Help Required for oem-drv86.sys

YanAndrew · 05 Jun 2016

Hello Everybody,

I have an infection which made me run a couple of rescue CDs on my machine, but the infection was not completely eradicated. Thus, I turned to TDSSKiller and it flagged this file "oem-drv86.sys" as "suspicious" and of "medium risk" (please refer to attachment).

I've checked online and got mixed instructions. However, the review on the VirusTotal site states that it is a Windows driver. When I checked the MD5 and SHA against the ones on the VirusTotal site, they're different.

I know I have definitely been infected, but do you Guys think this "oem-drv86.sys" is one of the infection?

Regards,
YanAndrew

ICIT2LOL · 11 Jun 2016

Hello and welcome YanAndrew mate personally I would run this as well Kaspersky Rescue Disk 10
You will need to make a bootable disk and set the BIOS to boot from either the disk or stick whichever you prefer to use ( I prefer a disk) and let it run.

It runs in a non Windows environment scans everything and is not influenced in any way by the Windows OS:)

Let us know how it goes.

Edit Found this a good read oem-drv86.sys Windows process - What is it?

YanAndrew · 12 Jun 2016

Hello ICIT2LOL,

Thank you for getting back.

I have run several different rescue CDs, including Kapersky, BitDefender, etc. Basically, if you can name them, I've run them. I've even done the RKill, TDSSKiller, MalwareBytes, etc. None of them detected anything. However, when I go through my C: drive, I can see lots of different folders with dodgy names and in them are all these printers drivers which I have never installed. And then there's this programme called Control Centre 4 (CC4), which attempted to make changes to my registry.

Anyway, for my own peace of mind, I've decided to nuke the hard disk and start from scratch in order to get rid of the damn pests.

I appreciate your suggestions though.

Thank you,
Andrew

ICIT2LOL · 15 Jun 2016

Andrew sorry late reply mate and well you beat me to it and as long as you have your data backed up pics docs etc then wiping that drive is the best thing unfortunately.

I personally use the DISKPART clean or clean all to do that using another machine but I do believe there are bootable softwares that will do that.

An alternative is wiping the drive with Partition Wizard also needs a different machine but the links are here for either

Disk - Clean and Clean All with Diskpart Command

or https://www.partitionwizard.com/free...n-manager.html see pic

NB clean all and the PW wipe do take some time

YanAndrew · 15 Jun 2016

Hi ICIT2LOL,

Thank you very much for the tips.

They'll definitely be handy.

Cheers,
Andrew

ICIT2LOL · 16 Jun 2016

Ok no worries Andrew if I didn't mention it before you might find this tutorial very handy for making your machine quicker and easier to use - if you don't mind losing some of the "bling" like transparency. It is my bible when clean installing or fixing others machines

Optimize Windows 7