M
M Skabialka
In trying to get rid of spyware called WinFixer or Virtumonde I have tracked
it down to a file on the PC called:
C:\WINDOWS\$N72CA~1\bak.dll
This folder is also the $NtUninstallKB896727$ folder.
If I uninstall the Microsoft patch 896727 the spyware goes away. If I
download it again from Microsoft and reinstall it, it comes back. The date
on it is 28 Aug 05.
Has Microsoft started sending out an infected file?
I am unable to remove this spyware with everything I have found at
majorgeeks.com, short of doing the Hijack this report. Under Safe mode with
command prompt I cannot get to the folder.
cd\windows
cd $N72CA~1
The system cannot find the path specified.
Under safe mode or normal mode I can get to the folder the cannot delete the
file because it is in use.
When I uninstall KB896727 I get a message that many programs (including
anti-virus ones) will no longer run, which is why I reinstalled it.
I have spent two days now trying everything under the sun to clear this
monster from this machine.
Please help,
Thanks,
Mich
it down to a file on the PC called:
C:\WINDOWS\$N72CA~1\bak.dll
This folder is also the $NtUninstallKB896727$ folder.
If I uninstall the Microsoft patch 896727 the spyware goes away. If I
download it again from Microsoft and reinstall it, it comes back. The date
on it is 28 Aug 05.
Has Microsoft started sending out an infected file?
I am unable to remove this spyware with everything I have found at
majorgeeks.com, short of doing the Hijack this report. Under Safe mode with
command prompt I cannot get to the folder.
cd\windows
cd $N72CA~1
The system cannot find the path specified.
Under safe mode or normal mode I can get to the folder the cannot delete the
file because it is in use.
When I uninstall KB896727 I get a message that many programs (including
anti-virus ones) will no longer run, which is why I reinstalled it.
I have spent two days now trying everything under the sun to clear this
monster from this machine.
Please help,
Thanks,
Mich