Antivirus 2008/9

V

Voicysaurous

Expert Member
Joined
Aug 15, 2008
Messages
1,204
Reaction score
0
Location
Slummies
So then a work colleague's machine popped up with Antivirus 2009 telling him he has a meelion infections.

Turns out "antivirus 2009" with it's pretty windows logo is a virus itself, prompting users for credit card info etc.

So we took it off but this morning "antivirus 2008" appeared on the pc. I've taken out the msconfig startups and the folders they refer to, but I cannot seem to get rid of the following file:

c:\windows\system32\oumulked.dll (and a few of his friends)

In msconfig, oumulked pops up under Rundll32.exe even if I disable it (obviously rundll32 makes it start up again)

Any idea how I can get rid of this? Or perhaps edit rundll32.exe to stop it from launching said virus?
 
HavocXphere said:
Get rid of it...its not an Anti-virus, its a scam. You'll have to google for instructions cause it can't be removed easily.

Install Avast or something real.
Click to expand...

*sigh*

That's exactly what I'm trying to do. Obviously it's a scam... hence the credit card details fishing.

I've found the source, I just want to know HOW to fix it. Thanks for your reply, but "google it" is not an answer. The creator was rather clever in naming it that since every anti-virus program out there will have a 2008 / 2009 release.

Besides, this is an office environment. We run trend. If it was my home machine it would've had avast on it (as I've had for the last 4 years)



Again ... any help on how to edit the rundll32.exe to remove this "oumulked.dll" ?
 
Sorry about the confusion.

Anyway if you're struggling to delete the a file then download a prog called killbox....it can delete *anything* irrespective of whether the file is in use or whatever.

You can also change the permissions on the Run reg key so that it can only be read, but not written to....but thats a band-aid fix.
 
Sweet, thanks mate.

Giving killbox a try - also busy pulling roguefix from one of those forums.

Libs - ye they're crafty buggers - they even made the icons the same as XP's SP2 icons to make it look authentic. *Although Personally, I'd prefer to have this on my pc than norton antivirus. :D
 
Last edited:
Sux ... seems the lame spyware is back :/ Not the same prevailing message, but it still launches a .dll file via rundll everytime I boot the pc.

Anyone know of a quick too to clean this out?
 
smitfraudfix
hijackthis

Should nip this bugger in the butt
 
Voicysaurous said:
So then a work colleague's machine popped up with Antivirus 2009 telling him he has a meelion infections.

Turns out "antivirus 2009" with it's pretty windows logo is a virus itself, prompting users for credit card info etc.

So we took it off but this morning "antivirus 2008" appeared on the pc. I've taken out the msconfig startups and the folders they refer to, but I cannot seem to get rid of the following file:

c:\windows\system32\oumulked.dll (and a few of his friends)

In msconfig, oumulked pops up under Rundll32.exe even if I disable it (obviously rundll32 makes it start up again)

Any idea how I can get rid of this? Or perhaps edit rundll32.exe to stop it from launching said virus?
Click to expand...
afaik there is a .dll file in the temp folder that replicates all the time no matter what you do,i feel for you as i know of these and the only way is advanced hijackthis tutorials on the net.
 
Smitfraudfix and hijackthis gets rid of it simply enough....
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X