Home > Trojan > Trojan / Rdriv.sys

Trojan / Rdriv.sys

CONTRIBUTE TO OUR LEGAL DEFENSE All unused funds will be donated to the Electronic Frontier Foundation (EFF). Ad-Aware2. If the service settings becomes inactivated, all related services cannot be used." "DependOnService"="RPCSS" "DisplayName"="Remote Registry" "ErrorControl"=1 "ImagePath"="%system%svchost.exe -k LocalService "ObjectName"="NT AUTHORITY\\LocalService" "Group"="" "Start"=4 "Type"=20 "FailureActions"="If failed, does not work. "Changes IE’s Sign In Use Facebook Use Twitter Need an account? his comment is here

Go to where you saved the log and click on "Edit > Select All" then click on "Edit > Copy" then Paste the log back here in a reply. I am on dial-up. Should I just burn all my important files to a CDR and do a clean reinstall or is there some way outta this mess? 0 #6 Wizard Posted 15 July 2005 The free file information forum can help you determine if driver.sys is a Windows system file or if it belongs to an application that you can trust.

Please can someone tell me how to kill it [email protected] again · actions · 2005-May-31 9:52 pm · TheJokerMVMjoin:2001-04-26Charlottesville, VA TheJoker MVM 2005-May-31 10:04 pm Click on the link »Security »I Cluster headaches forced retirement of Tom in 2007, and the site was renamed "What the Tech". Download HijackThis.zip - HiJackThis Tutorial Logged Core2Duo E8300/ 4GB Ram/ WinXP ProSP3/avast!

I opened a new topic with a new hjt log. Even for serious problems, rather than reinstalling Windows, you are better off doing a repair of your installation, or in the case of Windows 8, executing the DISM.exe /Online /Cleanup-image /Restorehealth Had a look on other sites re removal of this little nasty and it seems reasonably difficult and there appear to be differing opinions....Mod Edit: Bump has been removed. mjack547, Jun 6, 2005 #3 golson Thread Starter Joined: Jan 15, 2003 Messages: 18 Thank you.

One user thinks driver.sys is essential for Windows or an installed application. Voro on June 2007XBL GamerTag: Comrade Nexus0 Fristle Registered User June 2007 edited June 2007 Backup your documents; reformat and reinstall the OS and Apps. Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dllO3 - Toolbar: H&otbar - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\HbTools\Bin\4.7.2.1\HbtHostIE.dllO4 - HKLM\..\Run: [AtiPTA] atiptaxx.exeO4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exeO4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exeO4 - HKLM\..\Run: [HKSERV.EXE] http://www.spywareinfoforum.com/topic/54297-rdrivsys-trojan/ Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)O23 - Service: avast!

My Website ATF Cleaner for removing temporary files HijackThis download Donations to this site Back to top Related Topics Back to Virus, Spyware & Malware Removal · Next Unread Topic If you're developing an indie game and want to post about it, follow these directions. Mike Former Microsoft MVP 1999-2012 "There's no place like 127.0.0.1" Blocking Malware, Parasites, Hijackers, Trojans, http://www.mvps.org/...p2002/hosts.htm with a HOSTS file Back to top #8 enein enein Member Full Member 8 posts GrimReaper on June 2007PSN | Steam --- I've got a spare copy of Portal, if anyone wants it message me.0 DouglasDanger Registered User regular June 2007 edited June 2007 thanks to

Additional Information When the Trojan is executed, it drops a DLL file, an executable file, and a system driver to the %System% folder with one of the following file names: schechk check my site Hooray for Conforming! I'd suggest using Hijackthis to find out what else is causing problems. I did a boot scan with avast and it said the files were removed, but whenever the computer boots up, it finds the infection again.Logfile of HijackThis v1.99.1Scan saved at 3:07:48

All rights reserved. http://softmem.com/trojan/trojan-vundo.html Voro on June 2007XBL GamerTag: Comrade Nexus0 DouglasDanger Registered User regular June 2007 edited June 2007 I think that fixed it! This was one of the Top Download Picks of The Washington Post and PCWorld. Win32:Trojan-gen.

