My family friends computer recently was attacked by a fierce little virus which I had to manually remove by using a couple different problems which are not related to av software.

This virus made BD AV 2008 completly usless. Disabled all scanning engines and would not let you re-enable them. Some windows for BD would also come up blank when you tried to re-configure BD.

I was able to run the manual scan for BD 2008 though and cleaned out alot of junk. Only two things though were virus related, atleast that I could see.

The main files were, and the reg address;

fcmfzy.dll
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS\APPINIT_DLLS

tuvvclri.dll - Loaded in Explore.exe, Winlogon
HKLM\SOFTWARE\MICROSOFT\WINDOWS NH\CURRENTVERSION\WINLOGON\NOTIFY

hgvvonfy.dll - Loaded in Explore.exe, Winlogon (If I remember)
HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\LSA\AUTORUNSDISABLED\AUTHENTICATION PACKAGES - (I don't know if this reg address was after or before I deleted and disabled the file multiple times using a program called AUTORUNS.

I did not save these files as I had to remove them using "Unlocker". A neat problem that helps that "ERROR, FILE IN USE" problem.

This virus would not allow windows to boot. Windows would load to a certain point, just before logon screen. It would produce a black screen with just the sight of the mouse and it wouldn't go any further. Safe mode did the same.

Reverting to last known good configuration helped get me into windows but the virus still had a hand on everything.

I figured I would let BD know so that they can make BD a bit more immune to these hard attacks

Justin -