tdsskiller antirootkit detecting Unsigned file Service: bthA2dp.sys Suspicious object. false positive?

March 22, 2020

Hi,

OS Windows 10 x64: I have started in safe mode with all disabled applications, run tdsskiller downloaded from Official Kaspersky USA site (tdss last update April 2019)

I've run with all selected options: Boot section, Loaded Memory, Check signature and restarted for Loading Modules,

After the completed scan the result are:

Unsigned file

Service: BthA2dp Suspicious object, medium risk, Service type: Kernel driver 0x1, service start Demand 0x3 system32/drivers/bthA2dp.sys

Think it's a false positive... but i've scan on virustotal the checksum

Md5 CCA2505C9EB10CDABDC9FEE10D812F02

Sha256 8B0F65F411C463CBC68B8039D4795A3D3A356F6F18FF165F2C14439BD8FB569A

I've seen that have microsoft copyright and microsoft native application…

So i think it's a false positive... but imho i can't ensure 100% that isn't…

Can someone please help me with this file checking in virustotal the checksum?

March 22, 2020

@Yari2000 Welcome.

Please see https://whitelist.kaspersky.com/advisor#search/CCA2505C9EB10CDABDC9FEE10D812F02

Also , please submit the object here https://virusdesk.kaspersky.com

March 22, 2020

@Yari2000 Welcome.

Please see https://whitelist.kaspersky.com/advisor#search/CCA2505C9EB10CDABDC9FEE10D812F02

It's a legit Microsoft Corporation .sys file

Safe, Risk not detected.

Thanks

tdsskiller antirootkit detecting Unsigned file Service: bthA2dp.sys Suspicious object. false positive?

Recommended Posts

Yari2000

Berny

Yari2000

Please sign in to comment

Forum

Products

Support

Personal Account