cdrom.sys file got deleted!!!

View previous topic View next topic Go down

cdrom.sys file got deleted!!!

Post by mbc595 on Sun 11 Jul 2010, 3:39 pm

For a day or so, Symantec AntiVirus has been constantly sending me a notification about HacktoolRootkit!inf. I tried to clean it, but it wouldn't work. I started to try and figure out the problem. I found out that the infected file was cdrom.sys, which was in C:\WINDOWS\system32\drivers\ i think. haha. So, my dad told me to use Malwarebyte's Anti-Malware. I performed a full scan, and it found cdrom.sys, the infected file, along with some other files. I removed all of the threats and restarted my computer. When I restarted, I went to load The Sims 3 World Adventures, which I just bought today, to see if I could play it without those irritating interruptions from Symantec. It said that it couldn't find the CD, and that there was a "Disc Authentication Error," which made me very upset, because I realized that something must have gone wrong with cdrom.sys. So, I went back into Malwarebyte's and opened the quarantine and restored the item that had cdrom.sys in it, along with some other items just in case. I restarted, but the problem was still there! I just went into Windows Explorer and checked the folder where cdrom.sys should be, but I don't see it! How do I get it back?!

mbc595

Unborn
Unborn

Posts : 1
Joined : 2010-07-11
Operating System : Windows XP

View user profile

Back to top Go down

Re: cdrom.sys file got deleted!!!

Post by Happyhunter on Mon 12 Jul 2010, 1:08 pm

[You must be registered and logged in to see this link.]

Take a read see if it will help

Happyhunter

Senior Surfer
Senior Surfer

Posts : 390
Joined : 2010-07-09
Operating System : XP

View user profile

Back to top Go down

Re: cdrom.sys file got deleted!!!

Post by Sneakyone on Mon 12 Jul 2010, 1:15 pm

Hi, Welcome to GeekPolice.net!

It sounds like cdrom.sys was infected with TDL3 and it got deleted, it needs to be replaced.

Please download OTL to your Desktop. (If you already have it downloaded, then just follow the instructions below).
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Under the Custom Scan box paste this in

    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\system32\*.exe /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\system32\*.sys
    %systemroot%\system32\drivers\*.dll
    %systemroot%\system32\drivers\*.ini
    %systemroot%\system32\drivers\*.exe
    %SYSTEMDRIVE%\*.*
    %PROGRAMFILES%\*.
    %appdata%\*.*
    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    disk.sys
    nvstor32.sys
    ahcix86s.sys
    nvrd32.sys
    symmpi.sys
    adp3132.sys
    mv61xx.sys
    usbstor.sys
    /md5stop
    CREATERESTOREPOINT
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs


  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) and paste (Edit->Paste) the contents of these files, one at a time


Note: in the event that OTL fails to run, please use alternate download links to try again:

[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]


I'm livin' life in the fast lane.


Sneakyone

Tech Officer
Tech Officer

Posts : 2707
Joined : 2010-01-10
Operating System : Windows 7 Ultimate 64-bit

View user profile http://twitter.com/AVerySneakyone

Back to top Go down

Re: cdrom.sys file got deleted!!!

Post by Belahzur on Tue 13 Jul 2010, 2:40 am

Moving to malware removal


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: cdrom.sys file got deleted!!!

Post by Sponsored content Today at 12:46 pm


Sponsored content


Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum