b.exe, and virus remover 2008 (virus)

This virus called (virus remover 2008) installed the following executable that I can’t get rid of.

b.exe

…which I can see in my system processes (in Task Manager). It also installed an icon in my windows system tray which periodically activates on its own saying that I have a security problem, then tries to launch a system scan automatically. If given a chance to activate, it creates major havoc for you and your computer.

Ending the process in Task Manager only works for a few minutes. It automatically starts back up again.

Updating Avast database and running a scan did not identify any viruses on my computer, yet it IS there. I also ran Spybot and Ad-aware, which were also unsuccessful in locating any malware/trojans etc.

Does anyone know how to get rid of this virus?

Thanks a bunch!
Greg T.

:slight_smile: Hi :

You do NOT have a “virus”, but what the malware-fighting “community” calls
a “Rogue” ; the PRIMARY program used against this is the FREE Malwarebytes
Anti-Malware from www.malwarebytes.org/mbam.php .

Spiritsongs,

I owe you… BIG-time !!!

I downloaded the www.malwarebytes.org/mbam.php and it found the “rogue” which nothing else I tried was able to.

Thank you (very much) for saving my arse.

~Greg

To be sure you’re clean, I suggest:

  1. Clean your temporary files.
  2. Schedule a boot time scanning with avast with archive scanning turned on. If avast does not detect it, you can try DrWeb CureIT! instead.
  3. Use SUPERantispyware, MBAM or Spyware Terminator to scan for spywares and trojans. If any infection is detected, better and safer is send the file to Quarantine than to simple delete than.
  4. Test your machine with anti-rootkit applications. I suggest avast! antirootkit or Trend Micro RootkitBuster.
  5. Make a HijackThis log to post here or this analysis site. Or even submit the RunScanner log to to on-line analysis.
  6. Disable System Restore and then reenable it again.
  7. Immunize your system with SpywareBlaster or Windows Advanced Care.
  8. Check if you have insecure applications with Secunia Software Inspector.

how do we do a startup scan?..i cant seem to find it?

If by start-up scan you meen item 2. boot-time scan, then - If you have XP, vista32bit or Win2k, you could enable a boot time scan. Right click the avast icon, select Start avast! Antivirus, a memory scan will take place followed by the opening of the Simple User Interface, Menu, ‘Schedule boot-time scan…’ Or see http://www.digitalred.com/avast-boot-time.php.