trojan ADW_RULEDOR.C

Discussion in 'malware problems & news' started by Glen Rae, Dec 6, 2003.

Thread Status:
Not open for further replies.
  1. Glen Rae

    Glen Rae Guest

    Having found this site by accident, I wondered if someone could help me remove this virus from my machine.
    I have had two virus's one has I thought been successfully removed that was bugbear i used a removal tool for that one . is a tool available for ADW_RULEDOR.C? if not how do I remove it. I have tried following directions from the trend website. then if i scan my system no virus is found. I then leave comp switched on overnight and next morning it has found the virus again and it leaves a message that it cannot be cleaned but has been quarrantined.
    And bugbear is back again.
    I have scanned system again no virus detected. The AWD_RULEDOR.C is listed in C:\system volume information\_restore{DAEDDF
    Bugbear appears the same but diffrent letters on end.
    I run pc-cillin and update pattern files when they come up, but its staring to get a bit annoying that it doesnt stop them coming in in the first place.
    I have tried to use the house call facilities but my comp wont let that display, it wants me to disable settings for activex controls and I am reluctant to do this. any help would be appreciated.
    Also my system seems very slow as well, I have read several postings on your site, but I dont understand some of the actions so I have left well alone. Can you advise if there is any software that will clean my sytem out?

    many thanks

    Glen
     
    Glen Rae, Dec 6, 2003
    #1
  2. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    18,280
    Location:
    New England
    Hi Glen Rae,

    There could be a few different things happening on your system, but let's focus first on the specific files that pc-cillin is alerting you to at the moment. If both of these files are in folders under...

    C:\system volume information\_restore...

    Then these are not new infections, they are simply copies of the previous infections that you've had. That area on your disk is "System Restore" and it saves copies of all kinds of executable files, your system's registry and other things. Virus and Trojan files often get caught in the System Restore area (in places called "restore points").

    Virus files in System Restore are harmless because they can not run from there. However, if you were to use System Restore to restore your system files to a previous point, those bugs could be restored as well!

    All Anti-Virus vendors recommend clearing the System Restore area after successfully cleaning virus files off your system. I'm guessing you are running Windows XP, is that correct?

    Take a look at the instructions at the link below. You need to turn off System Restore, let it clear all your old restore points off the system (this will delete the virus files in those C:\system volume information\_restore... folders), then you should restart System Restore when that is done.

    http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001111912274039

    I don't know of any anti-virus products that can automatically clean infected files out of System Restore, that is why they all give instructions on how to wipe the old restore points to kill the bugs stored in them.

    Give that a try and see if it takes care of find those specific malware files. After that, we'll need more information about the other problems you are having. There may be several different things that need to be looked at on your system.
     
    LowWaterMark, Dec 6, 2003
    #2
  3. Glen Rae

    Glen Rae Registered Member

    Joined:
    Dec 6, 2003
    Posts:
    1
    Hi

    Thanks for the reply , you are correct I am on XP.

    I have turned system restore off and ran a scan nothing found and have now turned it on again, I will have to wait and see now.

    Pc seems to take ages to start and shut down also takes a long time when on the web to open pages, it also will not display some things but I think that is down to my settings.
    I will make a note of what it does.

    thanks Glen
     
    Glen Rae, Dec 7, 2003
    #3
  4. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,491
    Location:
    Netherlands
    Hi Glen,

    Welcome at Wilders :)

    You could follow the instructions in this post: http://www.wilderssecurity.com/showthread.php?t=15913

    Where one Adware has found it's way in, there could be more. Removing these unwanted programs often helps to regain a computers normal behavior.

    Regards,

    Pieter
     
    Pieter_Arntz, Dec 7, 2003
    #4
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...