Win32/Cryptor
PSW.Generic7.BSO
Downloader.Zlob_r.EX
Constructor.DER
I have been able to remove most of them but there is something still on my system that keeps returning. There is a .DLL file in my Windows root that has a dynamic name every time the infection comes back. It’s currently calling itself ilegarorohugewu.dll. This is related to a registry entry
O4 - HKLM\..\Run: [Rselixudumos] rundll32.exe "C:\WINDOWS\ilegarorohugewu.dll",e
Anyone have a clue what this is and how I can get rid of it.
Malwarebites is the only scanner that sees it but it always comes back after reboot. MB is calling it Trojan.Agent but I can’t find what is loading it back everytime.
I’m still getting an occasional search engine redirect
John