I started a new thread because I was afraid adding to old thread might be ignored.
On Jan 27, Spike27 posted, titled: AVPE Detected something called BDS Backdoor... to which mrrockford replied with a set of instructions to follow. Since I got a similar bug, I attempted to follow same.
The CCleaner, SpyBot, and HijackThis zip files are refusing to open. If you choose Extract all... (Win XP), the error message indicates corrupt zip file. I can open existing zip files on my computer, but so far no new zip files. Ever hear of a cause for that?

If you can tell me what gives, I'll continue following advice, including placing a Hijackthis log file in proper forum.

Gratis,
Mike

Howdy,

Try downloading them again. Which zip software are you using?

I downloaded Ccleaner again with same results. As for software, I am simply using what's built into Win XP. Double clicking or right clicking and choosing Open produces no response, and right clicking choosing "Extract All..." gets the (XP) Extraction Wizard, which ultimately gets me an error message stating: "The Compressed (zipped) Folder is invalid or corrupted".
Strange, I know. I can't think of any sound reason why this would happen. And I restate: Existing zipped files open, but neither of the 2 new zipped files will.

Thanks Again

Mike

Howdy,

I have put in a request to our experts to help here. Someone should be along shortly. Thanks for your patience.

Try downloading HJT from here - http://danborg.org/spy/HJT/hijackthis.exe

This is an unzipped version and should allow you to get your log posted while we figure out what's going on.

You could also try the trial version of Stuffit Expander - http://www.digitalriver.com/dr/v2/ec_dynamic.main?SP=1&PN=14&sid=52277

I was just able to download the files and extract them without issue. Are you trying to open them or save them?

Answering last question first:
Downloaded & saved the zip files in the normal manner. Once the files are saved on the hard drive, see my previous post for exact method.

Regarding Stuffit: I have downloaded & saved it, can't run it this moment as I'm in the middle of a disc operation. I will post back here with results.

Regarding the Hijackthis.exe unzipped link: Thanks, that worked well. Anybody notice that the unzipped version is 213KB vs. zipped being 208KB? Why zip it?

I will run Hijackthis, and submit the logfile per your instructions on the thread I mentioned in my first posting.

Hope you come up with something as to why my Win XP would suddenly stop unzipping newly downloaded zip files.

Gratis,
Mike

Howdy,

Try winzip to unzip the files.

I hate when things act up, with no sound explanation, and then something changes and the problem can't be duplicated!
Since all 3 of the most recent zip file downloads all failed, but earlier downloads seemed fine, I randomly grabbed a zip file from a government website, and it UNZIPPED! So it somehow appeared to only be related to the 3 files, all of which I had linked to from mrrockford's posting.

I installed Stuffit, and immediately tried it on the SpyBot zip file to NO AVAIL. Then I deleted SpyBot zip, and happened to be using MSN Explorer when I downloaded it again (3rd time, mind you). I had been using MS Internet Explorer for all earlier attempts. This time Stuffit opened the zip file! I tried retracing my steps & doing some duplicating and can't do it! I just don't have enough time to get really methodical about it, so I'll cut my losses and run. I have installed all 3 programs.

Consider the zip file problem concluded.

One other problem, and I need your advice on whether I should start a new thread or not, or will an administrator do it?

I have AntiVir PE continually popping up a warning that it found a signature of backdoor program BDS/SkSocket 1.0.8 in Svchost.exe in my Windows\Help directory. I delete the file, but a new one is created. Apparently AntiVir PE can't find what keeps creating the file.

Walk me through?

Gratis,

Mike

Is that infected svchost.exe is in Windows\Help Directory? Try deleting the file in SAFE mode.
Genuine svchost.exe must be in System32 Directory.
Update the AntiVir and do a full System in SAFE Mode, if it gives an alert again then follow below steps.

There is not much information about BDS/SkSocket Trojan, maybe due to the fact that different AV/Security firms refer them by slightly different names.

Download Trojan Remover, WebRoot SpySweeper Trial, CleanUp! and install them.

http://www.simplysup.com/tremover/download.html
http://www.webroot.com/downloads/?WRSID=4955734f12ec7d76df8c979f793cbec7
http://cleanup.stevengould.org/

Then reboot in SAFE mode, and perform a full system scan.
(In SpySweeper, before scanning, click Options Button, and then click Sweep Options, here select all the Hard disk partitions to scan.)
After this run CleanU! and reboot to Normal mode.

Finally perform virus scan at TrendMicro HouseCall and spyware scan at eTrust PestPatrol.
http://housecall.trendmicro.com/
http://store.ca.com/dr/v2/ec_main.entry25?page=freePestPatrolScan&client=ComputerAssociates&sid=35715

Post back the results.

Howdy,

Right now wait to make any changes until you have closed out the HJT thread that you need to start by posting your HJT log in the Hijackthis - Spyware, Viruses, Worms, Trojans Oh My! Forum. Most of what it lists will be harmless or even essential, don't fix anything yet. It is easier to control changes when it all stays in one thread. I will lock this thread now. If problems come up after your HJT thread is finished, please start a new thread and we will go from there.