str.sys - Dangerous
%sysdir%\drivers\str.sys
Jeff's Story:
My PC had gotten a bad rootkit that my ISP antivirus software (powered by McAfee) could not detect, nor could fix.
I sought a solution on the Internet and discovered your product and tried out the trial.
You quickly found the rootkit and SAVED my PC!
I haven't had any problems since, and I'm extremely grateful.
Manual removal instructions:
%SysDir%\drivers\str.sys is Trojan/Backdoor.
Kill the file %SysDir%\drivers\str.sys and remove %SysDir%\drivers\str.sys from Windows startup.
Malware:
C:\sand-box\sec.exe
Removed:
C:\Documents and Settings\Administrator\Local Settings\Temp\lmqawkkucjotzwf.sys (random filename)
Detected by UnHackMe:
Item Name: tuvuz
Author:
Related File: C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\LMQAWKKUCJOTZWF.SYS
Type: Services detected by Partizan
Removal Results: Success
Number of reboot: 1
Classification:Antivirus Version Last Update Result
F-Secure 9.0.15370.0 2010.04.15 Trojan.Generic.KD.6871
Kaspersky 7.0.0.125 2010.04.15 Backdoor.Win32.Agent.arjy
McAfee 5.400.0.1158 2010.04.15 BackDoor-AWQ.b
Microsoft 1.5605 2010.04.15 Backdoor:WinNT/Rustock.gen!B
NOD32 5031 2010.04.15 Win32/Rustock.NLO
Additional information
File size: 124416 bytes
MD5 : 00ef724061de865cc90754eb3a51cbc1
SHA1 : aaf17329fb8c581078e2ce6a05c0ab9075d41f29
SHA256: 647cb15eecbd75748de61356f3d447c95acaef6bad05a4de4b8a4b125fb54ab9
http://greatis.com/blog/how-to-remove-ma...