Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

vwxnose.dll Anyone knows what this is?


  • Please log in to reply
3 replies to this topic

#1 benden25

benden25

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:07:16 AM

Posted 10 March 2009 - 12:36 AM

Hi,

I'm new to this forum, but I've been visiting here very often and I must say that what a wealth of information this place provides! For this I want to say a big thank you to all the contributors of this forum,

I've just been reading the article "How Malware hides and is installed as a Service" and lo and behold, I am hit with one. I've followed the instructions given in the article to a "T", but I'm still unable to rid my system of this malicious prog. There's a file hidden somewhere thats putting back the dll file that I delete and this dll file inturn puts back all the registry entries that I've removed from the locations indicated by the author of the said write up. The dll file in question is called vwxnose.dll and I've googled for info on this file, but came up with nothing.

Can anyone pls help? How do I track the file thats putting the dll file back into the system32 folder?

Thanks for the help.

benden25

BC AdBot (Login to Remove)

 


#2 Stang777

Stang777

    Just Hoping To Help


  • Members
  • 1,821 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:16 PM

Posted 10 March 2009 - 01:22 AM

Hi,

I know nothing about that dll but if you have not already scanned with SuperAntiSpyware and Malwarebytes I would suggest doing that. When you are done, make a post with the results in "Am I Infected" section of this forum.

I would first run a quick scan with Malwarebytes (only takes around 10 minutes) then a quick scan with SuperAntiSpyware. SuperAntiSpyware can take a while to scan even in quick scan mode. If nothing is found, run a full scan with each program. If they find something, have them remove them.

Here is the link to download Malwarebytes, it should just start to dl when you load the page....

http://www.majorgeeks.com/downloadget.php?...fd909666f809b26

and this is the link to SuperAntiSpyware ....

http://www.superantispyware.com/

Edited by Stang777, 10 March 2009 - 02:22 AM.


#3 benden25

benden25
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:07:16 AM

Posted 13 March 2009 - 08:34 AM

Hi,

Thanks for the advice. I used Trend Micro Sysclean to check the system and it recorded a total of 2069 trojans and numerous exe files infected with a virus called PE_VIRUX.E-1. After cleaning and reboot, I could no longer load windows.

I'm wondering why my AVG Anti-virus did not detect the intrusion and info on this virus can only be found on Trend's site?

Thanks Stang777 anyway for the kind advice. I guess I'll have to nuke everything now and reload everything all over again! *sigh*

benden25

#4 garmanma

garmanma

    Computer Masochist


  • Staff Emeritus
  • 27,809 posts
  • OFFLINE
  •  
  • Location:Cleveland, Ohio
  • Local time:07:16 PM

Posted 13 March 2009 - 02:03 PM

Why don't you post in the malware forum?

http://www.bleepingcomputer.com/forums/f/103/am-i-infected-what-do-i-do/
Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users