Author Topic: rdriv.sys NEWBIE, Please Help Me  (Read 3547 times)

0 Members and 1 Guest are viewing this topic.

rebecca_tufts

  • Guest
rdriv.sys NEWBIE, Please Help Me
« on: July 28, 2005, 05:58:59 AM »
I am not sure what this is but here is my HJL...

Logfile of HijackThis v1.99.1
Scan saved at 11:43:42 PM, on 7/27/2005
Platform: Windows XP  (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\disney.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\w32mfpd.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Becca\Local Settings\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe

O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_6_2_0.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_6_2_0.dll
O4 - HKLM\..\Run: [I am not Ranky. I am eTunnel!] C:\disney.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [PPPOEO] pingppac.exe
O4 - HKLM\..\Run: [SYSTEM MESSAGER] wmisg.exe
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKLM\..\RunServices: [PPPOEO] pingppac.exe
O4 - HKLM\..\RunServices: [SYSTEM MESSAGER] wmisg.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{14B02BD2-31D5-42F0-A1E9-696AB1F8BA4F}: NameServer = 172.29.7.22,172.29.7.23
O17 - HKLM\System\CS1\Services\Tcpip\..\{14B02BD2-31D5-42F0-A1E9-696AB1F8BA4F}: NameServer = 172.29.7.22,172.29.7.23
O17 - HKLM\System\CS2\Services\Tcpip\..\{14B02BD2-31D5-42F0-A1E9-696AB1F8BA4F}: NameServer = 172.29.7.22,172.29.7.23
O17 - HKLM\System\CS3\Services\Tcpip\..\{14B02BD2-31D5-42F0-A1E9-696AB1F8BA4F}: NameServer = 172.29.7.22,172.29.7.23
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Windows 32 mfp (W32mfp) - Unknown owner - C:\WINDOWS\w32mfpd.exe


Never even seen any thing like that before... I have tired deleting this from the registery and everything even in safe mode.. I have downloaded... all kinds of software that is suppose to help. Here I am still with Avast telling me that I have this crazy virus... Please help me and just to let you know .... I am new to this sort of thing and I hope I don't sound to stupid.

MFB

  • Guest
Re: rdriv.sys NEWBIE, Please Help Me
« Reply #1 on: July 28, 2005, 08:05:05 AM »
Hi there, you if wish, you may use the hijackthis online to scan your log:

http://www.hijackthis.de/

Please ignore these programs cause these are errors from Hijackthis, not avast! 


O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31080
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: rdriv.sys NEWBIE, Please Help Me
« Reply #2 on: July 28, 2005, 12:15:41 PM »
THIS SITE has everything you need for the HJT log, including log file analyzers for it.
« Last Edit: July 29, 2005, 02:20:16 AM by Eddy »

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88897
  • No support PMs thanks
Re: rdriv.sys NEWBIE, Please Help Me
« Reply #3 on: July 28, 2005, 02:39:35 PM »
Your OS and IE are way out of date and this seriously compromises your system security. Many vulnerabilities have been patched and many security enhancements have been made, you should visit windows update and download XP SP2 update and install it. then update IE.

You don't appear to have a firewall, unless you are using a hardware one (you may still require outbound protection).
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security