|
netwerk23 posted:I was coming in here to post this exact poo poo. AntivirusXP or 2008 or 2009 or whatever variant, it's a pain in the rear end. Malwarebytes from Safe Mode can kill it, the last one I had was super embedded and required that ComboFix utility, which was a godsend. I think Spyware Guard 2008 is a cousin of this, embeds itself real deep into the system and will actively prevent Malwarebytes (and any antivirus, or anti-spyware, and it even blocks websites telling you how to get rid of it) from running, even in safe mode. Took me two hours of cursing and gnashing of teeth to finally stumble across ComboFix. God bless that little program.
|
# ¿ Dec 13, 2008 18:32 |
|
|
# ¿ Apr 26, 2024 18:13 |
|
Just dealt with an insidious little bastard that I wouldn't of found without GMER. My mother was complaining of her computer acting funny; certain links on yahoo.com wouldn't work, occasional redirects when clicking on google search results, little things that I would of figured to be quirks in her aging computer and issues with the website, not her computer. Except cmd and regedit would crash explorer if I tried to run them. Malwarebytes and SUPERAntiSpyware didn't find anything. Through GMER I found two things in the registry that raised suspicion: a dll in AppInit that shouldn't be there (turned out not to be the issue, the dll didn't exist anyway) and an entry in Drivers32. The "aux" keyword was pointing to "C:\WINDOWS\System32\..\rpc.smv". That turned out to be the culprit. Anybody know what it was? Google doesn't give any relevant results on a search for rpc.smv.
|
# ¿ May 3, 2009 20:22 |