Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Heavily Infected with Viruses [RESOLVED]

Started by abryenton , May 19 2008 05:24 PM

  • This topic is locked This topic is locked

#31
fenzodahl512
Posted 17 June 2008 - 06:14 PM

fenzodahl512

  • Malware Removal
  • 9,863 posts
That's odd.. Your log looks clean to my eyes.. Let's see if we left something at registry.. Please do the following...


Download Registry Search to your desktop.
  • Right click on the compressed RegSearch folder, and choose "Extract All". In the box that pops open, click "Next", then "Next" again, and then "Finish". You now have another RegSearch folder on your desktop.
  • Open the new folder, and double click on regsearch.exe and make sure all Search options are checked.
  • At the first box, under Enter search strings (case indipendent) please type clbdriver
  • Click OK and Registry Search will scan your registry for the file(s), and a Notepad box will open with a report.
  • Please reply here with the entire contents of the Notepad file from RegSearch.


Regards
fenzodahl512

Edited by fenzodahl512, 17 June 2008 - 06:16 PM.

  • 0

Advertisements

#32
abryenton
Posted 18 June 2008 - 10:10 PM

abryenton

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
Here are the log for the Registry Search:

Windows Registry Editor Version 5.00

; Registry Search 2.0 by Bobbi Flekman © 2005
; Version: 2.0.5.0

; Results at 6/19/2008 1:08:44 AM for strings:
; 'clbdriver'
; Strings excluded from search:
; (None)
; Search in:
; Registry Keys Registry Values Registry Data
; HKEY_LOCAL_MACHINE HKEY_USERS


[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\clbdriver.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\clbdriver.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_CLBDRIVER]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_CLBDRIVER\0000]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_CLBDRIVER\0000]
"Service"="clbdriver"
"DeviceDesc"="clbdriver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\clbdriver]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\clbdriver]
; Contents of value:
; \??\globalroot\systemroot\system32\drivers\clbdriver.sys
"imagepath"=hex(2):5c,00,3f,00,3f,00,5c,00,67,00,6c,00,6f,00,62,00,61,00,6c,00,\
72,00,6f,00,6f,00,74,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,72,00,6f,\
00,6f,00,74,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
64,00,72,00,69,00,76,00,65,00,72,00,73,00,5c,00,63,00,6c,00,62,00,64,00,72,\
00,69,00,76,00,65,00,72,00,2e,00,73,00,79,00,73,00,00,00

; End Of The Log...
  • 0

#33
fenzodahl512
Posted 18 June 2008 - 10:39 PM

fenzodahl512

  • Malware Removal
  • 9,863 posts
Hello, thanks for the reply.. First, lets delete the leftovers...


Please download this file and save it directly to your Desktop.. Don't do anything with that file.. Just leave it there..



Please copy everything inside the quote box below and paste it into notepad. Go up to "File > Save As", click the drop-down box to change the "Save As Type" to "All Files". Save it as desktop.bat on your Desktop.

SWReg ACL "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_CLBDRIVER" /GE:F

Double-click desktop.bat A window will open and close quickly, this is normal.

If you do not sure how to make a batch file, please visit HERE for the tutorial.




NEXT


Please double-click OTMoveIt2.exe to run it. (Vista users, please right click on OTMoveit2.exe and select "Run as an Administrator")
[*]Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\clbdriver.sys
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\clbdriver.sys
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_CLBDRIVER
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\clbdriver

[*] Return to OTMoveIt2, right click in the "Paste List of Files/Folders to Move" window (under the light Yellow bar) and choose Paste.
[*]Click the red Moveit! button.
[*]A log of files and folders moved will be created in the c:\_OTMoveIt\MovedFiles folder in the form of Date and Time (mmddyyyy_hhmmss.log). Please open this log in Notepad and post its contents in your next reply.
[*]Close OTMoveIt2
[/list]If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.




NEXT


Please run Registry Search again with the same clbdriver keyword..


Please post OTMoveIt2 log along with a fresh Registry Search log in your next reply... Tell me about those programs..


Regards
fenzodahl512
  • 0

#34
abryenton
Posted 18 June 2008 - 10:52 PM

abryenton

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
I still can't seem to burn anything. Winamp seems to be working fine as well as Firefox & IE.


OTlog:

< HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\clbdriver.sys >
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\clbdriver.sys\\ deleted successfully.
< HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\clbdriver.sys >
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\clbdriver.sys\\ deleted successfully.
< HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_CLBDRIVER >
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_CLBDRIVER\\ deleted successfully.
< HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\clbdriver >
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\clbdriver\\ deleted successfully.

OTMoveIt2 by OldTimer - Version 1.0.4.2 log created on 06192008_014552




Registry Log:

Windows Registry Editor Version 5.00

; Registry Search 2.0 by Bobbi Flekman © 2005
; Version: 2.0.5.0

; Results at 6/19/2008 1:48:05 AM for strings:
; 'clbdriver'
; Strings excluded from search:
; (None)
; Search in:
; Registry Keys Registry Values Registry Data
; HKEY_LOCAL_MACHINE HKEY_USERS


; End Of The Log...
  • 0

#35
fenzodahl512
Posted 18 June 2008 - 11:07 PM

fenzodahl512

  • Malware Removal
  • 9,863 posts
Erm.. please uninstall >> restart >> reinstall your Nero.. then tell me about it :)
  • 0

#36
abryenton
Posted 22 June 2008 - 11:34 PM

abryenton

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
I had to re-format my computer. I started it the other day and at the windows boot up screen I kept getting a blue screen of death saying that there was a hardware failure (Bad Pool Caller). After some research on the net, they said it was either bad ram, a bad harddrive or damaged drivers. I couldn't figure out how to fix it, so I just re-formatted. It's running good now.

Is there a chance that there are still viruses on it even after a re-format.

Thanks again for all your help, you've been very patient, I appreciate everything you have done for me.
  • 0

#37
fenzodahl512
Posted 23 June 2008 - 07:57 AM

fenzodahl512

  • Malware Removal
  • 9,863 posts

I had to re-format my computer. I started it the other day and at the windows boot up screen I kept getting a blue screen of death saying that there was a hardware failure (Bad Pool Caller). After some research on the net, they said it was either bad ram, a bad harddrive or damaged drivers. I couldn't figure out how to fix it, so I just re-formatted. It's running good now.

Is there a chance that there are still viruses on it even after a re-format.

Thanks again for all your help, you've been very patient, I appreciate everything you have done for me.



Ouch.. It was really unfortunate.. I feel sorry for you..

About your question, after you done a re-format, your system should be as good as new...

Is there anything else that I could help?


Regards
fenzodahl512
  • 0

#38
fenzodahl512
Posted 28 June 2008 - 08:24 PM

fenzodahl512

  • Malware Removal
  • 9,863 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP