Holy Virus BATMAN!!

stuman19

Senior member
Jul 13, 2002
815
0
0
I'll try to keep this short....

This lady I know had a lot of spyware and stuff and said her old virus scanner reported she had a trojan virus but could not get rid of it. So, I install adaware SE, MS Beta Spyware, and HIJackThis and ran them. It found plenty of spyware and that was removed. To get rid of the virus I ran AVG Free Edition and during the scan the computer rebooted. Not good I thought. I took it into safe mode and ran a full scan with AVG. It made it through and found A BUNCH of infected files. It said that it healed them all. But, everytime the computer rebooted in normal mode it would get to the GUI and reboot. It would work fine in safe mode so I took out everything in startup but it still came back. The one check that I unchecked came back every time telling me it was the virus. I found the registry key that MSCONFIG reported and deleted it. That did nothing and it came back upon reboot telling me that there were duplicates in the registry. How can I get rid of this sucker?


Summary: Virus is in the registry that makes the computer ALWAYS reboot in normal mode.

The key that was in the registry was:
%systemroot%\system32\Dumprep 0 -k

Is it the dumprep virus?

Thanks for reading,
Stu
 

mechBgon

Super Moderator<br>Elite Member
Oct 31, 1999
30,699
1
0
1) Uninstall AVG and install a free 30-day trial of Kaspersky 5 Personal from http://www.kaspersky.com/trials

2) Disable System Restore

3) Open Kaspersky's panel, go to the Settings tab at the top, and set the real-time and on-demand scanners to Maximum.

4) Download the updates_x folder from Kaspersky's ftp site at <a target=_blank class=ftalternatingbarlinklarge href="ftp://ftp.kaspersky.com">ftp://ftp.kaspersky.com</a>, this is the "special-forces" SuperSecure database for an extra-ruthless scan.

5) In the Settings tab, click Configure Updater and set it to update "from a local folder," and aim it at the updates_x folder. edit: after doing this, right-click the Kaspersky tray icon and have it actually RUN the update.

6) Now you should have System Restore disabled. Reboot into Safe Mode and fire off a full Kaspersky scan.


It would also help if you'd give names of what virus AVG is detecting. Know thy enemy, and all that ;)
 

PurdueRy

Lifer
Nov 12, 2004
13,837
4
0
dump prep isn't always a virus, it come with the auto reboot of windows, not the problem I think. Turn off system restore
 

w00t

Diamond Member
Nov 5, 2004
5,545
0
0
Originally posted by: Squoze213
How do I turn off system restore?

go to system properties ( right cick on my computer than prop. )
click system restore tab and turn it off .




 

Squoze213

Banned
Jan 15, 2005
20
0
0

It would also help if you'd give names of what virus AVG is detecting. Know thy enemy, and all that ;)[/quote]


The AVG Virus Scan detected a bunch of Trojan's like over 200 and they were all the same.
 

mechBgon

Super Moderator<br>Elite Member
Oct 31, 1999
30,699
1
0
Don't bother with any more AVG, use the Kaspersky with the options I described. Specs from av-comparative.org's February shootout:
Windows virus detection:
[*]AntiVir 77%
[*]AVG Pro 82%
[*]Kaspersky 99.7%

Script virus detection:
[*]AntiVir 49%
[*]AVG Pro 31%
[*]Kaspersky 98%

Trojan detection:

[*]AntiVir 80%
[*]AVG Pro 46%
[*]Kaspersky 99%
These are some of the categories, there were more if you want to see: http://www.av-comparatives.org But I think you can see why the 30-day trial of Kaspersky is something I recommend a lot to people trying to bust viruses loose.