Had an issue a couple days ago. Rainmeter started using 100% CPU for no apparent reason. After running both Malwarebytes and SuperAntiSpyware, I found "pup.bundleinstaller.dl" and successfully removed it.
Today, had continued trouble. Taking these extra steps...
1. Ran Marwarebytes again...pup.bundleinstaller was back...it had hidden in a system restore file.
2. Deleted all system restore points
3. Uninstalled rainmeter and deleted all associated files
4. Ran both Malwarebytes and Antispyware...caught one remaining copy.
Everything seems fine, although Windows Explorer is very sluggish, but that's been coming on for weeks. Could be related? All this raises my suspicions of something else.
I had a copy of Combofix in a folder on my C Drive from an issue over a year ago. While searching through the files, I noticed that the Combofix folder no longer registers as a folder by Windows Explorer, and it's view duplicates the "My Computer" view (C Drive, My Documents, etc). TO BE CLEAR..I did not run Combofix (couldn't get to it, even if I wanted to). I've attached a screenshot.
I would guess that a virus or malware of some kind would be responsible for "hiding" the Combofix files, but can't find anything. I have run the DDS and GMER in preparation, and to see if I could spot anything.
Does this alarm anyone else or is there a simple explanation?
IBM Pentium D 2.88GHz
2.98 Gb Ram
Windows XP v.2002
Picture URL: https://ssl-proxy-updated.herokuapp.com/ffa02d6d6abe998fd3e7e65eb5075c3383e60ee1/687474703a2f2f646c2e64726f70626f782e636f6d2f752f32333730333337302f5468656d65732f4578706c6f726572253230342e312e6a7067/
Edited by Dibleyman, 01 April 2012 - 05:29 AM.