tdsskiller antirootkit detecting Unsigned file Service: bthA2dp.sys Suspicious object. false positive?

Yari2000 · March 22, 2020

Hi,

OS Windows 10 x64: I have started in safe mode with all disabled applications, run tdsskiller downloaded from Official Kaspersky USA site (tdss last update April 2019)

I've run with all selected options: Boot section, Loaded Memory, Check signature and restarted for Loading Modules,

After the completed scan the result are:

Unsigned file

Service: BthA2dp Suspicious object, medium risk, Service type: Kernel driver 0x1, service start Demand 0x3 system32/drivers/bthA2dp.sys

Think it's a false positive... but i've scan on virustotal the checksum

Md5 CCA2505C9EB10CDABDC9FEE10D812F02

Sha256 8B0F65F411C463CBC68B8039D4795A3D3A356F6F18FF165F2C14439BD8FB569A

I've seen that have microsoft copyright and microsoft native application…

So i think it's a false positive... but imho i can't ensure 100% that isn't…

Can someone please help me with this file checking in virustotal the checksum?

Berny · March 22, 2020

@Yari2000 Welcome.

Please see https://whitelist.kaspersky.com/advisor#search/CCA2505C9EB10CDABDC9FEE10D812F02

Also , please submit the object here https://virusdesk.kaspersky.com

Yari2000 · March 22, 2020

@Yari2000 Welcome.

Please see https://whitelist.kaspersky.com/advisor#search/CCA2505C9EB10CDABDC9FEE10D812F02

It's a legit Microsoft Corporation .sys file

Safe, Risk not detected.

Thanks

tdsskiller antirootkit detecting Unsigned file Service: bthA2dp.sys Suspicious object. false positive?

Recommended Posts

Yari2000

Link to comment

Share on other sites

Berny

Link to comment

Share on other sites

Yari2000

Link to comment

Share on other sites

Please sign in to comment

Forum

Products

Support

Personal Account