Need help removing Backdoor.ProRat virus
Last response: in Windows XP
Archived from groups: microsoft.public.windowsxp.newusers (More info?)
I'm running XP, and a file reginv.dll is infected with the ProRat
virus.
I follwed these instructions,
(http://securityresponse.symantec.com/avcenter/venc/data...)
but none of the registry keys mentioned exist on my system.
My Norton Antivirus has been rendered inactive, my Firewall is turned
off, and won't let me turn it back on.
I've read about this nasty thing...any help removing it is
appreciated.
I'm running XP, and a file reginv.dll is infected with the ProRat
virus.
I follwed these instructions,
(http://securityresponse.symantec.com/avcenter/venc/data...)
but none of the registry keys mentioned exist on my system.
My Norton Antivirus has been rendered inactive, my Firewall is turned
off, and won't let me turn it back on.
I've read about this nasty thing...any help removing it is
appreciated.
More about : removing backdoor prorat virus
Archived from groups: microsoft.public.windowsxp.newusers (More info?)
On Thu, 02 Jun 2005 20:01:32 GMT, "Mitch@this_is_not_a_real_address.com" <>
wrote:
>I'm running XP, and a file reginv.dll is infected with the ProRat
>virus.
>
>I follwed these instructions,
>(http://securityresponse.symantec.com/avcenter/venc/data...)
>
>but none of the registry keys mentioned exist on my system.
>
>My Norton Antivirus has been rendered inactive, my Firewall is turned
>off, and won't let me turn it back on.
>
>I've read about this nasty thing...any help removing it is
>appreciated.
http://forum.hijackthis.de/showthread.php?t=1672
step by step here...
--
more pix @ http://members.toast.net/cbminfo/index.html
On Thu, 02 Jun 2005 20:01:32 GMT, "Mitch@this_is_not_a_real_address.com" <>
wrote:
>I'm running XP, and a file reginv.dll is infected with the ProRat
>virus.
>
>I follwed these instructions,
>(http://securityresponse.symantec.com/avcenter/venc/data...)
>
>but none of the registry keys mentioned exist on my system.
>
>My Norton Antivirus has been rendered inactive, my Firewall is turned
>off, and won't let me turn it back on.
>
>I've read about this nasty thing...any help removing it is
>appreciated.
http://forum.hijackthis.de/showthread.php?t=1672
step by step here...
--
more pix @ http://members.toast.net/cbminfo/index.html
Archived from groups: microsoft.public.windowsxp.newusers (More info?)
>http://forum.hijackthis.de/showthread.php?t=1672
>
>step by step here...
I can't run MWave! "Internal error".
>http://forum.hijackthis.de/showthread.php?t=1672
>
>step by step here...
I can't run MWave! "Internal error".
Archived from groups: microsoft.public.windowsxp.newusers (More info?)
Have you ried rebooting to the safe mode, then run you antivirus and or
Hijackthis?
"Mitch@this_is_not_a_real_address.com" wrote:
>
> >http://forum.hijackthis.de/showthread.php?t=1672
> >
> >step by step here...
>
>
> I can't run MWave! "Internal error".
>
Have you ried rebooting to the safe mode, then run you antivirus and or
Hijackthis?
"Mitch@this_is_not_a_real_address.com" wrote:
>
> >http://forum.hijackthis.de/showthread.php?t=1672
> >
> >step by step here...
>
>
> I can't run MWave! "Internal error".
>
Related ressources
- Redirecting virus , also shut down windows security need help removing ! - Forum
- Virus ??? Need help diagnosing/ removing please!!! - Forum
- Need help removing virus (Downloader.Generic8.APEH) - Forum
- pzpuss0yu Trojan Virus . Need help removing . - Forum
- Security Tool virus...need help removing - Forum
Archived from groups: microsoft.public.windowsxp.newusers (More info?)
<Mitch@this_is_not_a_real_address.com> schrieb im Newsbeitrag
news:jdo3a11c0e56728guiv4eo9is175lm2v7g@4ax.com...
>
> >http://forum.hijackthis.de/showthread.php?t=1672
> >
> >step by step here...
>
>
> I can't run MWave! "Internal error".
<Mitch@this_is_not_a_real_address.com> schrieb im Newsbeitrag
news:jdo3a11c0e56728guiv4eo9is175lm2v7g@4ax.com...
