Go Back   Computer Forums > General Computing > Cyber Safety and Computer Security
Click Here to Login
Join Computer forums Today


Reply
 
Thread Tools Search this Thread Display Modes
 
Old 03-28-2006, 12:18 AM   #1
Baseband Member
 
N00BI3's Avatar
 
Join Date: Mar 2006
Posts: 47
Default Rivarts.A please help

I ran windows defender beta 2 and it detected a key logger by the name of Rivarts.A

Category:
Backdoor

Description:
This program monitors sensitive information, such as keystrokes typed.

Advice:
Remove this software immediately.

Resources:
regkey:
HKLM\SYSTEM\CurrentControlSet\Services\mchInjDrv

however Norton 2006, Spybot, Ad-aware and Spydoctor all fail to find it and every time i remove it and re scan with windows defender and re appears and WD finds it again... does any one know anything about this?
__________________

__________________
To be a n00b is not an insult but an honor!
N00BI3 is offline   Reply With Quote
Old 03-28-2006, 02:17 AM   #2
Golden Master
 
ArrizX's Avatar
 
Join Date: Apr 2005
Posts: 16,073
Send a message via MSN to ArrizX
Default Re: Rivarts.A please help

Looks bad. Download AntiVir. And see what happens. you can get it off download.com
__________________

__________________
. ()()()()
./l ,[_\_\ ],
l---L ()lllllll()-
()_) ()_)--o-)_)
ArrizX is offline   Reply With Quote
Old 04-07-2006, 11:42 PM   #3
Baseband Member
 
chico's Avatar
 
Join Date: Jun 2005
Posts: 29
Default Re: Rivarts.A please help

Rivarts.A is a Trojan that logs the keystrokes entered by the user, blocks web addresses and stores the certificates used in the affected computer. Then it connects to several PHP scripts hosted in different websites in order to send the data it has gathered.

Rivarts.A contains its own database in order to store both the information it harvests and its settings. Its author has used the SQLite engine, which is an open source library.

This Trojan is downloaded to the affected computer by another Trojan detected as Downloader.FHO.
chico is offline   Reply With Quote
Old 04-07-2006, 11:46 PM   #4
Baseband Member
 
chico's Avatar
 
Join Date: Jun 2005
Posts: 29
Default Re: Rivarts.A please help

Brief Description

Downloader.FHO is a Trojan that downloads from a certain web page another Trojan detected as Rivarts.A to the affected computer.

Additionally, Downloader.FHO is able to update itself by connecting to the Internet.

Downloader.FHO does not spread automatically using its own means. It needs an attacking user's intervention in order to reach the affected computer. The means of transmission used include, among others, floppy disks, CD-ROMs, email messages with attached files, Internet downloads, FTP, IRC channels, peer-to-peer (P2P) file sharing networks, etc.
chico is offline   Reply With Quote
Old 04-07-2006, 11:53 PM   #5
Fully Optimized
 
Bahawolf's Avatar
 
Join Date: May 2005
Location: United States
Posts: 2,604
Default Re: Rivarts.A please help

Here you go: http://www.2-spyware.com/remove-rivarts.html
Bahawolf is offline   Reply With Quote
Old 04-08-2006, 02:28 AM   #6
Wizard of Wires
 
setishock's Avatar
 
Join Date: Feb 2005
Location: Not sure
Posts: 10,030
Default Re: Rivarts.A please help

Going online with out a solid firewall and antivirus program is one way to get this. Anothe is P2P. And the BIG one, opening junk mail.
__________________

setishock is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off



All times are GMT -5. The time now is 02:43 PM.


Powered by vBulletin® Version 3.8.8 Beta 4
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
Search Engine Friendly URLs by vBSEO 3.6.0