AVG | AVG Support and Discussion Forums

English
- Česky
- English
- Español
- Français
- Português

Can’t find the answer you are looking for?

Get free phone support.

Folder

AVG Forums » Other topics » Virus Removal, Tools for Removing » Help Please - Infection Shown In Rootkit Scan

New thread Reply

October 20, 2010 16:41	Help Please - Infection Shown In Rootkit Scan #117511
	Reply with Quote \| Quick Reply \| Top
Rabbits9 Novice Join Date: 20.10.2010 Posts: 2	After installing the new AVG I did a rootkit scan - the result was - AVG 2011 anti-virus rootkit scan results - NOT REMOVED File "";"C:\WINDOWS\system32\drivers\sfsync02.sys" Infection "IRP hook, \Driver\atapi IRP_MJ_INTERNAL_DEVICE_CONTROL -> sfsync02.sys +0xD60" Result ;"Object is hidden" I have an option to remove - but should I?

October 20, 2010 17:06	Re: Help Please - Infection Shown In Rootkit Scan #117513
	Reply with Quote \| Quick Reply \| Top
Keymaker AVG fan Join Date: 10.10.2009 Posts: 117	Nope, its a game protection software. You apparently have some original game .. amazing

October 20, 2010 20:35	Re: Help Please - Infection Shown In Rootkit Scan #117607
	Reply with Quote \| Quick Reply \| Top
miappia Novice Join Date: 20.10.2010 Posts: 1	Root-Kit Infections!!.. Hello I have just run my root-kit for the first time and have 350 come up"";"C:\WINDOWS\system32\dla\tfsnifs.sys";"IRP hook, \FileSystem\Fs_Rec IRP_MJ_FILE_SYSTEM_CONTROL -> tfsnifs.sys GetSystemType+0xC53D";"Object is hidden" This is a copy of just one should i remove - how do i know if they are legitimate programs or should they be removed.

October 21, 2010 07:43	Re: Help Please - Infection Shown In Rootkit Scan #117823
	Reply with Quote \| Quick Reply \| Top
jirka82 TechBuddy Ambassador Join Date: 19.6.2009 Posts: 3890	Hello miappia, please be informed that the tfsnifs.sys file belongs to drive letter access, usually connected to disc burning software. how do i know if they are legitimate programs or should they be removed Searching the filename on Internet provides initial information. You may then uninstall the related software temporarily to check whether the anti-rootkit detection is not present. Also, please check the FAQ 2353 article. You may also send us the detected drivers for analysis as described in the "How To Handle Infection Suspicion?" post if some obviously suspicious file is detected by the scan (however, please check the FAQ 2346 article first). Thank you. ___________________AVG TeamHow-To articles \| FAQ

March 26, 2011 12:50	Re: Help Please - Infection Shown In Rootkit Scan #154459
	Reply with Quote \| Quick Reply \| Top
alesk Novice Join Date: 20.7.2009 Posts: 4	jirka82 wrote ... please check the FAQ 2353 article. ...FAQ Thanks for your comments. I have looked at the articles mentioned and I still don't know if the two root-kits found on my laptop pose a problem. They are identified as follows: C:\WINDOWS\system32\dla\tfsnifs.sys IRP hook, \FileSystem\cdudf_xp IRP_MJ_FILE_SYSTEM_CONTROL -> tfsnifs.sys GetSystemType+0xCBA2 Object is hidden C:\WINDOWS\system32\dla\tfsnifs.sys IRP hook, \FileSystem\UdfReadr_xp IRP_MJ_FILE_SYSTEM_CONTROL -> tfsnifs.sys GetSystemType+0xCBBA Object is hidden Thanks for any help, AE

March 27, 2011 12:55	Re: Help Please - Infection Shown In Rootkit Scan #154525
	Reply with Quote \| Quick Reply \| Top
dusano123 Moderator Join Date: 30.9.2009 Posts: 3566	Hello alesk, I still don't know if the two root-kits found on my laptop pose a problem. No, they do not pose a threat. You can simply ignore the detection. More information can be found in the mentioned FAQ articles above your last post. Thank you ___________________AVG TeamHow-To articles \| FAQ

New thread Reply

Go to

Previous thread |

Up to parent | Next thread