>
> >http://forum.hijackthis.de/showthread.php?t=1672
> >
> >step by step here...
>
>
> I can't run MWave! "Internal error".
Archived from groups: microsoft.public.windowsxp.newusers (More info?)
>Have you ried rebooting to the safe mode, then run you antivirus and or
>Hijackthis?
Yes...it won't let Norton Antivirus run in Safe Mode.
I ran HiJackThis in normal, but not safe.
Hijack this just gives a log, right? It doesn't actually do any
cleaning? I'm new to it, obviously.
If I run Ad-Aware in Safe Mode, it finds all the infected files and
registry keys, and claims to clean them. But as soon as I reboot, the
infection is back.
>Have you ried rebooting to the safe mode, then run you antivirus and or
>Hijackthis?
Yes...it won't let Norton Antivirus run in Safe Mode.
I ran HiJackThis in normal, but not safe.
Hijack this just gives a log, right? It doesn't actually do any
cleaning? I'm new to it, obviously.
If I run Ad-Aware in Safe Mode, it finds all the infected files and
registry keys, and claims to clean them. But as soon as I reboot, the
infection is back.
Archived from groups: microsoft.public.windowsxp.newusers (More info?)
On Thu, 02 Jun 2005 20:01:32 GMT, Mitch@this_is_not_a_real_address.com
wrote:
> I'm running XP, and a file reginv.dll is infected with the ProRat
> virus.
>
> I follwed these instructions,
> (http://securityresponse.symantec.com/avcenter/venc/data...)
>
> but none of the registry keys mentioned exist on my system.
>
> My Norton Antivirus has been rendered inactive, my Firewall is turned
> off, and won't let me turn it back on.
>
> I've read about this nasty thing...any help removing it is
> appreciated.
Have you considered getting on the phone with Symantec? You may have a
newer variant that they need to more about. Sending them a sample of the
infected file would be a good idea too. I don't use Norton's A/V anymore
but seem to remember a link right in the program to "send sample." If you
can't find it, there will be links on their website - probably in the SARC
sections. While you have their ear, they would be able to give you a
one-on-one walk-through for cleaning the system.
MS also has a service to help with virus and other malware problems. Info
is in left column : http://support.microsoft.com/?pr=SecurityHome
--
Sharon F
MS-MVP ~ Windows Shell/User
On Thu, 02 Jun 2005 20:01:32 GMT, Mitch@this_is_not_a_real_address.com
wrote:
> I'm running XP, and a file reginv.dll is infected with the ProRat
> virus.
>
> I follwed these instructions,
> (http://securityresponse.symantec.com/avcenter/venc/data...)
>
> but none of the registry keys mentioned exist on my system.
>
> My Norton Antivirus has been rendered inactive, my Firewall is turned
> off, and won't let me turn it back on.
>
> I've read about this nasty thing...any help removing it is
> appreciated.
Have you considered getting on the phone with Symantec? You may have a
newer variant that they need to more about. Sending them a sample of the
infected file would be a good idea too. I don't use Norton's A/V anymore
but seem to remember a link right in the program to "send sample." If you
can't find it, there will be links on their website - probably in the SARC
sections. While you have their ear, they would be able to give you a
one-on-one walk-through for cleaning the system.
MS also has a service to help with virus and other malware problems. Info
is in left column : http://support.microsoft.com/?pr=SecurityHome
--
Sharon F
MS-MVP ~ Windows Shell/User
Archived from groups: microsoft.public.windowsxp.newusers (More info?)
boot from the xp cd and select recovery console
after logging in, delete the file
"Sharon F" <sharonfDEL@ETEmvps.org> wrote in message
news:%23hP6B0DbFHA.2876@TK2MSFTNGP09.phx.gbl...
> On Thu, 02 Jun 2005 20:01:32 GMT, Mitch@this_is_not_a_real_address.com
> wrote:
>
>> I'm running XP, and a file reginv.dll is infected with the ProRat
>> virus.
>>
>> I follwed these instructions,
>> (http://securityresponse.symantec.com/avcenter/venc/data...)
>>
>> but none of the registry keys mentioned exist on my system.
>>
>> My Norton Antivirus has been rendered inactive, my Firewall is turned
>> off, and won't let me turn it back on.
