Soxpeca.exe & nwogvldr.exe errors stopping boot up

Discussion in 'Malware Help (A Specialist Will Reply)' started by relinquiae, Feb 22, 2009.

  1. relinquiae

    relinquiae Private E-2

    Hey, I have just found this forum and am dumbfounded by the amount of knowledgeable people that seem to reside here!

    Anyway, I have a problem with a collegues computer (their home one, not one at work). They have come to me as their computer will not get past the initial windows booting screen.

    I do not have direct access to their computer at the moment (she is a petite 65 year old who lives on the other side of the city to me, so getting her to drag her tower to work for me is at the moment a last resort) but she has given me pretty clear idea of what is going on.

    She runs Windows 2000 and this is the first problem she has had with it.

    On starting her computer, it runs through the motions, gets to the windows loading screen, sits there for a bit then goes to a blue screen.

    A pop up box appears in the corner of her screen stating:

    nwogvldr.exe has generated errors and will be closed by windows_
    You will need to restart the program.
    An error log has been created.

    This sits on the screen for aout 10 minutes, then the box changes. The message stays the same, but the .exe changes to

    soxpeca.exe

    Now I am pretty sure this is a nasty trojan she has somehow caught, but I have come to a dead end in my research of how to remove this safely as she cannot get beyond the boot up.

    Any ideas on how this can be removed (by simple instructions or me collecting the tower off her if neccesary)? I want to try my best to keep everything as is on her computer, as she uses it to eep emails and photos from the family, and wiping them off would make me feel really bad!

    Are there any alternative ways to remove this nasty from her computer?

    Thanks guys
     
    relinquiae, Feb 22, 2009
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    You will have to try running the below. As noted, you can use safe boot mode if you cannot get the PC to run in normal boot mode. You can attempt to use Task Manager to kill the bad processes and possibly get around the blue screens.

    Please follow the instructions in the READ & RUN ME FIRST link given futher down and attach the requested logs when you finish these instructions.
    • If you have problems where no tools seem to run, please try following the steps given in the below and then continue on no matter what you find. You only need to try the TDSSserv steps if having problems getting scans in the Read & Run Me First.
    • If something does not run, write down the info to explain to us later but keep on going.
    • Do not assume that because one step does not work that they all will not.
    READ & RUN ME FIRST. Malware Removal Guide
    • After completing the READ & RUN ME and attaching your logs, make sure that you tell us what problems still remain ( if any still do )!
    Helpful Notes:

    1. If you run into problems trying to run the READ & RUN ME or any of the scans in normal boot mode, you can run the steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:
    2. If you have problems downloading on the problem PC, download the tools and the manual updates for SUPERAntiSpyware, Malwarebytes and Spybot ( links are given in the READ & RUN ME) onto another PC and then burn to a CD. Then copy them to the problem PC. You will have to skip getting updates if (and only if) your internet connection does not work. Yes you could use a flash drive too but flash drives are writeable and infections can spread to them.
    3. To avoid additional delay in getting a response, it is strongly advised that after completing the READ & RUN ME you also read this sticky:
    Any additional post is a bump which will add more delay. Once you attach the logs, your thread will be in the work queue and as stated our system works the oldest threads FIRST.
     
    chaslang, Feb 22, 2009
    #2

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds