1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

[Remnants of Trojan Horse infection]

Discussion in 'Malware and Virus Removal Archive' started by jvwert, 2005/04/16.

Thread Status:
Not open for further replies.
  1. 2005/04/16
    jvwert

    jvwert Inactive Thread Starter

    Joined:
    2002/10/16
    Messages:
    46
    Likes Received:
    0
    Some six months or so ago, I had a Trojan Horse infection named, kbddvrinf.exe, and I got rid of it, to the point where it was no problem - except that since then, during the Boot sequence I have to click through two small screens that state things like, "cannot find Windows\System32\kdbbvrinf.exe ".
    I have done as much searching, including the Registry, without success in trying to locate the place where it calls for this file and have no success.

    It is not a major problem, just a pain in the neck. Does anyone have any ideas as to where this request might live? - and how to get rid of it?

    jvwert
     
    jvwert,
    #1
  2. 2005/04/16
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    Download "Registry Search Tool" (RegSrch.vbs) from here
    http://www.billsway.com/vbspage/, start it and paste in kdbbvrinf, wait, hit ok. Wordpad will open showing the locations it was found.
     
    noahdfear,
    #2


  3. to hide this advert.

  4. 2005/04/19
    jvwert

    jvwert Inactive Thread Starter

    Joined:
    2002/10/16
    Messages:
    46
    Likes Received:
    0
    Remnants of trojan horse

    I downloaded the regsrch.vbs file and ran it several time, each of which came up with three "findings" of the problem file - with a small screen stating it would display the results in WordPad upon clicking on the screen. I was not able to get this to work, as I always got an error message that stated the system cannot find the file specified. This was even though the file listed was the location of RegSrch.vbs,

    I give up. Thanks, anyway. It must be some whacky thing with my machine - typical of XP - especially since Service Pack 2 was installe.

    jvwert
     
    jvwert,
    #3
  5. 2005/04/19
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    That's odd. :confused: Try this one. Download RegSearch.zip and extract the contents of the zip file to it's own folder.
    Open and double-click the icon for RegSearch.exe to launch the program.
    Enter kdbbvrinf in the top window and click OK. After completion Notepad will be opened with all the found instances.

    If it doesn't find it, try in safe mode.
     
    noahdfear,
    #4
  6. 2005/04/23
    jvwert

    jvwert Inactive Thread Starter

    Joined:
    2002/10/16
    Messages:
    46
    Likes Received:
    0
    Hi Dave - Thanks, again, for your patience. This time I was successful, and the program worked fine, but quite differently from previously. A short search reported the three appearances of kbddvrind.exe buried deeply in the Registry, and I cleared them with no problem. I do not know why it did not work before. It apparently found the three "plants" but it would not load WordPad and show the report. Instead, I got the error message I reported in my earlier note.

    You did great!

    jvwert
     
    jvwert,
    #5
  7. 2005/04/23
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    Glad it worked. Thanks for posting back. :)
     
    noahdfear,
    #6
Thread Status:
Not open for further replies.

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...