert and will ask my friends in the forum in Spanish (forospyware) to wait, since there are several threads there waiting for an answer on this…rm

It may be a false positive, accordingly Alcohol support.
See here: http://forum.avast.com/index.php?topic=77651.0

Salute.

Position or any information someone from support?

On the situation of the SPTD driver listed in this topic …

Avast has released 2 updates and the problem still here with 110601-1… and I still don’t know if it is a FP or is it a real virus? anyone from Avast to answer the question and what is being done?

You need to be cautious I have just cleaned a system with an infected sptd.sys that was masking a TDL4 bootkit. aswMBR was the only programme that flagged it. After I removed the file I was then able to cure the TDL4. So it might be worth while checking it with aswMBR

Interesting, thanks for the input.

Hi guys; I’ve had the same problem and solved it by uninstalling Daemon tools (i didn’t almost use it) and then deleting the sptd.sys file, since this one didn’t dissapear after the uninstallation.
Do you know if Avast is already aware of this problem…?

I got tired of waiting, the two new update did not work, so I decided to uninstall the SPTD driver normally my system (do not delete the Avast does not exclude manually, does not exclude Daemon tools) excludes only the driver for your uninstaller.

After it rebooted my system and voila, I was no longer with the driver but with this action the program Daemon T. would not work more then I discovered that searching the Daemon T. provides a driver similar to SPTD.SYS authored DTSOFTBUS01.SYS own driver who once again did not run the Daemon and not found the driver SPTD.SYS, it offers the driver DTSOFTBUS01.SYS.

Then there is tip for those who want to solve your problem without uninstalling the program Daemon.