Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

T-Spy.html.Smitfraud progress [RESOLVED]


  • This topic is locked This topic is locked

#46
peacemaker05

peacemaker05

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts
Hi again,

The registry editor search found the entry under the VxD sector and in folder "SHLDDRV." The entry was listed as StaticVxD "SHLDDRV.VXD"

:tazz:

Edited by peacemaker05, 09 June 2005 - 03:13 AM.

  • 0

Advertisements


#47
Michelle

Michelle

    Malware Removal Goddess

  • Retired Staff
  • 8,928 posts
lol no... That's good! We can delete it and it'll be fine then

I need you to backup your registry first. Go back into regedit, click to highlight "My Computer" then go to File > Export. Name it whatever you want (but leave it as ".reg" and save it where you can remember if we need it (but not on the desktop)

After it's backed up, please delete the SHLDDRV.VXD (I thought you said it was just HLDDRV not with a S?) entry out of the registry. Then do this:

Copy everything in the code box below (starting with REGEDIT4) and paste it into notepad. Change the "Save As Type" to "All Files" and save it as fix.reg on your desktop.

REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"Wallpaper"=-
"WallpaperStyle"=-

[HKEY_CURRENT_USER\Control Panel\Desktop]
"Wallpaper"=-
"WallpaperStyle"=-

double-click fix.reg on your desktop. When asked if you want to merge with the registry click YES.

Reboot your computer and you should be good now :tazz:

Edited by bananafanafo, 09 June 2005 - 03:23 AM.

  • 0

#48
peacemaker05

peacemaker05

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts
Okay...

did that, now I'm going to reboot...be right back!
  • 0

#49
peacemaker05

peacemaker05

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts
Done; Worked; Yesss! Thank you....

If you can cook as well as you clean computers what are we waiting for! ;)


What do we do next? :tazz:

Edited by peacemaker05, 09 June 2005 - 03:36 AM.

  • 0

#50
Michelle

Michelle

    Malware Removal Goddess

  • Retired Staff
  • 8,928 posts
:tazz:

Just FYI, that entry was leftover from uninstalling Panda Anti-virus ;)

Any other problems??
  • 0

#51
peacemaker05

peacemaker05

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts
Well the active scan found some malware entries that it could not delete, what do we do about them? As far as we know, they are still active in the system right?

:tazz:

2) Also, should I uninstall AVG free edition, and reinstall Panda True prevent, or Titanium or Platinum?

3) And, if I do...when I uninstall any of those will I have the same VxD issue?

Lastly, what do you suggest for solid (as possible) protection against most malware installs via java or or any other active scripting processes online?

Edited by peacemaker05, 09 June 2005 - 03:46 AM.

  • 0

#52
Michelle

Michelle

    Malware Removal Goddess

  • Retired Staff
  • 8,928 posts
No. We deleted the files found by ActiveScan, the a couple of "windows registry" things I took care of with that reg I just had you make. The other item in the registry is a leftover CLSID that is impossible to find and, no, it absolutely will not harm your computer at all because there is no file associated with it :tazz:

Edited by bananafanafo, 09 June 2005 - 03:47 AM.

  • 0

#53
Michelle

Michelle

    Malware Removal Goddess

  • Retired Staff
  • 8,928 posts

2) Also, should I uninstall AVG free edition, and reinstall Panda True prevent, or Titanium or Platinum?



That's completely up to you. If you like Panda and already paid for it, use it. If not, use AVG.

3) And, if I do...when I uninstall any of those will I have the same VxD issue?


If/When you uninstall Panda again, if it doesn't uninstall fully like this time, yes you will have the same VXD issue.

Lastly, what do you suggest for solid (as possible) protection against most malware installs via java or or any other active scripting processes online?


I'll post that when you tell me there aren't any other problems :tazz:
  • 0

#54
peacemaker05

peacemaker05

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts
Oh...okay, well I guess that does it then? 52 posts later my system is clean. You are fantastic! I'll make sure to donate something special for you because you saved me a great deal of time and expense. But how can I better protect IE?

Can I stay in touch with you?

:tazz: ;) ;)

One last thing...what does the NTLDR missing DOS prompt mean?

Edited by peacemaker05, 09 June 2005 - 03:57 AM.

  • 0

#55
Michelle

Michelle

    Malware Removal Goddess

  • Retired Staff
  • 8,928 posts
Well that's very sweet of you, thank you! :tazz: And since it's 4 am, I'm headed to bed now ;)

Yes, feel free to PM any time (I'll be here!)

To secure IE - can you get Service Pack 1 on a 98? I'm pretty sure you can. Go to http://www.microsoft.com click on "Windows Update" on the left side then click "Express Install" to install latest security updates and I believe IE Service Pack 1 is one of them (don't quote me on that though, but definitely check! ;) ). Here are the rest of my recommendations:

You NEED a firewall! 2 excellent free ones are listed at the bottom :tazz:

Prevention Programs:
  • Spywareblaster <= SpywareBlaster will prevent spyware from being installed.
  • Spywareguard <= SpywareGuard offers realtime protection from spyware installation attempts.
  • MVPS Hosts file <= The MVPS Hosts file replaces your current HOSTS file with one containing well known ad sites etc. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer
  • Google Toolbar <= Get the free google toolbar to help stop pop up windows.
Other necessary Programs:

Edited by bananafanafo, 09 June 2005 - 03:59 AM.

  • 0

Advertisements


#56
peacemaker05

peacemaker05

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts
Did you see my last question...about what the NTLDR missing prompt is? I get that on another system I have running XP Pro. I'm thinking it's malware. Can I create boot disks that can scan for malware in the boot sector? If so, what site may offer a way to download effective boot sector scan disk(s) for free?



And again thank you for all your help... :tazz:

Edited by peacemaker05, 09 June 2005 - 04:06 AM.

  • 0

#57
Michelle

Michelle

    Malware Removal Goddess

  • Retired Staff
  • 8,928 posts
Yes, I did see it but it was 4 am and I had to go to bed... :tazz:

NTDLR missing is an issue with system file or something messed up in BIOS or something along those lines... and that's defintely not something I'll be able to help you with. Your system may be infected, but that's not what is causing that error message.
  • 0

#58
peacemaker05

peacemaker05

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts
Okay, thanks again. I hope I haven't lost my data.

Please give me a couple days and I'm going to donate something for you. I truly appreciate ALL you did for me. You ARE the best and I will be in touch with you very soon...take care of yourself.
  • 0

#59
Michelle

Michelle

    Malware Removal Goddess

  • Retired Staff
  • 8,928 posts
You're very welcome! I'm glad I was able to help ;)

Oh and for your problem on the XP machine, you might want to check this link out to see if it helps your problem any (sorry I couldn't help more with this problem):

http://www.computerh...es/ch000465.htm

I hope some suggestion in there works for you! :tazz:
  • 0

#60
Michelle

Michelle

    Malware Removal Goddess

  • Retired Staff
  • 8,928 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :tazz:

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP