Home > Threats > VirusResponse Lab 2009

What is VirusResponse Lab 2009

Posted on 15 September 2008 under Rogue Programs

1. What is VirusResponse Lab 2009?

It is rogue computer security program that should not be trusted. VirusResponse Lab 2009 is installed onto user’s machine by Trojan.Zlob which pretends to be as a codec needed to play a video. In sum, after trying to play video from some malicious website, you will be asked you to download special codec needed to play that video. Since codec is bundled with Trojan.Zlob, your computer system will be supplemented with VirusResponse Lab 2009, which will start computer scan for malicious objects immediately, generating report in the end, that contains assumed threats. The program will start every time "Windows" is booted up prompting user to buy licensed software version in order to clean computer from threats:

In fact, VirusResponse Lab 2009 is not able to remove spyware, viruses and other malware, it is only a way to make user scared and persuade him to buy commercial program version.

VirusResponse Lab 2009 fake alert:

Related threats: Virus Trigger, Antivirus Trigger

2. VirusResponse Lab 2009 screen shot:

VirusResponse Lab 2009

3. How to remove VirusResponse Lab 2009:

  1. Internet connection might be disabled or Internet browser might be blocked by VirusResponse Lab 2009, so it won't be possible to download any files to infected computer. In this case please download all files required for VirusResponse Lab 2009 removal to another computer and then transfer them on the infected one using CD/DVD or USB flash drive.
  2. To remove VirusResponse Lab 2009 download Spyware Doctor and install the program (for the installation guide click here). Before installation, make sure all other programs and windows are closed.
  3. After the installation, computer scan should be started automatically. If so, please move to the next step. If not, click "Status" on the left side menu and press "Scan Now" button to run computer scanner as shown in the picture below:

  4. After the scan has been completed and scan results have been generated, press "Fix Checked" button to remove VirusResponse Lab 2009.

  5. Restart the computer to complete VirusResponse Lab 2009 removal procedure.

4. VirusResponse Lab 2009 files:

bcxjqr.dll, duzakwq.dll, dvxwfz.dll, ebmkdz.dll, oanlvs.dll, obicx.dll, qfrmwmq.dll, teoga.dll, vimhx.dll, zgyhw.dll
virlab_install.exe (setup file), VirusResponseLab2009.exe, VirRL2009.exe, ViRsLab.exe

5. Hijackthis entries:

O4 Entries:
O4 - HKCU\..\Run: [ViRsLab] "C:\Program Files\ViRsLab\ViRsLab.exe"
O4 - HKCU\..\Run: [VirRL2009] "C:\Program Files\VirRL2009\VirRL2009.exe"
O4 - HKCU\..\Run: [VirusResponseLab2009] "C:\Program Files\VirusResponseLab2009\VirusResponseLab2009.exe"
O22 Entries:
O22 - SharedTaskScheduler: hypoch - {2f199d0e-f3e7-41a7-a060-816c24cceea0} - C:\ WINDOWS\system32\zgyhw.dll
O22 - SharedTaskScheduler: headstock - {e517b912-2c97-4a94-8b15-e7fe902b8d86 } - C:\WINDOWS\system32\dvxwfz.dll
O22 - SharedTaskScheduler: emaa - {2f199d0e-f3e7-41a7-a060-816c24cceea0} - C:\WINDOWS\system32\teoga.dll
O22 - SharedTaskScheduler: bisque - {fb357e54-83f1-4a3c-80a2-319201ed6c17} - C:\ WINDOWS\system32\obicx.dll
O22 - SharedTaskScheduler: impetuousities - {0ba3e00d-b660-46e6-a2db- 2672ee82dc98} - C:\WINDOWS\system32\oanlvs.dll
O22 - SharedTaskScheduler: hemielytron - {7ca07c92-0ab2-4346-b119-a076695d46ed} - C:\WINDOWS\system32\duzakwq.dll
O22 - SharedTaskScheduler: bismuthiferous - {d04bbe06-7ce7-405e-8730- cd56d9531cbb} - C:\WINDOWS\system32\vimhx.dll
O22 - SharedTaskScheduler: displume - {d54f12f7-4d76-4c39-a096-e51ef5d33f2b} - C :\WINDOWS\system32\qfrmwmq.dll
O22 - SharedTaskScheduler: awash - {e3623691-f85d-48d8-8e4d-abe79077f841} - C:\ WINNT\system32\bcxjqr.dll
O22 - SharedTaskScheduler: cypselomorphae - {6b9a461b-893f-45ee-8c59- 06d3a2223b24} - C:\WINDOWS\system32\ebmkdz.dll