Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works

can't get rid of rdriv.sys

  • Please log in to reply



    New Member

  • Member
  • Pip
  • 6 posts
Hi my virus scan(trend Micro Office Scan) keeps detecting that I have the virus rdriv.sys and it can't get rid of it. Can anyone help me out? Here'S my HijackThis log:

Logfile of HijackThis v1.99.1
Scan saved at 12:03:43 AM, on 7/25/2005
Platform: Windows 2000 (WinNT 5.00.2195)
MSIE: Internet Explorer v5.00 (5.00.2920.0000)

Running processes:
C:\OfficeScan NT\ntrtscan.exe
C:\OfficeScan NT\tmlisten.exe
C:\OfficeScan NT\ofcdog.exe
C:\OfficeScan NT\pccntmon.exe
C:\Program Files\Winamp\winampa.exe
C:\Documents and Settings\Administrator\My Documents\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.excite.com/microsoft/ie40/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by @Home Network Version 1.7
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\OfficeScan NT\pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra button: @Home - {9695E335-6558-45B7-8CD4-438E4409869F} - http://www/ (file missing) (HKCU)
O16 - DPF: {74FFE28D-2378-11D5-990C-006094235084} (IBM Access Support) - http://www-307.ibm.c...rt/IbmEgath.cab
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: hexadecimal (HexadecimaRepresentation) - Unknown owner - C:\WINNT\Edit.exe
O23 - Service: OfficeScanNT RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\OfficeScan NT\ntrtscan.exe
O23 - Service: OfficeScanNT Listener (tmlisten) - Unknown owner - C:\OfficeScan NT\tmlisten.exe
  • 0




    Member 1K

  • Member
  • PipPipPipPip
  • 1,382 posts
Please go to the malware forum and follow the instructions at the top....Especially the CLICK HERE .

That will give you several steps that will help you clean up 70 percent of all problems by yourself. If at the end of the process you are still having difficulty--and you may not be-- then post a hijackthis log in THAT forum.

If you are still having problems after getting a clean bill of health from the malware expert, please return to this thread.
  • 0

Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP