rikvm_38f51d56.sys
Started by
nikkidak
, Sep 23 2012 02:42 AM
#1
Posted 23 September 2012 - 02:42 AM
#2
Posted 24 September 2012 - 07:37 PM
I think it's a false positive. The file is from Cyberlink PowerDVD. There are lots of people complaining about the file - all with Norton. http://www.tomshardw...ia-suit-rootkit
If you still want us to help you remove it you need to post an OTL log. (See the top post in this forum)
Ron
If you still want us to help you remove it you need to post an OTL log. (See the top post in this forum)
Ron
#3
Posted 25 September 2012 - 01:11 AM
Download OTL from
http://www.geekstogo...timers-list-it/
and Save it to your desktop.
Copy the text in the code box:
Run OTL (Vista or Win 7 => right click and Run As Administrator)
Paste (Ctrl + v) the copied text in the box where it says Custom Scan/Fixes
Select the All option in the Extra Registry group then Run Scan.
You should get two logs. Please copy and paste both of them.
http://www.geekstogo...timers-list-it/
and Save it to your desktop.
Copy the text in the code box:
DRIVES nnetsvcs %SYSTEMDRIVE%\*.exe %systemroot%\assembly\GAC_32\*.ini %systemroot%\assembly\GAC_64\*.ini msconfig safebootminimal safebootnetwork activex drivers32 %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*.exe %APPDATA%\*. /md5start rsvpsp.dll pnrpnsp.dll nwprovau.dll nlaapi.dll napinsp.dll mswsock.dll winrnr.dll wshelper.dll services.exe atapi.sys explorer.exe winlogon.exe Userinit.exe svchost.exe csrss.exe PrintIsolationHost.exe consrv.dll user32.dll /md5stop C:\Windows\assembly\tmp\U\*.* /s %systemroot%\*. /mp /s hklm\software\clients\startmenuinternet|command /rs hklm\software\clients\startmenuinternet|command /64 /rs %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job /lockedfiles %systemroot%\system32\drivers\*.sys /lockedfiles %systemdrive%\$Recycle.Bin|@;true;true;true /fp CREATERESTOREPOINT
Run OTL (Vista or Win 7 => right click and Run As Administrator)
Paste (Ctrl + v) the copied text in the box where it says Custom Scan/Fixes
Select the All option in the Extra Registry group then Run Scan.
You should get two logs. Please copy and paste both of them.
#4
Posted 25 September 2012 - 03:59 PM
i appreciate your efforts but norton say not let the run/save program. also this is too technial for me to operate. i dont know what else to do nikkidak
#5
Posted 25 September 2012 - 04:03 PM
There is nothing wrong with OTL. It is common for Norton to complain. We get them to fix it then OldTimer puts out a slightly different version then they flag it again. Just turn off Norton or tell them to ignore the file.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users