Remove-Malware.com Forums

[vman1]

I did a scan on my computer with the TDSS Killer and it found sptd.sys in C:\windows\system32\drivers\ and I don't know what to do now I was thinking I should load up the rescue disk and try to clean it or just delete it?

[gusthebus]

If you know how to use the Kaspersky rescue disk (assuming that's what you're doing) go ahead and run a scan with that. Keep in mind it could be a false positive, if your AV finds nothing you should post a combofix/OTL log here.

[vman1]

Would combofix really help

[Ramnic]

Looks like a false positive
http://www.bleepingcomputer.com/startup ... 13477.html

But if you still think there is malware on you computer you should scan with Malwarebytes' Anti-Malware in safe mode.

[vman1]

I did a malwarebytes scan before I did tdss killer and it found nothing, then I ran tdss killer and it found that file

[vman1]

Oh thank you very much Ramnic I am usally good with malware removel but I got conerned since it was in that dierctory, Thank You!

[ZOU]

I did a malwarebytes scan before I did tdss killer and it found nothing, then I ran tdss killer and it found that file

In the past, Alureon (TDSS variant) was not spotted by MBAM on my machine, but HitMan Pro did spot it. When dealing with elite malicious rootkits, MBAM is good for a final clean up, but a KAV rescue disk is the nail in the coffin for the worst rootkits (follow up with MBAM). If you don't have a rescue disk, ComboFix would be my second choice. Matt has used TDSS killer, and Bit Defender's TDSS killer in the recent past against the TDSS family with no success.

[googoo1876]

Just saying, but the KAV rescue disk missed a rootkit I was working on, and took a ridiculous long time to run. ComboFix + MBAM totally nailed it though. That may be due to an update issue, but that's my story. Moral is if KAV fails try ComboFix at the direction of the community.

[ZOU]

Whatever works. I guess there is no sure solution these days; it is all about knowing about the available tools.