1

Can anyone help with the method to get rid of a varient of the “Antivirus XP 2008” rogue software. It is called “Virus Response Lab”. I have tried just about everything. All portions of the program were removed including the registry. I looked up multiple website for research. I need some help.

Also, has anyone heard pf roguefix. I haven’t tried this yet. Can anyone recommend it? The website is http://www.internetinspiration.co.uk/roguefix.htm#uninstall

Thanks so much.

2 Spice ups
2

I have had success recently with superantispyware it reminds me of GIANT before it got bought out. Try it on for size, I am guessing there are some hidden files you are not seeing.

3

Does this one display a message on your desktop background?

4

No. It keeps flashing a message in the lower right about a security alert. If I click on it (left or right), it tries to open the “Virus Response Lab”. The icon flashes back and forth between a red cicle with a white X and a blue circle with a white question mark. The red circle is common, but not flashing back and forth like this.

5

I’d recommend Malwarebyte’s AntiMalware as many others have talked about in similar threads. I’ve used it several times now and it got everything on the first scan.

6

Try this link. I’d never heard of it until last week but it really gets to grips with anything. The machine I had was riddled with viruses and malware. This little MS tool sorted and speeded up the system.

http://onecare.live.com/site/en-gb/default.htm

I suppose if you are in the states you may need to replace en-gb with en-us?

As far as I know it should work the same in either country, but you know Microsoft…

7

The Malwarebyte has become my new antispyware. It took care of the problem with one scan where so many others could not. Thanks for all who responded.

8

SuperAntiSpyware Home Edition.

Sounds lame, but it does work wonders.

9

I had this one too and Malwarebytes Free: Free Antivirus 2024 | 100% Free & Easy Install was the only one that cleaned it. Of course, I also used the preverbial spybot S&D and Ad-aware Pro…which both found stuff too.

10

oh, and BigTimmy, the AntiVirus 2008 I had did change the background.

11

I had to fix this for a friend (the one which changes the desktop) and the tool I used (I can’t remeber the name) no one mentioned here. I will try malwarebyte next time.

12

Saw some info about this post on El Reg a couple weeks ago… Fascinating stuff. I dug up the article for you here. It’s a full forensic analysis.

13

In my experience this infection can be quite a little bugger. You need to get all traces of the infection or it simply reinstalls itself over a short period of time.

My favorite tools for this infection which is a smitfraud_C vairant are as follows in no particualr order.

Vundo Fix, Smitfraud Fix, Smitrem, RogueRemover (free edition), Malwarebytes anti malware (free edition) I also run HijackThis and CCleaner as a follow up.

I run these tools in safe mode after installation. This both disallows some of the processes running in the background and as a by product speeds up the scan times.

14

This sounds about right. You need to throw everything at it as fast as you can. Wondering if its worth trying to Boot PE and run these tools?

15

PE’s are a great way to ensure you can delete a file and also ensures if the system has a rootkit, you can see the directories and files it tries to hide…granted you still have to find them.

I figured I’d just share a google trends screenshot so you get an idea of how prevalent this particular rogue has been. Then check out my other post on rogue analysis with google trends if you have a second…

http://community.spiceworks.com/topic/25350

Virus_Response_Lab.JPG
Virus_Response_Lab.JPG937×521 44.8 KB