A pals computer came down with a nasty virus, a nasty little piece of software that presents its self as an anti virus program informing you that your system is teaming with viruses / badware and very kindly offers to remove them for a fee. These types of viruses are know as rouge scanners. The program went by the name of VirusResponse Lab 2009 and essentially takes over the host computer, intefering with the internet connection and incessantly nagging you with a window that asks you to register and pay for the program. Problem is that this nasty piece of work doesn’t do jack shite as far as virus removal and it has been reported that people who have actually ponied up their credit card number to pay for it have been hit with multiple fraudlent charges and that the program still keeps on reporting that your system is about to to go Super Nova.
The fight begins – Norton does jack shite!
My pal initially installed the old tried and tested Norton Anti Virus 2008. First off we didn’t have an internet connection so the program was pretty much useless. We eventually managed to get connect to the interwebs, updated the virus definitions but nuffin! Rebooted and the Virus Response Lab 2009 appeared in all it’s glory. This was starting to get personal! From past dealings with windoze I recalled a great little app called SpyBot Search and Destroy, free and quite effective. So download this we did and after literally 2 hours of letting it do its thing we got the same nasty appearing window proclaiming the sky was about to fall on our heads. Loading Spybot did do something as we were able to update IE6 to IE7 but after reboot VirusResponse was still around but it was somewhat easy to kill by doing a CTRL-ATL-DEL and killing it off from the task list.
Still not fixed but the quest to kill Virus Response Lab 2009 continues
After some googling I came across an article on Bill Mullins’ Weblog describing our pal, VirusResponse Lab 2009 and also listing some free programs that could supposidely remove it. I download a little program called Rouge Fix and it launched an antiquated dos batch file but after it ran and rebooted the poor machine we were finally rid of the bastard. According to Rouge Fix: ” USe Roguefix detection and removal script to clean computers with the Windows XP operating system that are infected with fake security warnings from a family of rogue scanners, Desktop/Homepage hijackers, their installing/accompanying trojans and ‘partner’ programs.”
Dead at last!
So after literally hours and hours of messin with the computer we were back in the proverbially XP saddle. I’m not exactly sure how we removed the nasty but Norton appeared to be useless, and SpyBot SD didn’t appear to do shite either. So perhaps we should of done some more research first and I did notice that the XP was using service pack 2 not 3 but the moral of the story is …… well, being a Mac Fan Boy all I can say it get a bloody Macbook with a copy of Parallels and XP home from Newegg.
Summary
So after trying Spybot SD, Rouge Fix Virus Response Lab 2009 Remove Tool did the job. If that doesn’t do the job for you then you can also try Bleeping Computer, SmitFraudFix and MalwareBytes . Good luck, cos you’re gonna need it and let’s hope you have an easier time getting rid of this nasty than I did.