Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

A Couple Or Three Easy General Questions Re: Malware Removal Process


  • This topic is locked This topic is locked
1 reply to this topic

#1 tagman

tagman

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:46 AM

Posted 29 October 2006 - 12:38 PM

A little background:
I have a Win98 system with 5 users. 6, if you count the default user (click on cancel at the Windows Login dialog box). When I found I was infected the other day, I manually cleaned up my PC while logged in as a user. Or so I thought. I then logged in under the users to make sure it was clean. I found other malware on these logins, and now the one I thought I had cleaned up is re-infected. Also, sometimes I get a lot of "rundll32 has performed an illegal operation" errors, sometimes I get none. Periodically, I restore rundll32.exe from the CAB files, which seems to help for awhile. But then it comes back. I am now trying to work through the guide before posting HijackThis logs.

Questions:
1. Do I have to go through the malware removal cycle (scan, post HijackThis logs, etc.) for each of these users?

2. Should the scans such as Ad-Aware, Spybot, SuperAntiSpyware, etc. be run all in safe mode, or logged in as a user?

3. Are the rundll32 errors caused by malware?

Thanks,

Tim

BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,111 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:46 AM

Posted 29 October 2006 - 01:01 PM

I have already replied to you here. If you have additional questions related to the thread you already started, please confine them there. Posting a new thread for each question is confusing and makes it harder to provide the assistance you may need.

Thanks for your cooperation. I am closing this thread.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users