So as I’ve now run this thing -
Firstly how can I identify exactly what virus I now have (I can to my site if needed).
Secondly how the hell do I go about removing it.
First you can make a online scan ( for example http://www.kaspersky.com/virusscanner) and to see which files are infected.
Second if the scanner find a virus that is not detected by avast! you can send that file to Alwil and they will add it to the VPS
If you have such files send them to virus[at]avast[dot]com in password protected archive( usually the password is “virus”) and in the mail body write some info
And if you want you can make a scan with A2 - http://www.emsisoft.com/en/ - it’s a very useful program for removing malwares
Scan Statistics:
Total number of scanned objects: 8467
Number of viruses found: 1
Number of infected objects: 2
Number of suspicious objects: 0
Duration of the scan process: 228 sec
Infected Object Name - Virus Name
C:\WINDOWS\system32\ssrms.exe Infected: Backdoor.Win32.Breplibot.h
C:\WINDOWS\SysWOW64\ssrms.exe Infected: Backdoor.Win32.Breplibot.h
I found another virus (or maybe a malware) called amsn. Is an executable placed in the windows\system32 directory.
I had to remeve it manually with the DOS prompt.
The virus went unnoticed by avast home scanner 4.6 and was revealed by startup patrol because it refused to cancel.
Ever heard of it? I think it is a trojan.
Ooh Boy, oh boy, this is exciting…a malware from Sony rootkit already,
Mr. richkoopa, with that possibility of a backdoor, are you feeling weird already about your computer, you know those so called blackhat hackers won’t turn away from this chance, have you prepared for such attacks…?