Jump to content


Trusted Malware Techs
  • Content Count

  • Joined

  • Last visited

Everything posted by noahdfear

  1. Interesting! Neither of those logs contained any information I was hoping for/expecting. One more, and then I'll write up a proposed fix for you, ok? I want to check for hidden dlls. Download this zip. http://www.downloads.subratam.org/pv.zip Unzip it to the desktop. It will not work if you run it from inside the zip. After unzipping open the pv folder. Double click on the runme.bat. A dos window will open. Select option 1 for explorer dlls by typing 1 and then pressing enter. Notepad will open with a log in it. Copy and paste the log into this thread. Then run option 2 for IE
  2. You bring the beer! It's our pleasure to help! Donations to the site are always appreciated.
  3. Thank you! Because this infection is relatively new, I'd like for you to do a bit more searching for us to see if we can identify what keeps putting it back. Download "Registry Search Tool" (RegSrch.vbs) from here http://www.billsway.com/vbspage/ start it and paste in access control, wait for it to complete the search, click ok at the prompt. Then when wordpad opens, copy that back here please.
  4. The original task manager instructions were for XP (my assumption you were using it.......my bad ). In 98, if the process is listed, just click it to highlight and click End Task. I was referring to opening a command window from Start>Programs>Accessories in the event typing command at the run line didn't work. Once the command window is open, open your saved text file, highlight and copy the first command. Right click in the command window and paste, then hit enter. Repeat for the second command.
  5. I've never known anyone to encounter problems by doing so. Don't empty the recycle bin until you're sure everything is OK. You will probably find more things cleaning again after deleting those folders and rebooting back into windows too.
  6. Task manager in 98 can be opened by pressing Ctrl+Alt+Del. You may have to type command to open a command window, otherwise it can be found at Start>Programs>Accessories. Copy the commands to a blank notepad and save it to your desktop for access in safe mode.
  7. Yes, all files will be included, since when you delete the uppermost folder, all files and sub-folders within it will be deleted also. I've found RegSeeker to be a very good app. I have and do use it in the same way I described on my own computers as well as client's, and have made the same recommendation to many many users with only one occasion of something not working properly afterward. That was on an ME machine and was also a known issue. Check out some of the other features also, eg; options on the Histories menu and Tweaks. Do be careful while familiarizing though. RegSeeker is a
  8. First, open task manager>processes tab and verify sockdebug.exe is not running. End task if it is. If it restarts, do the following procedure in safe mode. Click Start>run and type cmd, then hit enter to open a command window. Copy the commands below, one at a time and paste them on the command line, hitting enter after each. Note any error messages! attrib -h -r -s C:\WINDOWS\SYSTEM\sockdebug.exe del C:\WINDOWS\SYSTEM\sockdebug.exe Reboot and let me know if it's gone and stays gone.
  9. Were you given a location of the infected file? Can you find it?
  10. Hi plowdriver01! Please download the trial version of Ewido Security Suite here: http://www.ewido.net/en/download/ Install it, and update the definitions to the newest files. Do NOT run a scan yet. Please download Nailfix from here: http://www.noidea.us/easyfile/file.php?dow...050515010747824 Extract the files to a folder of their own on the desktop but please do NOT run it yet. The files must be in a folder of their own!! Either reboot and repeatedly tap F8 to enable the start menu and select safe mode, or go to start>run and type msconfig, hit enter. On the boot.ini tab, c
  11. LDTate is handling your cleanup, so please wait for his instructions. Advisors do sometimes discuss various topics/solutions, but I only poked in with more detailed instructions to help get the information he required. You're in good hands. Hang in there!
  12. Hi rmal75! Please download the GetLogXP.zip file attached to this post, saving it to your desktop. Right click and extract the GetLogXP.bat file to your desktop, then double click it to run. A log will open in notepad and a copy will be placed on your desktop. Please post the contents of that log here. GetLogXP.zip
  13. Hope you don't mind me adding $.02 here. Just wanted to give you a bit more information about NVidia Driver Helper and Creative plugins (C:\WINDOWS\System32\nvsvc32.exe and C:\WINDOWS\system32\CTHELPER.EXE) Taken from answersthatwork.com NVIDIA Driver Helper Service which gets installed under Windows NT4/2000/XP/2003 by the NVIDIA drivers for some of their graphics cards (or graphics cards based on an NVIDIA chipset). We do not at this stage know what this process does except consume memory ! And we also have no idea as to what a “Driver Helper Service” is supposed to do !! Re
  14. Hi Joe! Unfortunately, that log doesn't show us what it found, only how many. I have to ask that you run MWAV again, this time with the instructions below. Sorry, I know it takes a long time. Check the boxes for Memory, Registry, Startup Folders, System Folders, Services, Drive, All Local Drives and Scan All Files, then click scan. When it completes, copy the lower pane of the scanning window labled Virus Log Information and post it here.
  15. If the above suggestions don't stop it from starting up, after killing the process, open C:\Program Files\Common Files\Real\Update_OB and rename realsched.exe to realsched.old
  16. Hi benpike! You've picked up a nasty little piece of malware, but it's not as fatal as it suggests. Please follow the instructions for posting a HijackThis log in the HijackThis section and post a log there. We'll be happy to help you get your computer cleaned up.
  17. OK, it appears what I was looking for never got the chance to install itself or was removed by one of the antispyware apps. Ad-aware seems to be catching up with that nasty. My apologies for all the extra work. :beer: Feel free to delete the bat file and the GetLog text files in C: I also recommend you download and install SpywareBlaster. Enable all protections, check for updates and enable them too. Then download IESpyad.exe, double click to extract (it extracts to C:\IESpyad by default), open the folder, double click the ie-ads.reg file and allow it to merge into the registry.
  18. Very odd. 1 more attempt here. Please copy the command below, click Start>run and pste it in, then hit enter. regedit.exe /e C:\GetLog2.txt "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall" Open C:\GetLog2.txt and post it's contents.
  19. Right click the batch and choose edit. Delete the following line, then close saving changes and run again. del C:\GetLog.txt
  20. Hmmm........only a portion of the log showed up. Please run it again. No need to repost if it's the same. Do a file search for svcsysnet32.dll and svcsysnet32.inf and delete them if found. Do another search for EGDACCESS*.* and delete any found.
  21. Hi Spy Sweeper! Norton can quite frankly, be a pain. Do you still have the original installation cd/files? If so, I recommend you re-install it, then use the uninstaller provided with Norton to uninstall, rather than Add/Remove. Then see if you can uninstall Norton Rescue, then Live Update. If all of the above fails, you can try the brute force method I have used for Norton many times. First, download RegSeeker and extract to it's own folder. Reboot to safe mode, search for and delete all Norton and Symantec folders. Open RegSeeker and click 'Clean Registry'. When the scan is complete
  22. Hi seremina! I saw something in your log that suggests you may still have an infection. Would you please do the following so we can check? Please copy the contents of the quote box below to a blank notepad. Make sure the formatting stays the same. Close it, saving to your desktop as; Filename : Getlog.bat Save as type : All Files Double click the file to run it. A log will open in notepad. Please post the contents of that log. It may be quite large, so if necessary, split into two posts.
  • Create New...