0 Replies Latest reply on Jun 28, 2011 3:27 PM by oliver02

    Windows system registery has been updated and running multiple rundll32.exe

      Hi all

       

      About two days ago, I downloaded a skin for Rainmeter (it was a .exe... I still wonder why I clicked on Execute) and since then, I'm being redirected to fishy websites and I can see in the Processes List that I'm running three Rundll32.exe (one of them is obviously a windows file because I'm allowed to  open the file location) . I know for sure that the malware modified some files in the System32 directory because after installing the skin, my system did a reboot and started to update this directory.

       

      I tried to reinstall Windows and using system recovery, but the virus is always preventing me from completing the whole process.

       

      So far, I tried to use those softwares, but none of them are able to detect the malware:

       

      • GetSusp 3.0.0.126
      • Stinger
      • Microsoft Windows Defender (can't enable it)
      • Malwarebytes Anti-Malware 1.51.0
      • McAfee
      • SuperAntiSpyware

       

      on 28/06/11 15:27:23 CDT