newarcher
2008-03-10, 15:01
Help,
I have the following spybot/teatimer notification:
Located: HK_LM:Run, BMd3877471
command: Rundll32.exe "C:\WINDOWS\system32\btoyfsdb.dll",s
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Over the weekend, I kept getting the pop up from spybot regarding this error. I ran spybot, avg, avg spywire, and adaware and found two different trojans during scans. I ran the scans in both safe mode and regular mode.
Just when I think that I got rid of this monster, it adds itself back to the startup entries (even though I click deny change during the pop up above). Each time I go to safe mode and delete the DLL, it comes back with a different name but the BMD3877471 is always the same entry.
The three trojans/viruses I found were over the weekend:
Trojan horse generic9.BHWU
Trojan Obfuscated mu
virtumonde.dll
Thanks,
New
I have the following spybot/teatimer notification:
Located: HK_LM:Run, BMd3877471
command: Rundll32.exe "C:\WINDOWS\system32\btoyfsdb.dll",s
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Over the weekend, I kept getting the pop up from spybot regarding this error. I ran spybot, avg, avg spywire, and adaware and found two different trojans during scans. I ran the scans in both safe mode and regular mode.
Just when I think that I got rid of this monster, it adds itself back to the startup entries (even though I click deny change during the pop up above). Each time I go to safe mode and delete the DLL, it comes back with a different name but the BMD3877471 is always the same entry.
The three trojans/viruses I found were over the weekend:
Trojan horse generic9.BHWU
Trojan Obfuscated mu
virtumonde.dll
Thanks,
New