Home > Please Help > Please Help Rdriv.sys Virus. Hjt Log

Please Help Rdriv.sys Virus. Hjt Log

Report Back to top Posted 3/24/2007 1:39 PM #45018 mphenterprises Valued member Date Joined Nov 2016 Total Posts: 10 Great! hinaraees -5 6 posts since Jun 2011 Newbie Member More Recommended Articles About Us Contact Us Donate Advertising Vendor Program Terms of Service API Newsletter Archive Community Forums Recent Articles Recommended I am assuming that I need to install them somewhere in my C drive; or will the updates automatically install themselves in the appropriate folder? This program is for XP and Windows 2000 only Download and install DrWebCureit: [color=#22229c>http://spywareinfo.dk/download/drweb-cureit.exe[/url] to your desktop. his comment is here

Click once on the Security tab Click once on the Internet icon so it becomes highlighted. I have the System Restore off at this point. ill post ther hjt log here.. HijackThis uses a whitelist of several very common SSODL items, so whenever an item is displayed in the log it is unknown and possibly malicious. https://forum.avast.com/index.php?topic=15319.0

Loading... I downloaded 65 of them. In the services window find MicroSoft Media Tools Right click and choose "Properties".

IT IS IMPORTANT THAT YOU DON'T MISS A STEP & PERFORM EVERYTHING IN THE RIGHT ORDER. = = = = = = = = = = = = = = = By continuing to browse, we are assuming that you have no objection in accepting cookies. About CNET Privacy Policy Ad Choice Terms of Use Mobile User Agreement Help Center How To Analyze HijackThis Logs Search the site GO Web & Search Safety & How do I apply folder settings to... » Site Navigation » Forum> User CP> FAQ> Support.Me> Steam Error 118> 10.0.0.2> Trusteer Endpoint Protection All times are GMT -7.

i was using aol instant messenger and one of my friends had the trojan, and it automatically sent … Hacktool.Rootkit infected msdirectc.sys!! 1 reply ok so i got this virus hacktool.rootkit. When scan have finished, put a checkmark with all items it found. Where do i post hjt logs and how do i post it withotu a "mess" ... http://www.bullguard.com/forum/10/Rdrivsys-Virus_44902.html Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htmO8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htmO8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htmO8 - Extra context menu item: Yahoo! &SMS

Freeware SpywareBlaster From the same company as Spyware guard, this is not a scanner, it blocks malicious objects and code from being downloaded, in addition to blocking access to sites known Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: Pacman's Startup List can help with identifying an item.N1, N2, N3, N4 - Netscape/Mozilla Start & Search pageWhat it looks like:N1 - Netscape 4: user_pref "browser.startup.homepage", "www.google.com"); (C:\Program Files\Netscape\Users\default\prefs.js)N2 - Netscape Yes?

I ran the exe Kapersky(sp) program and it renamed or disinfected the folder. This Site by R. It gives me a list of all the programs that I can uninstall. When the scan finishes, click on "Save Report".

Once finished, click the Save report button Save the report to your desktop Close Ewido * Ewido scan would require at least an hour. this content If ewido finds anything, it will pop up a notification. Web Cure It and it did not find anything. A red dot will mark the selected drive(s) .

I suggest that you go grab a cup of coffee & do something else while you wait for it to complete. = = = = = = = = = = This site is completely free -- paid for by advertisers and donations. Post this log along with fresh hijackthis log, Dr.Web log and tell how things are running ? [color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url] [/color]Do http://channeltechnetwork.com/please-help/please-help-i-think-i-have-a-virus.html Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 -

Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe O9 - Extra 'Tools' menuitem: Yahoo! Staff Online Now LiquidTension Malware Specialist Advertisement Tech Support Guy Home Forums > Security & Malware Removal > Virus & Other Malware Removal > Home Forums Forums Quick Links Search Forums I have no idea what I am doing so please, bear with me.

Filseclab Personal Firewall Professional Edition http://www.filseclab.com/eng/download/downloads.htm use this site to confgure filseclab , see page 7 and post 165 of that thread!

Spyware Blaster runs silently in the background and does not need to be open to protect your PC. Please welcome our newest member, [email protected] Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAM FILES\YAHOO!\COMPANION\YCOMP5_0_2_4.DLLO3 - Toolbar: Popup Eliminator - {86BCA93E-457B-4054-AFB0-E428DA1563E1} - C:\PROGRAM FILES\POPUP ELIMINATOR\PETOOLBAR401.DLL (file missing)O3 - Toolbar: rzillcgthjx - {5996aaf3-5c08-44a9-ac12-1843fd03df0a} - C:\WINDOWS\APPLICATION DATA\CKSTPRLLNQUL.DLL What to do:If you don't Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_6_2_0.dllO2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dllO2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dllO3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocxO3

If anyone has any idea how to completely remove this virus I would appreciate it. close all browsers and programmes before clicking FIX. Here's my hijackthis log: Logfile of HijackThis v1.99.1 Scan saved at 8:34:10 AM, on 8/2/2005 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe check over here I may just have to install all of the updates that I downloaded from Microsoft.

so i paste it under there okayy butt where do i post it... Jorge102772, Aug 14, 2016, in forum: Virus & Other Malware Removal Replies: 2 Views: 239 Jorge102772 Aug 18, 2016 In Progress Secret Malware Detection gordonvhs, Jul 14, 2016, in forum: Virus NB. by R.

So you can always have HijackThis fix this.O12 - IE pluginsWhat it looks like: O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dllO12 - Plugin for .PDF: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dllWhat to do:Most Link about HJT logs is at:http://forums.cnet.com/7723-6132_102-255339/fyi-please-do-not-post-any-hjt-logs-in-this-forumHow to post without the mess?Click the icon to the right of the Smiley in the edit box first.Biggest clue?BearshareMediabarDxThis machine was used by some owner What is displayed depends on the BIOS manufacturer. Note: You may get an error here when trying to access the properties of the service.

I have already ran Dr.