Rivarts.A please help

[N00BI3]

I ran windows defender beta 2 and it detected a key logger by the name of Rivarts.A

Category:
Backdoor

Description:
This program monitors sensitive information, such as keystrokes typed.

Advice:
Remove this software immediately.

Resources:
regkey:
HKLM\SYSTEM\CurrentControlSet\Services\mchInjDrv

however Norton 2006, Spybot, Ad-aware and Spydoctor all fail to find it and every time i remove it and re scan with windows defender and re appears and WD finds it again... does any one know anything about this?

 

[Half Evil]

Looks bad. Download AntiVir. And see what happens. you can get it off download.com

 

[chico]

Rivarts.A is a Trojan that logs the keystrokes entered by the user, blocks web addresses and stores the certificates used in the affected computer. Then it connects to several PHP scripts hosted in different websites in order to send the data it has gathered.

Rivarts.A contains its own database in order to store both the information it harvests and its settings. Its author has used the SQLite engine, which is an open source library.

This Trojan is downloaded to the affected computer by another Trojan detected as Downloader.FHO.

 

[chico]

Brief Description

Downloader.FHO is a Trojan that downloads from a certain web page another Trojan detected as Rivarts.A to the affected computer.

Additionally, Downloader.FHO is able to update itself by connecting to the Internet.

Downloader.FHO does not spread automatically using its own means. It needs an attacking user's intervention in order to reach the affected computer. The means of transmission used include, among others, floppy disks, CD-ROMs, email messages with attached files, Internet downloads, FTP, IRC channels, peer-to-peer (P2P) file sharing networks, etc.

 

[Bahawolf1]

Here you go: http://www.2-spyware.com/remove-rivarts.html

 

[setishock]

Going online with out a solid firewall and antivirus program is one way to get this. Anothe is P2P. And the BIG one, opening junk mail.