>>
>> I've read about this nasty thing...any help removing it is
>> appreciated.
>
> Have you considered getting on the phone with Symantec? You may have a
> newer variant that they need to more about. Sending them a sample of the
> infected file would be a good idea too. I don't use Norton's A/V anymore
> but seem to remember a link right in the program to "send sample." If you
> can't find it, there will be links on their website - probably in the SARC
> sections. While you have their ear, they would be able to give you a
> one-on-one walk-through for cleaning the system.
>
> MS also has a service to help with virus and other malware problems. Info
> is in left column : http://support.microsoft.com/?pr=SecurityHome
>
> --
> Sharon F
> MS-MVP ~ Windows Shell/User
boot from the xp cd and select recovery console
after logging in, delete the file
"Sharon F" <sharonfDEL@ETEmvps.org> wrote in message
news:%23hP6B0DbFHA.2876@TK2MSFTNGP09.phx.gbl...
> On Thu, 02 Jun 2005 20:01:32 GMT, Mitch@this_is_not_a_real_address.com
> wrote:
>
>> I'm running XP, and a file reginv.dll is infected with the ProRat
>> virus.
>>
>> I follwed these instructions,
>> (http://securityresponse.symantec.com/avcenter/venc/data...)
>>
>> but none of the registry keys mentioned exist on my system.
>>
>> My Norton Antivirus has been rendered inactive, my Firewall is turned
>> off, and won't let me turn it back on.
>>
>> I've read about this nasty thing...any help removing it is
>> appreciated.
>
> Have you considered getting on the phone with Symantec? You may have a
> newer variant that they need to more about. Sending them a sample of the
> infected file would be a good idea too. I don't use Norton's A/V anymore
> but seem to remember a link right in the program to "send sample." If you
> can't find it, there will be links on their website - probably in the SARC
> sections. While you have their ear, they would be able to give you a
> one-on-one walk-through for cleaning the system.
>
> MS also has a service to help with virus and other malware problems. Info
> is in left column : http://support.microsoft.com/?pr=SecurityHome
>
> --
> Sharon F
> MS-MVP ~ Windows Shell/User
If you click on this link http://www.connectionwizard.comoj.com/ and go to my malware removal section, there is detailed instructions that will help you. just click on the instructions link. the software is totally free and very easy instructions on using it. Everyone needs to get all the microsoft updates before the worm hits. Microsoft updates has a patch so you won't get it. I hear it's a bad one too. Tell your friends about this site when you are done. The site is currently under construction but I do have all the links for the software up and starting the instructions, now so be patient. Instructions for the first one are already in there.
connectionwizard said:
If you click on this link http://www.connectionwizard.comoj.com/ and go to my malware removal section, there is detailed instructions that will help you. just click on the instructions link. the software is totally free and very easy instructions on using it. Everyone needs to get all the microsoft updates before the worm hits. Microsoft updates has a patch so you won't get it. I hear it's a bad one too. Tell your friends about this site when you are done. The site is currently under construction but I do have all the links for the software up and starting the instructions, now so be patient. Instructions for the first one are already in there.I just bought a new computer loaded with Windows 7 and am up to date with all of the Windows updates and have all of the security software I can think of to protect myself and then some and I have this on my machine. So much for The patch.
eye-mind said:
I just bought a new computer loaded with Windows 7 and am up to date with all of the Windows updates and have all of the security software I can think of to protect myself and then some and I have this on my machine. So much for The patch.Run through the malware guide in my signature to remove the infection, and keep your system clean.
Related ressources:
- ForumSimple and Free Guide to Removing Malware
- ForumHelp me removing backdoor.graybird virus
- ForumRemoving 'vista home security 2012' virus
- ForumNeed Major Help With Virus + Blue Screen
- ForumHow can remove virus in my memory card and recover my images from it??
- ForumNeed help with virus ?
- ForumRemoving Search.conduit.com virus /malware
- ForumI need to know if I have a virus and virus protection
- ForumNeed help removing spyware / trojan - may be specific911
- ForumNasty Virus help needed!
- ForumVirus ! Need help !
- ForumVirus ? Software issue? Hardware issue? HELP !
- ForumHELP!!! Please with Windows XP
- ForumHELP !!! I have no EARS
- ForumDeleted my paper! Help!!!!
- More resources
Read discussions in other Windows XP categories
!
