SPTD.sys – endless boot cycle (XP Pro SP3)

Topic

New Reply

I foolishly agreed to try out a program a friend couldn’t get to work. I now suspect malware. The end result is that I can’t get XP to boot (in ANY configuration). The culprit seems to be a file called SPTD.sys. I’ve had a look on the web and my symptoms seem to be typical. In safe mode, drivers load up to this one, then a prompt appears to load it. Whichever way I choose, the reboot cycle begins.

What I’ve done so far is to rename to SPTD.sys.old and to set every one of its Start keys in the registry to (DWord) 4. No current control set shows (since I’m now running off a PE boot CD) but I’ve disabled in control sets 1 through 3. Even then, the reboot starts at the same point, without (apparently) trying to load the offender. I also can’t use the recovery console, since my admin password (which I know is correct) is not being accepted.

I’ve run anti-virus/ malware scans from the boot CD, with current sig files, but nothing shows up. Suggestions on where to go from here (desperately) appreciated.

Alan

Reply | Quote

Replies

Alan

I’ve had good success with Malwarebytes AntiMalware, but I don’t know if you can run it…

BATcher

Plethora means a lot to me.

Reply | Quote

Thanks, but I can’t install anything while using this PE.

Alan

Reply | Quote

Alan,

I found the following here.

Driver used by the CD Rom emulation program, Daemon Tools Version 4. There have been some reports of problems with this driver.

Perhaps if you remove the CD from the boot sequence…. ???

Reply | Quote

And this came from here…

To remove the driver go to the device manager.

Start > Run > type devmgmt.msc press ok > View > Show hidden devices > Non-plug and play drivers > find “sptd” > right click and Uninstall

Reply | Quote

Doc,

I don’t think the CD in the boot sequence is a problem, but it would be nice to know how to take a look at the non-plug&play devices list that might load when booting to C:, via the PE I am in. Using devmgmt.msc I can only see devices loaded for the current PE. Any ideas of where to look?

Alan

Reply | Quote

Sorry.

Reply | Quote

Don’t know how (exactly) but I finally managed to fix it. Had to use a program to crack the admin password – it was set to some garbage I’m sure I’d have never used. Then able to get into the recovery console. I was playing in the dark, but hit on using
Bootcfg /rebuild

Together with answering “/fastdetect” to “Enter OS LoadOptions” it finally managed to build something bootable. I had to reactivate XP, which I thought was rather strange, but I don’t think anything has been lost . I do now have 3 options to boot into. Only the first (default) is relevant. I’ll check on how to knock out the redundant ones.

Alan

Reply | Quote