Hello everyone,
I have a Windows 7/Windows XP Professional dual-boot. Every time I run Windows 7 (starting yesterday), several of the following happen:
- BitDefender says it has blocked "Trojan.Generic.4478506" accessed by "explorer.exe", the location being "herzogdat.info/rp020832.exe"
- BitDefender says it has blocked "Trojan.Generic.KD.28072" accessed by "explorer.exe", the location being "174.139.92.250/pr.exe"
- BitDefender says it has blocked "Trojan.Generic.KD.26743" accessed by "explorer.exe", the location being "bedayton.com/loaderadv600.exe"
- It says "BitDefender has blocked a potentially malicious or infected application.
95445.exe
Application:
C:\Users\Ceru\AppData\Local\Temp\95445.exe" (the name of the file isn't always the same)
- I get an error message titled "16 bit MS-DOS Subsystem" that says "C:\Users\Ceru\AppData\Local\Temp\7356.exe
The NTVDM CPU has encountered an illegal instruction.
CS:057d IP:fff9 OP:ff 7d 05 02 19 Choose 'Close' to terminate the application."
- I get a dialog box, the Properties window of a file called "vsbntlo" (see attachment for screenshot):
- Norton 360 (which I installed after these problems manifested, hoping it might help me solve them) says "AutoProtect blocked security risk Backdoor.Trojan"
- Norton 360 says "AutoProtect blocked security risk Backdoor.Tidserv!gen5"
- Norton 360 says "AutoProtect blocked security risk W32.Pilleuz"
- Norton 360 says "SONAR has removed security risk ohydy.exe. Your computer is secure"
- At some point the process ntvdm.exe starts taking up lots of CPU power, pumping CPU Usage to 100% (doesn't seem to happen anymore)
(The Norton 360 items also happen after some time has already passed since the OS started)
A BitDefender scan doesn't turn up anything, however. I also ran a Norton Antivirus scan from Windows XP; it detected one file (called "keytro.exe"), but after quarantine'ing it the problems still continue.
What do I do? Please help!
