ABRDRV.EXE

  • Thread starter Thread starter Winn Wikoff
  • Start date Start date
W

Winn Wikoff

My daughter-in-law's computer has been running very poorly.
Windows task manager shows abrdrv.exe using 99% of the processor. If
shut down it seems to quickly reload. What is this file and how dol I
get rid of it.

Thanks,

Winn
 
Winn said:
My daughter-in-law's computer has been running very poorly.
Windows task manager shows abrdrv.exe using 99% of the processor. If
shut down it seems to quickly reload. What is this file and how dol I
get rid of it.

Thanks,

Winn
Click to expand...

Winn:

What does your AV have to say? If it quickly reloads, then you should check
your startups. The standard way to do this on most Win systems is:

Start -> Run -> msconfig

and then check the list of startups for suspect programs. An alternative is
to download Highjackthis.exe and/or startuplist.exe (the first includes the
second) and get a listing of your startup items that way. A Google search
for both of these small apps will locate several download sources for you.

Good luck.

Steve
 
1) Download the following three items...

Trend Sysclean Package
http://www.trendmicro.com/download/dcs.asp

Latest Trend signature files.
http://www.trendmicro.com/download/pattern.asp

Adaware SE (free personal version v1.05)
http://www.lavasoftusa.com/

Create a directory.
On drive "C:\"
(e.g., "c:\New Folder")
or the desktop
(e.g., "C:\Documents and Settings\lipman\Desktop\New Folder")

Download SYSCLEAN.COM and place it in that directory.
Download the Trend Pattern File by obtaining the ZIP file.
For example; lpt263.zip

Extract the contents of the ZIP file and place the contents in the same directory as
SYSCLEAN.COM.

2) Update Adaware with the latest definitions.
3) If you are using WinME or WinXP, disable System Restore
http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
4) Reboot your PC into Safe Mode
5) Using both the Trend Sysclean utility and Adaware, perform a Full Scan of your
platform and clean/delete any infectors/parasites found.
(a few cycles may be needed)
6) Restart your PC and perform a "final" Full Scan of your platform using both the
Trend Sysclean utility and Adaware
7) If you are using WinME or WinXP,Re-enable System Restore and re-apply any
System Restore preferences, (e.g. HD space to use suggested 400 ~ 600MB),
8) Reboot your PC.
9) If you are using WinXP, create a new Restore point

* * * Please report back your results * * *

Dave




| My daughter-in-law's computer has been running very poorly.
| Windows task manager shows abrdrv.exe using 99% of the processor. If
| shut down it seems to quickly reload. What is this file and how dol I
| get rid of it.
|
| Thanks,
|
| Winn
 
My daughter-in-law's computer has been running very poorly.
Windows task manager shows abrdrv.exe using 99% of the processor. If
shut down it seems to quickly reload. What is this file and how dol I
get rid of it.

Thanks,

Winn
Click to expand...
**************** REPLY SEPARATER ****************
It would be nice if someone answered your question instead of telling to
download and install more software, but unfortunately there is no information
on this pariticular file name. That means that it may part of or loaded by a
backdoor trojan. HiJackThis should be able to handle it, but if it is one of
these intelligent programs that reloads itself, you may have to run it safe
mode and find and delete the file (and any associated files) before restarting
in normal mode.

J.A. Coutts
 
Winn Wikoff said:
My daughter-in-law's computer has been running very poorly.
Windows task manager shows abrdrv.exe using 99% of the processor. If
shut down it seems to quickly reload. What is this file and how dol I
get rid of it.

Thanks,

Winn
Click to expand...
Download the free versions of AdAware and SpyBot and install them.
Next, update them and run them, one at a time.
Your daughter-in-law's computer is suffering from spyware.
 
Winn said:
My daughter-in-law's computer has been running very poorly.
Windows task manager shows abrdrv.exe using 99% of the processor. If
shut down it seems to quickly reload. What is this file and how dol I
get rid of it.

Thanks,

Winn
Click to expand...

Are you sure it's not ambrodrv.exe? If so I found references to it being a
display driver component. (Yay for Google's "Did you mean to search for...?")

Which folder is it kept in on the hard disk?

If you're suspicious of the file (which I would be, acting like that) find
out where the file is kept and look at it's Properties->Version tab to try
and find some more information.

If you have access to anti-virus that can submit suspect files, do so with
the file.

One other thing to try would be Sysinternals' Autoruns program:
http://www.sysinternals.com/ntw2k/freeware/autoruns.shtml
to try and find out how it's starting, and turn it off.

Previous replies relating to Trend Micro's Sysclean, HijackThis, Ad-Aware
and Spybot would all be a must as well, with a suspicious file.

Let us know how you progress!


aD
 
My daughter-in-law's computer has been running very poorly. ,,,,
Thanks,

Winn
Click to expand...


Sent your replys to my son who doesn't Usenet, Will send results.

Thank-you

Winn
 
John said:
**************** REPLY SEPARATER ****************
It would be nice if someone answered your question instead of telling to
download and install more software, but unfortunately there is no information
on this pariticular file name. That means that it may part of or loaded by a
backdoor trojan. HiJackThis should be able to handle it, but if it is one of
these intelligent programs that reloads itself, you may have to run it safe
mode and find and delete the file (and any associated files) before restarting
in normal mode.

J.A. Coutts
Click to expand...

That would be nice John, but in this case, like many you read here, the
OP isn't providing enough information for anyone to provide malware
specific help. And while you chide others for suggesting he install more
software, you suggest he use HiJackThis. While technically it isn't
"installed", last time I checked it was software.

Unless those with problems provide enough information, you can either
ignore them or provide them with a carpet bomb approach that just might
help.
Click to expand...
 
Back
Top