Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

New Trojan ?????


  • Please log in to reply
1 reply to this topic

#1 bfr2u

bfr2u

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Location:17518
  • Local time:12:06 AM

Posted 05 December 2009 - 07:31 PM

Clients XP OS computer suddenly began displaying the following error message when attempting to start any application including FireFox 3.5.

"This application failed to start because netfgkvbyk.dll was not found. Reinstalling the application may fix this problem."

All applications with the exception of firefox actually start after the error message is dismissed. Firefox refuses to start even after a full reinstallation.

AVG noted in the Virus Vault that it had stopped a Trojan with the netfgkvbyk.dll designation. Since have upgraded to AVG 9.0 Internet Security but it finds nothing.

Each time an application is launched the error message is repeated. A Google search for netfgkvbyk.dll gives zero reults. Malware bytes Anti-malware reports two threats in the registry removed as shown below


Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00009e9f-ddd7-aa59-aa7d-aa4b7d6be000} (Spyware.Passwords) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\idid (Trojan.Sasfix) -> Quarantined and deleted successfully.

Any thoughts on this matter would be appreciated.

Thanks, Boyd

Edit: Moved topic from AntiVirus, Firewall and Privacy Products and Protection Methods to the more appropriate forum. ~ Animal

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:06 AM

Posted 05 December 2009 - 08:08 PM

Hello, Its not unusual to receive such an error after using specialized fix tools.

A "Cannot find...", "Could not run...", "Error loading... or "specific module could not be found" message is usually related to malware that was set to run at startup but has been deleted. Windows is trying to load this file but cannot locate it since the file was mostly likely removed during an anti-virus or anti-malware scan. However, an associated orphaned registry entry remains and is telling Windows to load the file when you boot up. Since the file no longer exists, Windows will display an error message. You need to remove this registry entry so Windows stops searching for the file when it loads.

To resolve this, download Autoruns, search for the related entry and then delete it.

Create a new folder on your hard drive called AutoRuns (C:\AutoRuns) and extract (unzip) the file there. (click here if you're not sure how to do this.)
Open the folder and double-click on autoruns.exe to launch it.
Please be patient as it scans and populates the entries.
When done scanning, it will say Ready at the bottom.
Scroll through the list and look for a startup entry related to the file(s) in the error message.
Right-click on the entry and choose delete.
Reboot your computer and see if the startup error returns.
Credit to quietman7
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users