I can't seem to move or delete this rdrive.sys virus that avast keeps finding. I turned off system restore, then scanned in safe mode...it wouldn't let me move it to chest...so then I deleted it permanently. It showed a total deletion but when I rebooted and scanned again...voila...there it was again...so I once again decided to permanently delete it. Is there any way of removing this thing for good? I've googled and also tried finding answers in here to no avail. Thanks friendly and helpful for better computing in all areas *smile*

well you can always format your harddrive and reinstall windows that will do the trick... also it's probably reappearing because it has itself in your registry too... you'll have to find all instances of the bug in your registry and remove using regedit (start \ run \ regedit)

Try killbox. http://www.bleepingcomputer.com/files/spyware/KillBox.zip File Description: Pocket KillBox is a program that can be used to get rid of files that stubbornly refuse to allow you to delete them. Usage Information: Download this file, extract it, and run the killbox.exe file. When it loads type the full path to the file you would like to delete in the field and press the Delete File button (looks like a red circle with a white X). It will prompt you to reboot, allow it to do so, and hopefully your file will now be deleted.

Tried everything mentioned above except reformatting and still no success....any more ides? There is alot of personal info on the laptop, so would like to remove this trojan instead of reformatting. Why doesn't AVG 7.0 find this? I also did a panda on-line scan and it didn't find it? thanks for any replies friendly and helpful for better computing in all areas *smile*

Hi, a client has the same virus on his system. The virus is also called TROJ_ROOTKIT.E Trojan or win32.efewe.e Trojan. I've gone onto google and have come up with the Trend Micro site that goes through the steps in removing the virus. You can do it manually, and/or download their free sysclean programme and their latest virus definition and run that on your system. I haven't tried it on my client's system yet, but hope this fixes your problem. The info on the virus and solution to it is on the link below to the Trend Micro page: http://www.trendmicro-middleeast.com/consumer/vinfo/encyclopedia.php?LYstr=VMAINDATA&vNav=1&VName=TROJ_ROOTKIT.E

anonymoususer, I actually got to that page just before you sent it...thanks for the info. I finally clawed my way through and got rid of the trojan. I went into the registry, deleted all entries and just kept rescanning (numerous times) and finally it was gone. Thanks everyone for their great help! friendly and helpful for better computing in all areas *smile*