Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Trojan.KillAV and HTTP Trojan Vundo Activity and others I think


  • Please log in to reply

#1
Blue.FoX

Blue.FoX

    New Member

  • Member
  • Pip
  • 5 posts
Ok first off, im sorry for posting here once before and then never responding, my problem solved it self and I totally forgot about requesting help.

So, the other day I turned on my computer and then Norton says that auto protect got turned off and told me to fix it...I did. The only thing I did after that was install Norton Internet Security 2008 (trial) and then install the norton add-on pack. That's when my problems started, right after the restart after the add on pack. (I did get it from the symmantec website so I'm kinda puzzled about that)

ANyway, after that restart, Norton gives me messages saying that a recent attempt from Trojan.KillAV was blocked and a recent attempt by HTTP Trojan Vundo Activity was blocked. Those are the only two that Norton catches, I'm hoping those are the only two.

When I tried going on the internet, it was nearly impossible from the popups that all of a sudden started....and I'm not taling once and a while popups...I'm talking like at least every 15 seconds (!!!) Internet Explorer kept having errors when I tried downloading Spybot, but I eventually got it.

Spybot found three things.

- My security center was disabled (??)
- Virtumonde
- Virtumonde.dll

The last that has happened....It says it removed/fixed all of the issues. But I did get this message "Failed to load C:\Program Files\Spybot - Search _Destroy\DelZip179.dll" followed by an error saying I was out of system resources.

Now here's my next problem. Spybot is detecting registry entry's that I have no clue what they are. If I say allow or deny they come up again and again..If i choose remember my decision, Spybot popups take over my screen (If I leave it alone, it does nothing) one of the entry's it is trying to add is... SpybotDeletingB4954 and there are others which I have found out to be scripts that run the command prompt (?)

Next problem...when I start up my computer, I get an error saying that C:\\WINDOWS\system32\fkkdsycj.dll could not be loaded
as well as................ C:\\WINDOWS\system32\frnqydka.dll
then, a bunch of command prompts open and close, but they dont have anything in them, they just open and close (id say about 10 of them)

So those are problems, I really don't know where to start. I am running the Kaspersky online scanner right now, as well as trying another Norton full system scan. For now, the internet explorer popups seem to be gone.

If any of this sounds really confusing, I can give screenshots of what I'm talking about.

help please :S

Blue.FoX
  • 0

Advertisements


#2
Blue.FoX

Blue.FoX

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
------------UPDATE----------------

ok, I dont know how, but ti seems that the spyware or whatever I had has been cleared out..the last thing I did was disable system restore and then run Spybot in safe mode. It seems to have worked....

Now I just have one request, and that is if someone can have a look at myh startup files and tell me if they see anything suspicous.
- On startup, I get 1 error saying that it could not load C:\\WINDOWS\system32\iyschghx.dll
- Also on startup, there are some command prompts that appear and then go away (there is about 5, one after another). As far as I can, there is nothing in them, but it could be hard to tell because they disappear so fast.

I have found the registry key that is trying to load the dll file and I can stop it. However, Im not sure about the command prompts




thanks for your help, whenever someone gets around to helping me


- Blue.FoX
  • 0

#3
Blue.FoX

Blue.FoX

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
-----------UPDATE-------------

Ok, sorry about this, but, I WAS what seemed to be virus free. It was working perfectly fine for about 45 mins, then it all came back, everything that I mentioned in my first post. So ya......

- Blue.FoX
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP