rpe.sys - Dangerous

%sysdir%\rpe.sys

Free Download

Manual removal instructions:

Antivirus Report of %sysdir%\rpe.sys:
%sysdir%\rpe.sys Malware
%sysdir%\rpe.sysDangerous
%sysdir%\rpe.sysHigh Risk
%sysdir%\rpe.sys
rpe.sys is rootkit Backdoor.Ryejet.
rpe.sys is used to hide files, processes and registry.
rpe.sys is a kernel mode rootkit.
Rootkit contacts remote hacker server using HTTP session.
rpe.sys created new system drivers:
service name: "MdeRy"
Related files:
%SysDir%\asr_sdm.exe
%SysDir%\asr_sdmr.exe
%SysDir%\asr_ssmr
%SysDir%\sal.mdb
%SysDir%\rpe.sys
%WinDir%\svchost.exe
Adds the value:
"Userinit" = "%System%\userinit.exe,[Random number of spaces],,%Windir%\svchost.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
to the Windows startup registry keys.
Added to registry:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MdeRy
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Enum\Root\LEGACY_MDERY
HKEY_CURRENT_USER\Software\Microsoft\PCHealth

Remove rpe.sys now!

Dmitry Sokolov:

I created UnHackMe in 2006 to fix the problem that antivioruses did not fix: detecting rootkits.

Since that time I work every day to fix the issues that antiviruses cannot.

If your antivirus have not helped you solve the problem, you should try UnHackMe.

We are a small company and you can ask me directly, if you have any questions.

Testimonials

You can read UnHackMe testimonials here.