From the FRONT LINE

XDRV.SYS

A Yahoo or Google Search of "xdrv.sys" (quotation marks included)

will produce basically two primary results:

1. Troj/Dloadr-AOO

Reported by SOPHOS

a world leader in integrated threat management solutions

www.sophos.com/security/analyses/trojdloadraoo.html

2. Rootkit.Win32.Pibus.a

Reported by Sunbelt-Software (Counter Spy) Research Center

http://research.sunbelt-software.com/threatdisplay.aspx?name=Rootkit.Win32.Pibus.a&threatid=71399

both create the file xdrv.sys

More updates will be comming soon...

Written: 02/03/07