I'm infected with the W32.Badtrans.B@mm virus... I don't know how I got it, but Norton Ant-Virus 2001 tells me so. :confused: It says that I can quarantine the files it infects, which is KDLL.DLL... also I can delete that, it says. But when I see .DLL extension, I think, "VERY BAD" because as far as I know, that is windows core code, is it not? I have a question then... if I go through with this deleting the file, does Norton restore it to its original state? What do you recommend I should do? I am thinking about reformatting... but how do I ghost all the stuff that I want? I've heard of "ghosting" but I don't know how to do it! Help me please!

Don't think that is a sys file, i don't have it on my comp.

Let nav quarantine the file :D


Then do a full scan of your drives. Ghosting is simalar to backing up your hard disk, it takes an image a puts it on a different hard disk or another comp, or backup media.

If norton clears your harddisk up after the scan you shouldn't need to reformat

Norton says it is "unable to repair" it. And after I try and quarantine it, it recommends that I delete it... should I go ahead and delete it?

... It drops keyboard hooker with KDLL.DLL name and sends stolen info to an email
address at Hotmail. The log info is stored in Windows system directory.

By all means, if it's not in quaranteen, put it there and then delete it. It is not a system .dll.

"Unable to delete file kdll.dll"

"Unable to quarantine file kdll.dll"

Oh damn..... I don't know what to do now. :mad:

Thanks Norton Anti-Virus, you're a lot of help.:confused:

If you haven't already read the removal instructions, I would suggest you take a look.

http://www.symantec.com/avcenter/venc/data/w32.badtrans.b@mm.html

Originally posted by The_Ryz_Factor
"Unable to delete file kdll.dll"

"Unable to quarantine file kdll.dll"

Oh damn..... I don't know what to do now. :mad:

Thanks Norton Anti-Virus, you're a lot of help.:confused:

You may have to start in safe mode to get rid of the .dll or else it is registered in the registry. Check those removal instructions out and procedd from there. That thing sucks, trying to get rid of it. :(

http://securityresponse.symantec.com/avcenter/venc/data/w32.badtrans.b@mm.removal.tool.html
Try the removal tool and see if it doesn't get you all cleaned up, then check the other registry entries out!