ysdtrssa.exe

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Does anyone have any idea what ysdtrssa.exe does? It it a Windows System
executable program or spyware crap. It shows installed in my Sysem32 file
this morning and tried to access the Internet. MY Zone Alarm firewall stopped
so nothing was done. Is this a real Microsoft program?
 
It is not a Windows/IE/Microsoft file. Nothing returned via Google on said
file, either. I would suspect malware/spyware or a virus. Those types of
programs can generate random file names while doing their dirty work.

Do a virus scan of your system with an anti-virus program that has
up-to-date virus definitions. If you don't have an AV program -

online virus scans:
http://housecall.trendmicro.com/housecall/start_corp.asp
http://www.pandasoftware.com/activescan/
http://www.bitdefender.com/scan/license.php
http://security.symantec.com/sscv6/default.asp
http://www.ravantivirus.com/scan/
http://us.mcafee.com/root/mfs/default.asp
http://www.kaspersky.com/scanforvirus
http://www3.ca.com/securityadvisor/virusinfo/scan.aspx

If an anti-virus scan comes up clean, read on...

This may be spyware/malware that's gotten installed on
your system. Use Ad-Aware, Windows Defender and/or Spybot Search & Destroy
to remove it.

Windows Defender (beta)
http://www.microsoft.com/athome/security/spyware/software/default.mspx
Ad-Aware: http://www.lavasoftusa.com/
Spybot: http://www.safer-networking.org/en/index.html
Good sites on how to install and use Spybot -
http://www.safer-networking.org/en/tutorial/index.html
http://tomcoyote.com/SPYBOT/index1.php

Also download a winsock repair tool, to have just in case cleaning up
anything found breaks it -

Winsock repair tools:
LSPFix- all versions of Windows http://www.cexx.org/lspfix.zip
Winsock2 Fix- Win98, ME
http://www.bu.edu/pcsc/internetaccess/winsock2fix.html
LavaSoft- all versions of Windows-
http://digital-solutions.co.uk/lavasoft/whndnfix.zip

More information here:
http://www.spywareinfo.com/
http://inetexplorer.mvps.org/tshoot.html
http://spywarewarrior.com/sww-help.htm

If no joy, in IE go to Tools...Internet Options...Advanced tab, Browsing
section, uncheck "Enable third-party browser extensions", click Apply, click
Okay, reboot. If that solves your problem, then more troubleshooting is
needed to find out exactly which program, or Browser Helper Object (BHO) is
causing this problem. You don't want to leave it at that, as some BHOs are
useful or necessary - like Adobe Acrobat for reading .pdf files or an
essential component of Norton AV. Get BHODemon -
http://www.definitivesolutions.com/bhodemon.htm - read all about BHOs.
Disable all items, and then gradually replace one or two at a time to narrow
down the culprit.

Or if you have IE 6 SP-2 you can do this within the browser:
How to manage Internet Explorer add-ons in Windows XP Service Pack 2
http://support.microsoft.com/default.aspx?scid=kb;en-us;883256

If all the above fails, then the problem could be something new that the
spyware cleaners above don't have in their databases yet. In that case....
HijackThis direct download:
http://www.spywareinfo.com/~merijn/files/hijackthis.zip
Tutorial on how to use HijackThis:
http://www.spywareinfo.com/~merijn/htlogtutorial.html
Then post it's output log to the forum here for analysis and feedback by the
parasite experts:
http://www.spywareinfo.com/forums/
Or the other HijackThis Logs forums listed here:
http://www.spywareinfo.com/~merijn/forums.html

Or try this program to get some of the most nasty malware:
CWShredder direct download:
http://aumha.org/downloads/cwshredder.zip

An alternate resource for all of this and more:
http://www.aumha.org/secure.htm
 
Back
Top