|
|
#1
November 6th, 2009, 11:44 AM
|
|||
|
|||
Unknown App
I have the following application that I found in Task Scheduler: prvlzwkb. It is located in Windows System32 Rundll32.exe - nnnoNffg.dll. I have no idea what it does and cannot find any info on it. Does anyone have any ideas what it could be?
|
|
#2
November 6th, 2009, 02:56 PM
|
||||
|
||||
|
Re: Unknown App
Did a Google of the process nnnoNffg.dll, looks like it's a vundo variant.
Does the application prvlzwkb change its name after a reboot? I'd start off trying to terminate the process and running MBAM, if you haven't already. Links to the Google results:http://www.exterminate-it.com/malped...o-virtumondo/8 and http://forums.spybot.info/archive/in...p/t-27218.html
__________________
Avast Home, MVPS Hostsfile,Secunia PSI Autorun Eater, Windows Firewall, MBAM (demand), XP SP3. |
|
#4
November 6th, 2009, 07:22 PM
|
||||
|
||||
|
Re: Unknown App
I reckon it's there, but cloaking itself. Such process names bear similarities to those used by rootkits. Or polymorphic malware.
Either way, you'll need to find a way to stop it or uncloak it before it can be recognized and eliminated for good. Not my province, sorry, not trained/knowledgeable enough to confidently help others, there are folk here that are, and plenty of malware removal forums that can help, too. (MajorGeeks, Bleeping computer, Aumha etc. There's a sticky about that Here.
__________________
Avast Home, MVPS Hostsfile,Secunia PSI Autorun Eater, Windows Firewall, MBAM (demand), XP SP3. |
|
#5
November 8th, 2009, 01:04 AM
|
|||
|
|||
|
Re: Unknown App
Spybot should clean Vundo variants.
__________________
Realtime: Webroot SecureAnywhere Private Beta + Zemana Antilogger + HitmanPro Alert On-Demand: Hitman Pro Others: Router + EMET (Custom Conf.) + Fully Updated Windows 7 SP1 64Bit + Other Security Measures |
|
#6
November 8th, 2009, 07:19 AM
|
|||
|
|||
|
Re: Unknown App
Hi
Download Hijackthis and do a scan and save the log file, then post here so someone can help you. Alternatively download superantispyware and malwarebytes antimalware. Instal both of them the reboot in safe mode and then scan first with superantispyware, then reboot normal and clean. Repeat the same with malwarebtres antimalware. Good luck. |
|
#7
November 8th, 2009, 09:53 AM
|
||||
|
||||
|
Re: Unknown App
Quote:
I do believe forum policies forbid posting of HjT logs here  unless specifically requested by forum staff member or other expert, see this thread http://www.wilderssecurity.com/showthread.php?t=42148
__________________
~i~ System info ~i~ |
|
#9
November 10th, 2009, 09:29 AM
|
||||
|
||||
|
Re: Unknown App
Here's the fix. just run it. http://vundofix.atribune.org/
__________________
Now that I'm older, I seem to have more patience. It turns out I just don't give a crap. WIN 7 64x, Avast! PRO V8, Outpost FW Pro 8.x, MBAM Pro Real Time, Shadow Defender, Active@ Disk Image, Macrium Reflect Standard, AX64 Time Machine
|
| « Previous Thread | Next Thread » |
| Thread Tools | Search this Thread |
|
|
