SuperJediMedia Posted October 2, 2012 Share Posted October 2, 2012 WOW I got infected with this virus. I used Malwarebyte to remove it, but now Microsoft Security Essentials won't update, and Windows Firewall won't load. It's a nasty virus, but are these solutions to fix this, besides go for the easy 'restore' option which I am not usually fond of doing too much? Link to comment Share on other sites More sharing options...
+Warwagon MVC Posted October 2, 2012 MVC Share Posted October 2, 2012 Because you were infected it's a pretty good guess you have some vulnerability lurking on your system, whether via Java, Flash, Adobe reader Windows and the list goes on, although my money is on Java. I'd format and then just remember to do your updates and keep your 3rd party up to date as well. I would personally recommend patchmypc. Set it up in the task scheduler with the patchmypc.exe /s option. This way every day patchmypc will run and keep your 3rd party application current and safe. That's how I have mine setup. I would also recommended keeping your internet activity sandboxed using sandboxie, this is something I also use. . Link to comment Share on other sites More sharing options...
goretsky Supervisor Posted October 3, 2012 Supervisor Share Posted October 3, 2012 Hello, The symptoms you report sound similar to a Win32.Daonol infection. Perhaps you had more than one infection? Here is a free standalone cleaner that removes the malware/repairs some of the damage caused by it: http://kb.eset.com/esetkb/index?page=content&id=SOLN2279&locale=en_EN&option=en_EN Regards, Aryeh Goretsky Link to comment Share on other sites More sharing options...
gdodson Posted October 3, 2012 Share Posted October 3, 2012 Which version of Windows are you running? If you open Windows Update (Vista or 7) and it says "(null)" at the bottom you can run this Windows Update Fixit and select aggressive repair. If some programs will not run there are likely Image File Execution Options (IFEOs) that have been set. To remove these, open regedit and navigate to "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options" and delete the subkeys found there. More info on IFEOs here. If you go to start > run and enter services.msc and scroll down to "Windows Firewall," you can right click it and attempt to start the service. If you receive error code 5 then the MpsSvc key in the registry has incorrect permissions and will need to be replaced. Link to comment Share on other sites More sharing options...
Recommended Posts