Had a customer come to me after getting an infection via a Facebook malware spamming application. Quite a tricky problem to resolve!
BitDefender found 8 infections which were cleaned. Problem persisted. Spybot S&D found another 658 problems, which were fixed. Problem still there! Malwarebytes from bleeping computer finally resolved the issues but unfortunately left another problem in their place.
Rundll32.exe was no longer registered, meaning many programs and controls wouldn't load. Eventually fixed the problem using a registry file from Doug Knox, which reassociated all the vital system executables and allowed all programs to load once more.
There are a couple of things of note here.
1. Safe mode ain't so safe any more! Even in safe mode, the infections appeared just after Windows had finished loading.
2. Fixing and deleting the "issues" that your scanners find, will not necessarily be the end of your troubles.
3. This was a fully patched Windows installation with up to date AV software and it still became infected. Those malware writers are getting better and better.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment