Archive for the 'Driver' Category
Sunday, April 26th, 2009
This is a harmful program.
Name: gaopdxserv
Filename: gaopdxserv.sys
Registry key:
HKEY_LOCAL_MACHINE\System\Controlset001\Enum\legacy_gaopdxserv.sys
Startup Type: hidden driver
Description:variant of TDSSserv trojan (uses rootkit-specific techniques designed to hide the software presence in the system.)
How to remove: use the instruction How to remove Google searches redirect/vimax ads [gaopdxserv.sys trojan]
Posted in Driver, Rootkit, Trojan | No Comments »
Saturday, April 25th, 2009
This is a harmful program.
Name: gxvxcserv
Registry key:
HKEY_LOCAL_MACHINE\System\Controlset001\Enum\legacy_gxvxcserv.sys
HKEY_LOCAL_MACHINE\System\Controlset003\Enum\legacy_gxvxcserv.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\gxvxcserv.sys
Command: command
Startup Type: Hidden driver
Description: troajn w32.Tidserv. The trojan uses rootkit techniques designed to hide the software presence in the system.
How to remove: use the instructions How to remove gxvxcserv.sys trojan (Google redirect virus)
Posted in Driver, Rootkit | 3 Comments »
Saturday, February 28th, 2009
This is an harmful program.
Name: uacinit
Filename: uacinit.dll
Command: %windir%\System32\uacinit.dll
Startup Type: Driver
Description: component of UACd.sys trojan (windowsclick.com hijacker)
How to remove: How to remove windowsclick.com redirect [UACd.sys trojan]
Posted in Driver, Trojan | 17 Comments »
Sunday, February 8th, 2009
This is an harmful program.
Name: gaopdxqltiqmuy
Filename: gaopdxqltiqmuy.sys
Command: c:\windows\system32\drivers\gaopdxqltiqmuy.sys
Startup Type: Hidden driver
Description: Rootkit/trojan component
How to remove: How to remove trojan TDSSserv (TDSSserv.sys), clbdriver.sys and seneka.sys
Posted in Driver, Rootkit | No Comments »
Monday, February 2nd, 2009
This is an harmful program.
Name: systemntmi
Filename: systemntmi.sys
Command: C:\WINDOWS\system32\drivers\systemntmi.sys
Startup Type: Driver
RSIT/Combofix Line:
S2 systemntmi;systemntmi; \??\C:\WINDOWS\system32\drivers\systemntmi.sys []
Description: Trojan, VirTool:Win32/Cutwail.gen
Posted in Driver, Trojan | No Comments »
Monday, February 2nd, 2009
This is an harmful program.
Name: securentm
Filename: securentm.sys
Command: C:\WINDOWS\system32\drivers\securentm.sys
Startup Type: Driver
RSIT/Combofix Line:
S2 securentm;securentm; \??\C:\WINDOWS\system32\drivers\securentm.sys []
Description: Trojan, VirTool:Win32/Cutwail.gen [microsoft]
Posted in Driver, Trojan | No Comments »
Monday, February 2nd, 2009
This is an harmful program.
Name: port135sik
Filename: port135sik.sys
Command: C:\WINDOWS\system32\drivers\port135sik.sys
Startup Type: Driver
Combofix/RSIT Line:
S2 port135sik;port135sik; \??\C:\WINDOWS\system32\drivers\port135sik.sys []
Description: Trojan, VirTool:Win32/Cutwail.gen [microsoft]
Posted in Driver, Trojan | No Comments »
Monday, February 2nd, 2009
This is an harmful program.
Name: ksi32sk
Filename: ksi32sk.sys
Command: C:\WINDOWS\system32\drivers\ksi32sk.sys
Startup Type: Driver
RSIT/Combofix Line:
S2 ksi32sk;ksi32sk; \??\C:\WINDOWS.0\system32\drivers\ksi32sk.sys []
Description: Trojan, VirTool:Win32/Cutwail.gen [microsoft]
Posted in Driver, Trojan | No Comments »
Monday, February 2nd, 2009
This is an harmful program.
Name: fips32cup
Filename: fips32cup.sys
Registry key: key
Command: C:\WINDOWS\system32\drivers\fips32cup.sys
Startup Type: Driver
RSIT/Combofix Line:
S2 fips32cup;fips32cup; \??\C:\WINDOWS\system32\drivers\fips32cup.sys []
Description: Trojan component, VirTool:Win32/Cutwail.gen [microsoft]
Posted in Driver, Trojan | No Comments »
Monday, February 2nd, 2009
This is an harmful program.
Name: amd64si
Filename: amd64si.sys
Command: C:\WINDOWS\system32\drivers\amd64si.sys
Startup Type: Driver
RSIT/Combofix Line:
S2 amd64si;amd64si; \??\C:\WINDOWS\system32\drivers\amd64si.sys []
Description: unknown trojan component
Posted in Driver, Trojan | No Comments »
