Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help With Trojan Remover Program


  • Please log in to reply
2 replies to this topic

#1 diana1096

diana1096

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:02:19 PM

Posted 12 November 2006 - 11:40 PM

I recently downloaded trojan remover 6.5.3
and it gave me the following can someone please help with
seeing if they are indeed trojans or not?
I do know that at one time I had BlackIce (BlackDrv) installed
but do not know if this is what this points to or not.
Also in my C drive I have a file called wint.dli and it look as
if there are several files that belong in the windows file folder and not
in the c drive folder.
Thanks for looking and I hope I can get this sorted out.
Diana

This file is called by an NT/XP services Registry key
C:\WINDOWS\system32\DRIVERS\AL_ADSFilter.sys
in red below it states
An executable file with this name *has not* been found (it may not exist)
Then it says
The program is loaded by the following Registry key
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AL_ADSFilter\"ImagePath"

This file is called by an NT/XP services Registry key
C:\WINDOWS\System32\drivers\BlackDrv.sys
in red below it states
An executable file with this name *has not* been found (it may not exist)
Then it says
The program is loaded by the following Registry key
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\black\"ImagePath"


C:\WINDOWS\system32\DRIVERS\fcdabus.sys
in red below it states
An executable file with this name *has not* been found (it may not exist)
Then it says
The program is loaded by the following Registry key
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\fcdabus\"ImagePath"

C:\WINDOWS\system32\DRIVERS\fvdscsi.sys
in red below it states
An executable file with this name *has not* been found (it may not exist)
Then it says
The program is loaded by the following Registry key
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\fvdscsi\"ImagePath"

C:\WINDOWS\system32\DRIVERS\A1236.sys
in red below it states
An executable file with this name *has not* been found (it may not exist)
Then it says
The program is loaded by the following Registry key
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PV8630\"ImagePath"

BC AdBot (Login to Remove)

 


#2 fozzie

fozzie

    aut viam inveniam aut faciam


  • Members
  • 3,516 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ossendrecht/The Netherlands
  • Local time:09:19 PM

Posted 29 November 2006 - 12:21 PM

I suggest you do an online scan with EWIDO and post the results here..

#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,122 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:19 PM

Posted 29 November 2006 - 12:58 PM

Were you having any specific problems with your machine that prompted you to download and use Trojan Remover 6.5.3?

A quick search shows that:
AL_ADSFilter.sys is related to Aluria Software, LLC.
BlackDrv.sys is a Network driver that belongs to ICEpac software by Internet Security Systems, Inc.
fcdabus.sys and fvdscsi.sys appears to be related to the FarStone bus Enumerator, FarStone Inc.
A1236.sys is related to Artec PV8630 USB Image Device.

Looks like Trojan Remover is indicating there is a registry key present for each of these files but it cannot find them. Have you conducted a search yourself to see if these files are present or not?

winit.dli <- check the spelling. Are you sure its not winnt.dll or something similar?
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users