Jump to content
  • 0

Resolved - RunDLL Error

Morton

Asked by Morton,

 Share

Question

Morton Forum Blow-Up Doll

Morton

Posted
Posted (edited)

Name:Morton, Phil

Rank: GySgt.

Type of issue: Software

Brief Description of Issue: I was recently attacked by the MoneyPak FBI Scam Virus, the one that locks up your PC with some bullshit that says your viewing child porn or animal porn and need to pay $x to not go to jail. After I removed it I kept getting ACMON.EXE errors so I searched online and found a cure by deleting ASUS Splendid Video Service. Then I reboot my PC, my AV (Microsolf security essentials) goes batshit insane and catches another Trojen.exe and removes it. Now when I boot up my PC I keep getting a Run DLL error, which I took a screen shot of to help identify. My google fu has failed me in finding a cure so I turn to my Radier Docs. post-1609-1372299778_thumb.png

Edit: I started a full system scan of Malwarebytes. Hopefully it can find something. If not I'll let you know.

Edit 2: I've also noticed a lot more pop ups when I'm browsing the net.

***Medical Supply Staff ONLY Below this line***

Current Status: Resolved

Main Technician:

Supporting Technician:

Edited by Holland 1st MRB

3 answers to this question

Recommended Posts

  • 0
Lafy BAR Forum Acolyte

Lafy BAR

Posted
Posted

That error is because something is trying to run a virus and can't find it because it's been removed by you or your antivirus.

If you're comfortable poking around in your registry, i would suggest a quick search for "suxpyrp" to see if you can find where it's being launched from...

The likely locations are

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce

the wow.dll and that bit of random text, and a path to rundll, would be in the data column.

If you find an entry for that wow.dll in one of those folders, you can safely delete that entry,

If it's in the RunOnce folder then you still have a virus, or it would have gone away after a reboot.

  • 0
Morton Forum Blow-Up Doll

Morton

Posted
  • Author
Posted (edited)

A buddy recommended that I try AVG 2013, so i downloaded it and got a month free trail. After one scan it found this little fucker who looks familiar. Trojan horse Crypt_s.BFL, C:\Users\Caboose\AppData\Local\Temp\stievrb\suxpyrp\wow64.dll. So after a quick reboot to check it out, everything looks good to go. So case closed.

It dose make me wonder why MSE didn't find it.

Edited by Morton 1st MRB

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to question listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...