Jump to content
Sign in to follow this  
Spy Sweeper

Trj/Clicker.CP VIRUS (sockdebug.exe)

Recommended Posts

:help: This was found by Pit Stops' Virus Scan.

 

My AVG (free) has never caught it.

 

My Norton AV 2000, caught a related Virus about 2 weeks ago. ( sysdebug32)

 

Thank You.

Share this post


Link to post
Share on other sites

Update. The Pit Stop Web site says they use "Panda" for there on-line Scan.

 

I went to Pandas' Site to find info on 'Clicker.CP'. There was info on many other 'Clicker."xx"s', but not specifically 'Clicker.CP'.

 

Why is that, being its 'Pandas' Virus-base used ???

 

Thanks.

Share this post


Link to post
Share on other sites

:beer: YES

 

C:\WINDOWS\SYSTEM\sockdebug.exe

 

And I have physically FOUND the File.

 

For info: BitDefenders' on-line Scan also listed "sockdebug.exe" on my Computer as 'Bad' (mentioning that its not actually a Virus)

 

Sure appreciate the Help. ( I did 3 on-line Scans last night & would have done 4, but I couldn't get 'Pandas' to work)

 

Thanks a Bundle :nospys:

Share this post


Link to post
Share on other sites

First, open task manager>processes tab and verify sockdebug.exe is not running. End task if it is. If it restarts, do the following procedure in safe mode.

 

Click Start>run and type cmd, then hit enter to open a command window. Copy the commands below, one at a time and paste them on the command line, hitting enter after each. Note any error messages!

 

attrib -h -r -s C:\WINDOWS\SYSTEM\sockdebug.exe

 

del C:\WINDOWS\SYSTEM\sockdebug.exe

 

Reboot and let me know if it's gone and stays gone.

Share this post


Link to post
Share on other sites

Copy the commands below, one at a time and paste them on the command line, hitting enter after each.

Have a Question about the Copy & Paste.

 

In Safe Mode you can't be on-line, So how do you Copy those to be available in Safe Mode ?

 

Thanks

Share this post


Link to post
Share on other sites

Task manager in 98 can be opened by pressing Ctrl+Alt+Del.

 

You may have to type command to open a command window, otherwise it can be found at Start>Programs>Accessories.

 

Copy the commands to a blank notepad and save it to your desktop for access in safe mode.

Share this post


Link to post
Share on other sites

Ctrl+Alt+Delete-NO Processes Tab, just End Task, Shut Down, & Cancel.

Start>Run Typed "command".

 

Up came a Black Screen w/ what I think is called a 'C' command prompt, but I dont understand what you meant for me to do there.

 

NO "Task Manager" at Start>Programs>Accessories, just "Scheduled Tasks"

 

Commands have been Saved in a Notepad on the DeskTop, That was pretty simple, Thanks for the 'Neat' Trick.

Thanks

Share this post


Link to post
Share on other sites

The original task manager instructions were for XP (my assumption you were using it.......my bad :mrsgreen: ). In 98, if the process is listed, just click it to highlight and click End Task.

 

I was referring to opening a command window from Start>Programs>Accessories in the event typing command at the run line didn't work.

 

Once the command window is open, open your saved text file, highlight and copy the first command. Right click in the command window and paste, then hit enter. Repeat for the second command.

Share this post


Link to post
Share on other sites

I forgot "Ctrl+Alt+Delete" was called the Task Manager in XP ( I have seen that on my Nephews -Home Edition, much more advanced then 98SE).

 

I know a bit about 'Processes running in the Back Ground". I've done alot of reading up on it over the last 2 months. I did a bit of House-Cleaning of the Back Ground Processes on my Sisters Computer. Knowing next to nothing when I started, I now Feel pretty comfortable w/ What & How important the "Back Ground" Processes are.

 

Still a bit sketchy on the 'Hidden' Processes.

 

I've Never seen sockdebug.exe running in the Background. Over the last month, I've checked the Background processes 4-5 times a day.

 

Thanks :beer:

Share this post


Link to post
Share on other sites

If the file exists, those commands will remove it. Try it from within Windows first. If you get a message that it's in use and cannot be deleted, do it in safe mode. Don't worry about not finding it as a running process, it may not be. ;)

Share this post


Link to post
Share on other sites

While "Fully" running Start>Run type: command;

 

Safe Mode, if in-use message.

 

(Edited-to add content)

 

All this was done in a 'Normal' Boot.

 

If I do: Start>Run type cmd I get a 'cannot be found' message

 

If I do: Start>Run type command I get a 'Black' Screen that engulfs the enitire screen. w/ C:\WINDOWS\DESKTOP>_ written, and "_" is blinking.

 

Theres no way to get to the Saved Notepad, the Black screen engulfs eveything.

 

When I hit Ctrl+Alt+Delete then select MS-DOS prompt, hit End task, the Computer returns to the Desktop.

 

I'm a bit lost Thanks

Edited by Spy Sweeper

Share this post


Link to post
Share on other sites

Open the notepad first, copy one command, open the command prompt, hold "ctrl" and "v", at the same time (to paste from the keyboard), enter, allow the command to run, exit, then repeat the process for the other command.

