Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

awvuu.dll Computer Virus


  • Please log in to reply

#1
Anchorless

Anchorless

    New Member

  • Member
  • Pip
  • 1 posts
The other day I booted up my PC and was having all of the following issues some of which were worded so well I copied from another fella who was having similar troubles.

I had two new icons on my desktop, Windows XP's "Help and Support" icon and Windows XP's "Windows Update", both pointing to http://storageprotector.com. Symptoms of this infection included sluggishness, inability to double-click "My computer" icon as well as others, depending of the configuration of the system.

I googled the NT_Kernel error 1256 and came upon the forum http://forum.bitdefe...?showtopic=3561 and after combing through the forum I found a fix mentioned called FixVundo.exe. I downloaded this third-party utility and ran it. It detected several .dlls related to this trojan and deleted all of them except for awvvu.dll and awvvu.exe The system required a reboot. Once rebooted, it DID NOT delete the final files.

However, a new error message popped up wanting to run one of the affected .dll but was unable to locate it. The two malicious icons on the desktop also remained. I was able to delete the icons. After double-clicking the C: icon, roughly 2,000+ .tmp files, all starting with the name posxxx.dll were in the root. I highlighted and deleted those files.

I entered the registry editor and went to HKEY_LOCAL_MACHINE\HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run and deleted the .dll in that group.

Every time I reboot my computer, it's a slow boot and I am getting plenty of POP UP Ads. I also receive a buffer overrun that McAffee catches and deals with.

I am Pretty sure all of this is stemming from the awvvu.dll and awvvu.exe files in my system32 folder. I recently ran HiJackThis and can post a log asap. The log has a run command to run [kernel] also which has it's own folder under program files. Could this be the malware kernal.exe? I think I can probably fix the problem with just checking a few boxes that look suspicious but would like some help with it.

Thanks a lot in advance.

Edited by Anchorless, 16 January 2008 - 09:45 PM.

  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP