Trojan.vundo.dsq

JPE1965
JPE1965
in Malware talk

Hello,


BitDefender said me that the file c:\window\system32\ddcyxus.dll is infected by the Trojan.vundo.DSQ virus.


I also received the following message :


During a scan of files at system startup, potentital errors in the system registry were found p-07-0100 irql: 1f SYSVER 0xff00024


NT_Kernel error 1256


KMODE_EXCEPTION_NOT HANDLED


Moreover, 2 new icons appeared on the desktop :


- Help and Support Center


- Windows Update


If I try to suprress the icon, BD said that explorer.Exe tries to connect to internet.


Of cours, I don't agree and, the icons reappears.


I also got the error :


A potential problem has been detected and windows has been shutdown buggy application to prevent damage to your computer.


****WXYZ.SYS - Address F73120AE base at C000000, datestamp 36b072A3 Kernel debugger using: COM2(port 0x28f, Baud rate 192000)


What to do?


I didn't find any post about vundo.DSQ !!


Thanks


Jean-Pierre

Comments

  • dendya
    dendya

    I am having the same issues, Pierre. I need help on this as well. Bitdefender finds it, says it has fixed it and yet the problems continue. Add me to the list of people that need assistance here.


    Thanks for posting the original question.


    Al


    Hello,


    BitDefender said me that the file c:\window\system32\ddcyxus.dll is infected by the Trojan.vundo.DSQ virus.


    I also received the following message :


    During a scan of files at system startup, potentital errors in the system registry were found p-07-0100 irql: 1f SYSVER 0xff00024


    NT_Kernel error 1256


    KMODE_EXCEPTION_NOT HANDLED


    Moreover, 2 new icons appeared on the desktop :


    - Help and Support Center


    - Windows Update


    If I try to suprress the icon, BD said that explorer.Exe tries to connect to internet.


    Of cours, I don't agree and, the icons reappears.


    I also got the error :


    A potential problem has been detected and windows has been shutdown buggy application to prevent damage to your computer.


    ****WXYZ.SYS - Address F73120AE base at C000000, datestamp 36b072A3 Kernel debugger using: COM2(port 0x28f, Baud rate 192000)


    What to do?


    I didn't find any post about vundo.DSQ !!


    Thanks


    Jean-Pierre

  • AndreiASM
    AndreiASM

    Hello guys!


    You should follow the instructions here on how to get ride of it. It's a little bit difficult, but this trojans are very nasty and it's very difficult to get ride of them (they load themself under critical processes like winlogon.exe, terminating this process wil result in a system reboot). They can't be removed in an usual way.

All Time Leaders

Categories

Defenders of the month