Help dealing with a virus

Discussion in 'Gaming and Software' started by Silent_Scope, Oct 17, 2008.

Welcome to the Army Rumour Service, ARRSE

The UK's largest and busiest UNofficial military website.

The heart of the site is the forum area, including:

  1. On the older computer in the house, my brother managed to install 'Virus Response Lab 2009' along with many other Trojans and the like.

    Getting rid of the main part (VRL 09) was easy enough, but the trojans and many other programs simply keep replicating themselves after deletion, does anyone have any ideas to how I can sort this (without re-formatting) out once and for all?

    I'll add the details of the main Trojan soon; It was in WINDOWS/System32 then it had created a new folder 67_____ and in it the troublesome .dll file.
  2. Well, seems obvious by I always asked, have you switched system restore off?? A lot of the buggers like to hide in their, so just install themselves again after a reboot
  3. Not obvious to me, I thought system restore had to be manually activated once the system is already booted up?

    Oh, and I keep deleting one of the trojan .dll files (while looking in the folder) and it just re-appears straight away, as if another file re-writes it. Renaming doesn't work either.
  4. FWIW, I've used PCTools Spyware Doctor with AntiVirus - does an excellent job. Another variant is Threat Fire - also works well and will root out the buggers in short order.
  5. I'm pretty limited to free anti-virus, Spyware Docter found every file in quick time, but then wanted me to pay to get rid of them. I'll give Threat Fire a try.
  6. Spybot link

    And turn of systems restore 1st
  7. Backup all your files except your windows folder then once you've backed them all up. Insert your XP disk and re-install windows hopefully it should fix it. If its installed into your program files then your going to have to get rid of your program files; in other words format it.
  8. BiscuitsAB

    BiscuitsAB LE Moderator

    I've always used AVG it might help.
  9. start windows in safe mode - delete problem file.
    Try hijack this - free download
  10. Just got rid of nasty with MALWAREBYTES ANTI-MALWARE its free and backup is free
    I didnt need backup it was located and removed completely Also has blogspot for help and understanding
    diferent virus etc
  11. It is in the program files, still, i'll try the other options before formatting it.
  12. msr

    msr LE

  13. combofix link combofix

    run it in safe mode
  14. Looks like it's gone now, manually searched through system32 and all the files which were part of the virus are now gone.

    Malaware, AVG8 and ad-aware seemed to do the job nicely, although Malaware found most of them (54 files...).

    Thanks for the help guys :)
  15. msr

    msr LE

    Interesting. I've not seen this one before.