I posted here yesterday that my Windows Update service would not
restart and would always stay disabled.
I had scaned for malware, trojans, etc and really hadn't found
anything until I tried Spybot - that found I had the Virtumonde trojan
- its very, very nasty - adds randomly named .dll's to your system32
folder and makesthen run under rundll32. Once they start you can't
stop them or delete them as they are in use.
I followed suggests on a website that lead me to Spyware Doctor - got
very, very high ratings and reviews from all the PC websites and was
one of the only ones that was said to really detect and delete this
one, plus it has low profile real time protection.
for $29.95 (the free one won't clean anything) - and running a few
scans (in safe mode) and making sure I could view all hidden files
plus system files - I manually went into system32 and deleted any dll,
exe or ini or ini2 file with random names like gjutyj.dll or
uodkfjgk.exe.
I also used Hijack this to get rid of any of those random named
registy entries.
I than ran spybot and spyware doctor to make sure i was squeaky clean
- then I rebooted back to normal mode.
First off I check the system32 folder to make sure I got no random
named files (as it will regenerate files and it hooks into
explorer.exe and is a bitch to get rid of - it even disabled task
manager!).
There were no more randomly generated files!
Then the big test - went back to Automatic Updates tab - clicked turn
on Auto Updates and BAM - service started and is running! No more red
shield Icon.
|
Similar Threads
Linear Mode
