located threats- system32\drivers\spuo.sys What is it & can i delete?

Page 1 of 3 123 LastLast

  1. Posts : 17
    windows 7 ultimate x64
       #1

    located threats- system32\drivers\spuo.sys What is it & can i delete?


    AVG found a bunch of threats in said location (picture included). Can anyone tell me what that is exactly, what could it affect in my computer, and most importantly - can i safely "heal"/"remove" said files?
    I don't wanna carelessly mess with system32...
    Attached Thumbnails Attached Thumbnails located threats- system32\drivers\spuo.sys What is it & can i delete?-untitled.png  
      My Computer


  2. Posts : 25,847
    Windows 10 Pro. 64/ version 1709 Windows 7 Pro/64
       #2

    Thank you amitamit2 for posting here as requested. I want to follow this.
      My Computer


  3. Posts : 2,470
    Windows 7 Home Premium
       #3

    Have you tried to use AVG to fix the issue?
    Does the he sp** file change after addressing the issue and restarting the computer?

    Let's see what the following anti-rootkit tool has to show...

    Please go to the Malwarebytes Anti-Rootkit Download

    Save to the Desktop (easy to find)

    Right-click the file and select: Extract here... (to the Desktop)

    Open its folder and double-click on mbar.exe to start the program.

    Follow the prompts and be sure to update the definitions when it asks.

    If it detects any infections, allow the program to remove them.

    When the program is done, two reports are created in the mbar folder:
    1. system-log.txt
    2. mbar-log-2013-02-18 (20-13-32).txt (corresponds to mbar-log-year-month-day (hour-minute-second).txt)

    Please provide both reports in your reply.
      My Computer


  4. Posts : 2,470
    Windows 7 Home Premium
       #4

    BTW, what version of AVG do you have?
      My Computer


  5. Posts : 1,346
    Windows 7 Professional x64
       #5

    amitamit2 said:
    AVG found a bunch of threats in said location (picture included). Can anyone tell me what that is exactly, what could it affect in my computer, and most importantly - can i safely "heal"/"remove" said files?
    I don't wanna carelessly mess with system32...
    The following link could be useful;

    Rootkit and malware detection and removal guide

    HTH
      My Computer


  6. Posts : 2,470
    Windows 7 Home Premium
       #6

    Some good information there, however, the programs mentioned are another story.

    RootkitRevealer
    About 6 or more years ago, it was going strong.
    Haven't seen anyone use it lately, and the last time I did, it did not support any Operating
    System beyond XP.

    Has it been updated now to run in Windows 7, and now it is back??
    Hmmmm....

    F-Secure BlackLight
    This program may run in Windows 7 32-bit. However, the system being dealt with is 64-bit.

    As far as the program goes, you will need to find specific instructions as to how to use it.
    It is not meant for casual use, and will result in Windows not operating properly, if used incorrectly.

    At this point, it is more than likely the detections are false. AVG had this problem before now.
    Last edited by cottonball; 11 Feb 2014 at 18:08. Reason: Type-o
      My Computer


  7. Posts : 4,776
    Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
       #7

    False Positive Detections?


    cottonball said:
    Some good information there, however, the programs mentioned are anothe story.

    RootkitRevealer
    About 6 or more years ago, it was going strong.
    Haven't seen anyone use it lately, and the last time I did, it did not support any Operating
    System beyond XP.

    Has it been updated now to run in Windows 7, and now it is back??
    Hmmmm....

    F-Secure BlackLight
    This program may run in Windows 7 32-bit. However, the system being dealt with is 64-bit.

    As far as the program goes, you will need to find specific instructions as to how to use it.
    It is not meant for casual use, and will result in Windows not operating properly, if used incorrectly.

    At this point, it is more than likely the detections are false. AVG had this problem before now.
    I reckon Cottonball knows best. It's probably false positive detection by AVG and you need to confirm by another source.

    I've used many rootkit detectors/ revealers and the only one that never gave a false positive detection was:

    Removing rootkit with the Trend Micro Rootkit Buster

    You need the 64bit version for Windows 7
      My Computer


  8. Posts : 2,470
    Windows 7 Home Premium
       #8

    Good choice, Callender!


    @amitamit2:

    Since it is best to use more than one tool to confirm results, also run the program...

    Please download Trend Micro Rootkit Buster:
    Removing rootkit with the Trend Micro Rootkit Buster
    Select the file that corresponds to your system (64-bit)
    Save the file on the Desktop

    Right-click RootkitBuster.exe, and select: Run as Administrator

    To use the program, accept the terms of the license agreement, and then click: Next
    On the next console, press: Scan Now

    Wait for the program to finish scanning the computer and until you see the results of the scan.
    You can also press the Log tab to obtain the report.

    At the screen containing the results, press: Full Results

    A 1392158435 - Notepad (numbers will vary) report opens on the Desktop containing info such as:

    Trend Micro RootkitBuster
    | Module version: 5.0.0.1129
    | Computer Name: CB-PC
    | OS version: 6.1-7601
    | User Name: CB

    Please provide the results of the XXXXXXXXXX - Notepad in your reply.

    Thanks!
      My Computer


  9. Posts : 17
    windows 7 ultimate x64
    Thread Starter
       #9

    cottonball, i downloaded Malwarebytes Anti-Rootkit as u instructed and will shortly write down what the results were.
    And about your questions:
    Have you tried to use AVG to fix the issue?
    As i said, i was afraid to press the remove all unhealed button, because those things were on system 32 and i asked if it's safe to click it.
    BTW, what version of AVG do you have?
    I don't know any more than what the pic in the first post says... "AVG antivirus free edition 2012, last updated 10/2/2014"... that's what it says... (Date is opposite for Americans, switch 10/2 to -> 2/10)

    EDIT:
    Since it is best to use more than one tool to confirm results, also run the program...
    Please download Trend Micro Rootkit Buster:
    Will do!
      My Computer


  10. Posts : 17
    windows 7 ultimate x64
    Thread Starter
       #10

    Malware Bytes keeps getting stuck on random files and isn't completing its scan... I'll give it a few more minutes to let it try to get itself unstuck on history.ie5\index.dat and if it's still there i'll try the other one this time...

    EDIT:
    Nvm, it's through with the file... took abnormally long... it's having similar pauses in a lot of files... this is gonna take a while... a long long while...

    EDIT 2: Malware Bytes is done. Seems like i had a big "boxore" problem, not sure if it's a big deal or not (Logs included).
    After restarting, I proceeded to use Trend Micro; It scanned for about half a second and produced no results...
    located threats- system32\drivers\spuo.sys What is it & can i delete? Attached Files
    Last edited by amitamit2; 11 Feb 2014 at 20:07.
      My Computer


 
Page 1 of 3 123 LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 05:13.
Find Us