A strange thing happened about three hours ago, I received a Rootkit alert from Avast: A Rootkit was detected in hidden folder C:\windows\system32\drivers\sfloppy.sys and Avast asked me if I wanted to delete this sfloppy.sys Rootkit, I chose “delete sfloppy.sys” and reboot my computer, I run avast to scan the system again, Nothing was found. After a few minutes the same warning alert me again. I open the folder C:\windows\system32\drivers\, It is SO strange, after deleting sfloppy.sys, the file is still there. sfloppy.sys could be downloaded automatically? sfloppy.sys is corrupted? How to fix this problem?
PS: my computer is using Windows XP SP3.
We notice that a lot of pc users are suffering this problem. This is a false positives of Avast antivirus software. This problem happened after 111206-0 and 111206-1 virus definition file updated, please update Avast virus definition to 111206-2, restarted your computer and no longer have sfloppy.sys warning problem.
PS: we also found a threaten about sfloppy.sys, Virus:Win32/Tamnit could hide itself as sfloppy.sys and could startup automatically and then connect to some remote servers. We recommend you remove sfloppy.sys virus at once and prevent the virus from damaging your computer further.
How to get rid of Sfloppy.sys virus automatically?
You will need to download and burn into CDROM several programs on clean PC or copy them to USB Disk to remove virus. Here is the instruction:
Step A: copy the below programs to USB disk (you can use an MP3 player) or Burn them to CD:
- Avast Pro Antispyware software(free of charge) .Please download with this Download Link.
Step B: Restart your computer. At this point you need to gently Press the F8 key repeatedly when you find the startup menu, Select the option “ Safe Mode with Networking” by using the arrow key, then press Enter key on your keyboard , and your computer will start into Windows Safe Mode.
Step C: Now you need to install Avast Pro Antispyware on your computer, When the program is installed， your need update its database to the latest, then reboot your computer to make the program fully functional, Go Step B to reboot your computer into Safe Mode and do a complete scan for your computer .
(1)In case you have some problems running Avast Pro Antispyware, you may rename the downloaded file name to explorer.exe or iexplore.exe. After that double click the download file and follow the install steps.
(2) Please make file extension show before renaming download file.
Step D: After finish the full scan, click "Show Results" and be sure that the important data aren’t removed and infected. Select or ignore the scan result and click "Remove Selected" button to get rid of the virus and malwares. Avast Pro Antispyware will give you a report to indicate all operations for this scan. It can be saved as you want. Restart your computer and the Avast Pro Antispyware will get rid of all virus or malwares which are detected before.
Step E: How to erase bad registry? Please install Wise PC Doctor– the best PC cleaner can easily fix your broken registry values and restore registry values.
Why Wise PC Doctor should be used?
As we all know, virus, Trojans and Malwares make the computer breakdown by destroying and modifying the registry values so that the computer will not run normally.
After the virus, Trojans and Malwares are removed, the registry remains to be destroyed or modified, therefore the computer’s system still has some problems. That’s why you really need to fix the registry. Furthermore, some virus, Malwares and Trojans leave many dll data in the registry and this may cause damaged DLL errors and also have an effect on the computer’s system performance.
In any other case Uninstall or install software may make your registry database fragmented, with corrupted, harmful and obsolete files. Do a complete scan for your computer by Wise PC Doctor at this moment.
Step F: Run Wise PC Doctor to repair your computer:
1. Install Wise PC Doctor.
2. Click "One-Click Fix", do a complete scan for your computer.
3. Click “Repair All” then fix all detected problems.