 

"ctrl" and "c" (will copy from the keyboard)

Share this post


Link to post
Share on other sites

C:\WINDOWS\Desktop>_ "_" is Blinking

 

The above is what i see after I do: Start>Run---Type: command

 

After saving the command (from notepad), then Start>Run---Type: command

 

The 'saved' command wont paste to the command prompt.

 

All that happens is a "v" is inserted where the blinking "_" is.

 

I tried to 'cut' then paste, that didn't work either.

 

Please Advise--------------------Thanks

Share this post


Link to post
Share on other sites

When you went to paste your items, did you right click in the title bar of your command window(above black screen area.. the top title window), then mouse down to edit and then to paste?? Just checking!!

 

 

 

Peace..

Share this post


Link to post
Share on other sites

Problem is; After I Start>Run then type command a 'Black' Screen Engulfs the ENTIRE Screen on the Monitor.

 

There's no Title Bar because its not just a 'window', the entire screen is used and NO Mouse Pointer is available.

 

Thanks for the Reply

Share this post


Link to post
Share on other sites

The command window should have three icons in the top right corner just like any window. A line to minimize to the tray, a double window to make the window small or large and an X to close the window. Can you not see those? Maybe the monitor needs adjusted? Open window is larger than the screen?

 

Just write the commands down and type them in (the 2 in bold below). Hit enter after each line.

 

attrib -h -r -s C:\WINDOWS\SYSTEM\sockdebug.exe

 

del C:\WINDOWS\SYSTEM\sockdebug.exe

 

 

Notice that there is a space between the following commands, switches and filepaths.

 

attribspace-hspace-rspace-sspaceC:\WINDOWS\SYSTEM\sockdebug.exe

 

delspaceC:\WINDOWS\SYSTEM\sockdebug.exe

Share this post


Link to post
Share on other sites

NO, i cannot see the 3 icons in the 'corner'.

 

Also, the Mouse Pointer isn't available until i Hit Crtl+Alt+Delete, to get back out of the MS-DOS prompt.

 

I'll type them as you suggest.

 

A Question, being I'm going to switch from AVG AV (i don't feel its good enough),

 

???BitDefenders' on-line scan found 'sockdebug' ( 2 files ); Removed one of them, & said it couldn't delete the other (obviously the 1 were trying to get rid of)

 

Could I Download & Run BitDefenders' Free Edition which is Version 7, to get rid of 'sockdebug' ( There On-line Scan is Version 8) ???

 

Thanks for the Help.

 

An unrelated Question. I gave the Donation, but i also wanted to Buy a PC Pit Stop 'baseball' cap, Pit Stops Website said they were available, but I didn't see them For Sale at the On-line Store ???

Share this post


Link to post
Share on other sites

C:\WINDOWS\Desktop>_ "_" is Blinking

 

The above is what i see after I do: Start>Run---Type: command

 

After saving the command (from notepad), then Start>Run---Type: command

 

The 'saved' command wont paste to the command prompt.

 

All that happens is a "v" is inserted where the blinking "_" is.

 

I tried to 'cut' then paste, that didn't work either.

 

Please Advise--------------------Thanks

Sorry, I was wrong :blushing:

 

Can't paste into the cmd prompt, lesson learned.

Share this post


Link to post
Share on other sites

Can't paste into the cmd prompt, lesson learned.

No harm done

 

I did wait to receive an answer, I thought I was getting to the Wrong Prompt or something.

 

I'll Type them, & see what happens.

 

Thanks Alot for all the Help. :nospys:

Share this post


Link to post
Share on other sites

Just write the commands down and type them in (the 2 in bold below). Hit enter after each line.

 

attrib -h -r -s C:\WINDOWS\SYSTEM\sockdebug.exe

 

del C:\WINDOWS\SYSTEM\sockdebug.exe

 

 

Notice that there is a space between the following commands, switches and filepaths.

 

attribspace-hspace-rspace-sspaceC:\WINDOWS\SYSTEM\sockdebug.exe

 

delspaceC:\WINDOWS\SYSTEM\sockdebug.exe

Thanks a Hole-Lot, the commands worked.

 

I was in 'normal' boot, when I did the commands, I received No error messages, then I did Ctrl+Alt+Delete selected Shut Down.

 

I've done both the BitDefender & Pit Stops' on-line Scans ( the 2 'Scanners' that found the Trojan), nothing :) , sockdebug.exe GONE.

 

Thanks for all the Help, you all.

 

One thing Strange (most likely my ignorance), PC Pit Stops' on-line Scan called the Trojan: Trj/Clicker.CP, therefore I thought that annoying 'clicking' everytime a 'Window' changes was the Trojan :huh: Still does it.

 

Many, Many Thanks. :beer: :beer: :beer:

 

 

About that Pit Stop Baseball Cap, Can you get them somewhere ???

Share this post


Link to post
Share on other sites

Glad to hear it worked! :)

 

The clicking you here is possibly a sound scheme, and can be changed or disabled by going into the Control Panel>Sounds and Audio Devices>Sounds Tabs (don't quote me on that, I'm not on 98 right now to check ;) ). There is a list of Windows events such as Asterisk, Default beep, Exit Windows, etc. There will be a loud speaker icon next to the ones that have a sound selected for that event. Click an event to select it, then click the play button next to the window below that shows the selected file for the event to hear the sound. You can select no sound or change the sound for any event.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

×
×
  • Create New...