netdc.exe

Discussion in 'malware problems & news' started by nevercanlogin, Aug 5, 2004.

Thread Status:
Not open for further replies.
  1. I'm still seeing the modified .ini entry for Explorer pointing to netdc.exe on Hijackthis! logs everywhere.I'm really curious about this one.Has anyone ever found a solution that works?

    Remember,newbies have to be able to understand it,so any complicated registry modifications are out...so is unhiding the damn thing via commandline I guess.

    I'm not refering to Dumaru nor any of the Trojans and viruses that add netdc.exe plus others as part of their payload.This one is a lone entry-netdc.exe..

    Any thoughts?
     
  2. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    65,298
    Location:
    Texas
    I did a search. Have you seen this?

    "What you need to do also in safe mode is removing the hidden startup entry 'netdc.exe'(Start\Run\All Programs\Startup).

    http://tinyurl.com/3oo2j
     
  3. thatwasme

    thatwasme Guest

    Thanks..I just tried the link,but cannot connect to unicyclist.com.My browser doesn't permit redirects,but thanks for trying.

    All the searches I do on this one seem to be dead ends.
     
  4. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    65,298
    Location:
    Texas
  5. cheersm8

    cheersm8 Guest

    That was helpful in that I now realise netdc.exe is the residue of a previous,improperly cleaned virus/trojan.

    So,essentially,a crash course in registry editing and commandline trouble-shooting is still the order of the day.Poor things!

    Thanks for that Ronjor.It's amazing how the more things change,the more they stay the same.
     
  6. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    65,298
    Location:
    Texas
    It's a jungle out there!! :D
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.