winupdate went undetected, removed manually, but still lingers.

Discussion in 'Malware Help (A Specialist Will Reply)' started by dansolomon, Jan 18, 2008.

  1. dansolomon

    dansolomon Private E-2

    That's the short of it, right there in the subject. Winupdate.exe found its way onto my computer. It's mostly new, and had no problems until very recently- then it started having virtual memory errors, and not turning off after shutting down WindowsXP (it would just linger on the desktop background, with the cursor active, but no icons or taskbar). I did a manual shut-off, rebooted, and suddenly Firefox wouldn't open, either. I used Internet Explorer to download a whole host of anti-virus stuff- AVG, Spybot, Adaware, the 15-day trial of Norton 360, Hijack This, a registry-fixer program, and none of them found anything out of the ordinary, except a few tracking cookies. I downloaded a startup management program, and found that winupdate.exe- the one affiliated with the "DRam prosessor(sic)" was running, and when I tried to close/kill it, it just restarted instantly.

    Eventually I found the entries by searching manually in my registry, and deleted them. The startup program closed them, and they stayed closed, and no longer appear on the list, even after a number of reboots.

    Now, however, I'm still having virtual memory problems, and Windows still fails to shut down properly. Firefox didn't start working again until I uninstalled it, reinstalled it, and opened it for the first time in Firefox's safe mode. It's since working properly again.

    I'm troubled now because I have no idea if the problem is really fixed, or even entirely if that's what the problem truly was. Since none of the anti-virus or anti-spyware programs I installed found anything, I'm suspicious that perhaps the problem could still exist and they're just failing to detect it again.

    To be fair, I hadn't installed Norton or Hijack This before I deleted the registry keys affiliated with winupdate.exe, but Spybot, Adaware, and AVG all come up empty, and continue to. But since the computer's not back to its old self again yet, I don't know how to figure out if there's still a problem.

    Anyone have any ideas?

    Thanks!

    --d
     
    dansolomon, Jan 18, 2008
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    Unless you are an expert in malware removal and also in the Windows registry, you should not be deleting things on your own as you could potentially make the PC unbootable. And the problems you are having no could be due to what you have been doing in the registry. Perhaps you should just do a system restore to a point before you started playing in the regisrty.

    Are you still having malware problems? (Note: Virtual memory problems are not necessarily malware related.) If yes, please follow the instructions in the below link and attach the requested logs when you finish these instructions.

    READ & RUN ME FIRST. Malware Removal Guide
     
    chaslang, Jan 19, 2008
    #2

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds