I got it, and can't get rid of it. Does anybody have any suggestions?
My OS is Windows 2000.
I have followed the instructions from Symantec. Here is what I have done so far:
1. Started the computer in Safe Mode.
2. Ran Norton Antivirus 2003 - Full System Scan
It finds rdriv.sys in C:\WINNT\system32 and deletes it
3. I start the computer in normal mode
(at this point, I can see that rdriv.sys has already reinstalled itself)
4. I go to regedit and restore the following values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLE
EnableDCOM = Y
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
restrictanonymous = 0
5. I delete the following 2 subkeys:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
rdriv
wscsvc
(the instructions also say to delete iTunesMusic, but that one
isn't there)
6. Run Norton Antivirus 2003 - Full System Scan
Of course it finds rdriv.sys, and can't:
Fix
Quarenteen
Delete
Can anybody help?