We try to resolve logs on a first come/first served basis. We found an entry for MailEnable SMTP Relay Service in the registry and were able to delete the key. Thread Status: Not open for further replies. http://softmem.com/trojan/trojan-c-setup-exe.html My PSN is DouglasDanger.DouglasDanger on June 20070 Posts Magus` Registered User regular June 2007 edited June 2007 Do a google search for the exact name.

Yea, it sucks. For some of the more proliferant viruses out there there tends to be specialized removal tools. I can kill it for a sitting.

What do I do to get rid of this damn thing?

Advertisement Recent Posts ABC of double letters #7 knucklehead replied Jan 31, 2017 at 7:12 AM WiFi problems valis replied Jan 31, 2017 at 7:10 AM Word List Game #14 knucklehead Are you looking for the solution to your computer problem? We used a Microsoft program called AutoRuns which show all the program/services etc that run at startup. Fristle on June 20070 GrimReaper Registered User regular June 2007 edited June 2007 Fristle wrote: » Backup your documents; reformat and reinstall the OS and Apps.

Driver.sys is not a Windows system file. rdriv.sys infected Started by festevil , Jul 13 2005 01:10 AM Please log in to reply #1 festevil Posted 13 July 2005 - 01:10 AM festevil New Member Member 9 posts Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exeO23 - Service: avast! check over here Install the program and launch it.

This means running a scan for malware, cleaning your hard drive using cleanmgr and sfc /scannow, uninstalling programs that you no longer need, checking for Autostart programs (using msconfig) and enabling Antivirus - Unknown owner - C:\Archivos de programa\Antivirus\Avast4\ashServ.exeO23 - Service: avast! Please re-enable javascript to access full functionality. I have a rdriv.sys virus.

iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exeO23 - Service: avast! If you still need some help, please start with posting a new hijackthislog in this thread. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged Select to Boot from CD and then Press "R" for a Repair Install!

My computer is slow---My Blog---Follow me on Twitter.My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!Asking for help DouglasDanger on June 2007I play games on ps3 and ps4. WE'RE SURE THAT YOU'LL LOVE US! Dankingsley, Jun 6, 2005 #2 mjack547 Malware Specialist Joined: Sep 1, 2003 Messages: 3,183 Go to http://www.thespykiller.co.uk/downloads.htm and download 'Hijack This!'.

Hooray for The System! Here is my log file:Logfile of HijackThis v1.99.1Scan saved at 1:06:39 PM, on 8/16/2005Platform: Windows 2000 SP4 (WinNT 5.00.2195)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Running processes:C:\WINNT\System32\smss.exeC:\WINNT\system32\winlogon.exeC:\WINNT\system32\services.exeC:\WINNT\system32\lsass.exeC:\WINNT\system32\svchost.exeC:\WINNT\System32\svchost.exeC:\WINNT\system32\spoolsv.exeC:\WINNT\system32\APSERVER.EXEC:\PROGRA~1\Grisoft\AVG7\avgamsvr.exeC:\WINNT\system32\APDCDFLT.EXEC:\WINNT\system32\APDCEX97.EXEC:\WINNT\system32\APDCPOST.EXEC:\WINNT\system32\APDCRTFO.EXEC:\WINNT\system32\APDCWD97.EXEC:\PROGRA~1\Grisoft\AVG7\avgupsvc.exeC:\WINNT\System32\inetsrv\inetinfo.exeC:\WINNT\System32\llssrv.exeC:\Program Files\Promise\Utility\MsgAgt.exeC:\Program Files\Promise\Utility\MsgSvr.exeC:\WINNT\system32\MSTask.exeC:\WINNT\System32\tcpsvcs.exeC:\Program Files\Analog Devices\SoundMAX\SMAgent.exeC:\Program Files\Common Files\Microsoft