unrecognised virus

I have what i'm sure is a virus, have run online virus check from symantec
and mcafee plus checked with windows live onecare and nothing has been found,
unfortunately I don't have antivirus installed at this time. System restore
won't open at all and on boot up once windows opens rstrui.exe is deleting
files from restore. I have an icon on my desktop that says AOL 9.0 although I
have never had AOL or used any of their services. In C Program files AOL is
an antivirus robospy folder I suspect this is part of the problem but I can't
delete anything in the AOL folder, if I delete the desktop shortcut it
reappears within a few moments. I am also getting a pop up appearing whether
I am browsing the internet or not. Have also tried booting up in safe mode
but can't seem to do this. Apart from the pop up and restore deleting files
on start up nothing else appears to be wrong at this moment but obviously
something is wrong and I imagine it will only get worse

Denead wrote:

> I have what i'm sure is a virus, have run online virus check from symantec
> and mcafee plus checked with windows live onecare and nothing has been
> found, unfortunately I don't have antivirus installed at this time. System
> restore won't open at all and on boot up once windows opens rstrui.exe is
> deleting files from restore. I have an icon on my desktop that says AOL
> 9.0 although I have never had AOL or used any of their services. In C
> Program files AOL is an antivirus robospy folder I suspect this is part of
> the problem but I can't
> delete anything in the AOL folder, if I delete the desktop shortcut it
> reappears within a few moments. I am also getting a pop up appearing
> whether I am browsing the internet or not. Have also tried booting up in
> safe mode but can't seem to do this. Apart from the pop up and restore
> deleting files on start up nothing else appears to be wrong at this moment
> but obviously something is wrong and I imagine it will only get worse

Go through these general malware removal steps systematically -
http://www.elephantboycomputers.com/...moving_Malware

Include scanning with David Lipman's Multi_AV and follow instructions to do
all scans in Safe Mode.

http://www.elephantboycomputers.com/page2.html#Multi-AV - instructions
http://tinyurl.com/yoeru3 - download link and more instructions

You can also check to see if there are targeted removal steps for your
malware here:
Bleeping Computer removal how-to's -
http://www.bleepingcomputer.com/forums/forum55.html

When all else fails, get guided help. Choose one of the specialty forums
listed at the first link. Register and read its posting FAQ. You will
generally be asked to:

1. Download and execute HiJack This! (HJT) -
http://www.trendsecure.com/portal/en...HJTInstall.exe

2. Disable Notepad's word wrap - In Notepad.exe; Format --> uncheck; "Word
wrap"

3. Download/run Deckard's System Scanner -
http://www.techsupportforum.com/sect...eckard/dss.exe

4. Save the scan results (Main.txt and Extra.txt)

5. And then post the contents of Main.txt and Extra.txt in your post at the
forum you chose. DO NOT POST LOGS IN THE MS NEWSGROUPS.

Standard disclaimer: I can't see and test your computer myself, so these are
just suggestions based on many years of being a professional computer tech;
suggestions based on what you've written. You should not take my
suggestions as a definitive diagnosis. If you can't do the work yourself
(and there is no shame in admitting this isn't your cup of tea), take the
machine to a professional computer repair shop (not your local equivalent
of BigComputerStore/GeekSquad). Please be aware that not all local shops
are skilled at removing malware and even if they are, your computer may be
so infested that Windows will need to be clean-installed. If possible, have
all your data backed up before you take the machine into a shop.

Malke
--
MS-MVP
Elephant Boy Computers
www.elephantboycomputers.com
Don't Panic!