Can't eradicate trojan

B

Bill Sanderson MVP

Mike Treit has a couple of posts today--in .general and .announcements. I
don't know whether they'll change the definitions, but he's stating they
will change the behavior of the program in a broader way. When that change
will be made, I don't know.

--
 
B

Bill Sanderson MVP

Thanks--I'll bear that in mind. I'm not sure how long this will take to
resolve--see Mike Treit's posts with today's date in several groups.

--
 
G

Guest

Bill,

removing TuneUp Utillities 2006 isn't the cause of the problem.
I'am sure the AntiSpyware definitions of MS Defender or MS AntiSpy are the
cause.
I had this program running for about a month. No detection of a trojan by
AntiSpy or Defender until a few days ago.
I want to be sure that TuneUp Utillities 2006 made these entries so I
removed this program, removed al registry entries and all files relating to
this program.
de registry was clean.

give it a try, download the trail version of this programm.
http://www.tune-up.com/download/tu2006/

regards
Jan

I re-installed TuneUp Utillities 2006, the registry keys were back and MS
AntiSpy was detecting the trojan again.
 
G

Guest

Mike,

I had the same problem with the trojan.
removed all AntiSpyware, cleaned up files en registry entries.
no effect.

after I removed TuneUp Utillities 2006 and cleaned the registry the problem
was solved.

Removing TuneUp Utillities 2006 isn't the cause of the problem.
I'am sure the AntiSpyware definitions of MS Defender or MS AntiSpy are the
cause.
I had this program running for about a month. No detection of a trojan by
AntiSpy or Defender until a few days ago.
I want to be sure that TuneUp Utillities 2006 made these entries so I
removed this program, removed al registry entries and all files relating to
this program.
de registry was clean.

I re-installed TuneUp Utillities 2006, the registry keys were back and MS
AntiSpy was detecting the trojan again.

give it a try, download the trail version of this programm.
http://www.tune-up.com/download/tu2006/

regards
Jan
 
B

Bill Sanderson MVP

Sorry I missed following up on this earlier. The definition update of March
30 should have removed this detection.

--
 
G

Guest

Got this reply from pctools:

The Rivarts.A detection in most cases is picking up the following registry
entry as Rivarts.A.

HKLM\SYSTEM\Currentcontrolset\Services\mchInjDrv

This appears to be a false positive detection.

MchInjDrv is a third-party driver used by many security applications to
provide process protection. However, this driver can also be used for
malicious purposes by those intent on writing Spyware. There are some
AntiSpyware programs that do not understand that this is a legitimate driver
that can be used maliciously but in most cases is used legitimately.

Spyware Doctor in fact uses mchInjDrv as do many other legitimate security
programs.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

What is this? (mpspy test file) 3
UPHClean v1.6d 5
False Positive for ShopAtHome 2
User Profiles Hive Cleanup version 1.6.30 issue 2
False positives 5
msfwhlpr.sys potential malware message in event log 7
Windows Defender and UPHclean v1.6 9
Event Viewer 6

Top