HELP i need to remove the Dumarin.g trojan from my computer which has caused many things to go haywire. I've run trend micro virus scan and deleted infected files with that but they keep coming back when i reboot, and i have system restore turned off, and NOW my programs wont load because they cannot find associated programs to load the applications with!

To clear up some things for me, do you have PC-Cillan installed and updated, or did you use Trend Micro's "housecall"? Have you ran it while your computer is in the safe mode using your antivirus program? Did you restart the computer after you turned off system restore? What firewall do you use, or have you made sure that your XP firewall is enabled?

I do not have PC-Cillan installed, I HAD norton antivirus corporate edition installed, but once i got the virus it no longer worked. I used the housecall virus scan from their website and it found the trojan. I turned off system restore, and rebooted multiple times. The deleting of files from the housecall scan did not yeild the results i needed to rid the virus. I use zone alarm firewall, and now i have it all on HIGH alert.

As a follow up, i got my .exe files working again and i found the trendmicro sysclean.com file to clean up trojans and such. That seems to have worked as my computer is running smoothly since running that and virus scans since have found NO viruses present on this machine!!

That is good news.

Help!

Our computer has also been infected with the PSW.Dumarin.G virus. I know very little about these things. The AVG anti-virus software we have found it, but could not "heal" it.

Any suggestions on how to get rid of it?

AVG tells me that the virus is found in a number of files in the C:\_RESTORE\TEMP folder. Unfortunately, that folder does not appear anywhere, and the file names that AVG references do not appear when I search the hard drive. I have the folder options set to show hidden files. What else am I missing?

Any assistance would be greatly appreciated!

Hi there,
I had the same durmarin.g trojan and after running AVG it would not heal and kept coming back, the only way i got rid of it was to run regedit and in find type in the full name of the virus and the delete it, also check out this link
http://computercops.us/print-1-40173.html
Hope this helps Rob.

instructions for manual removal of Dumarin / Dumarin.g / Dumaru-ak

1)Kill the following running processes (if they exist):
setupex.exe
svohost.exe
swchost.exe
svchost.exe (all instances)

2)Delete the following files (if they exist):
system32\setupex.exe
system32\svohost.exe
system32\swchost.exe
(!!do not delete system32\svchost !!)

3)Show hidden folders and from every user profile delete svchost.exe(if it exists):
c:\Documents and settings\%username%\Start Menu\Programs\startup\svchost.exe
(don't forget to remove it from the "Default User" profile also)

4)From the following registry location:
HKeyLocalMachine\Software\Microsoft\Windows\Current Control Set\Run\
Delete all keys that refer to any of the programs in step 1.

5)Modify the following registry location:
HKeyLocalMachine\Software\Microsoft\WindowsNT\Current Version\Winlogon
In the string value named "Shell", right-click and modify the value from:
[Explorer.exe c:\winnt\system32\svohost.exe]
to simply:
[Explorer.exe]

6)Open the system.ini file (start, run, sysedit). If there is an entry for
Shell= , it should only say:
Shell = Explorer.exe
If there is another executable listed afterwards, delete that part of the string.
(essentially the same as step 5)

On reboot, log in and check your profile for the svchost.exe file in
Start\programs\startup. If it is not there, the machine is clean.

John Richardson