Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help! W32.rontokbro Something Virus


  • Please log in to reply
5 replies to this topic

#1 nixx

nixx

  • Members
  • 159 posts
  • OFFLINE
  •  
  • Local time:02:02 PM

Posted 06 April 2006 - 01:51 AM

help! i don't know how i got this virus but it's everywhere. i searched the net for info about this virus. although it says there that its not that much of a threat, i'd still want it out of my computer. i've deleted some files already but there are still a lot that i can't delete.. :thumbsup: i need help. thank you!

niko

BC AdBot (Login to Remove)

 


#2 stidyup

stidyup

  • Members
  • 641 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:02 AM

Posted 06 April 2006 - 02:32 AM

McAfee on W32/Rontokbro.gen@MM

Sophos Search Results

Try running the following from safe mode (Getting to safe-mode) Sysclean you'll also need the virus template file from here lpt***.zip remember to extract the contents of the zip file into the same folder as Sysclean.com

or

DrWeb CureIT

or

KASFX which is powered by the Kaspersky AV engine, you will need internet access to update it. If you haven't got net access in safe mode, update it before you use it.

If your good with the command line also try Sophos Command Line scanner this command will scan all of your hdd's SAV32CLI.EXE -F -di -remove -dn -mbr -all -zip -p=avscanlog.txt and give you a log file to review afterwards.

Also try installing and running A2 Free and Ewido (Ewido Updates) again run from safe mode.

#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,595 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:02 AM

Posted 06 April 2006 - 08:54 AM

Manual Removal Instructions if needed. This involves making changes in the registry. Always back up your registry before making any changes.

How to Backup, Edit & Restore Registry
How to Backup, Edit & Restore Registry by Microsoft

ERUNT is an excellent FREE tool to use for doing this.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 nixx

nixx
  • Topic Starter

  • Members
  • 159 posts
  • OFFLINE
  •  
  • Local time:02:02 PM

Posted 07 April 2006 - 09:15 AM

hey guys thanks. :thumbsup: i think the worm's gone now. one more thing though, when i log in, my documents opens by itself. is this caused by the worm? it's not in the scheduled tasks.

#5 tg1911

tg1911

    Lord Spam Magnet


  • Members
  • 19,274 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SW Louisiana
  • Local time:12:02 AM

Posted 07 April 2006 - 10:24 AM

NOTE: This is a registry edit. If you're not familiar with working in the registry, DO NOT ATTEMPT.
Improper changes to the registry could render your computer inoperable.
Remember to backup the registry before making any changes.
Instructions, on how to do that, can be found here:
How to back up, edit, and restore the registry

Go to kellys-korner.

#255, on the Right - My Documents Folder Opens Upon Boot (for C:\)
MOBO: GIGABYTE GA-MA790X-UD4P, CPU: Phenom II X4 955 Deneb BE, HS/F: CoolerMaster V8, RAM: 2 x 1G Kingston HyperX DDR2 800, VGA: ECS GeForce Black GTX 560, PSU: Antec TruePower Modular 750W, Soundcard: Asus Xonar D1, Case: CoolerMaster COSMOS 1000, Storage: Internal - 2 x Seagate 250GB SATA, 2 x WD 1TB SATA; External - Seagate 500GB USB, WD 640GB eSATA, 3 x WD 1TB eSATA

Become a BleepingComputer fan: Facebook

#6 nixx

nixx
  • Topic Starter

  • Members
  • 159 posts
  • OFFLINE
  •  
  • Local time:02:02 PM

Posted 09 April 2006 - 02:33 AM

oh shoot. my bad..its my computer that keeps popping up upon logging in. also, when i turn on the computer, its always on 800x600 resolution even after i change it to 1024x768 pixels..when i turn it off then turn it on again, it goes back to 800x600. i already ran ewido and it detected a lot of viruses but its all gone now,well according to ewido that is. by the way, thanks for all your help everybody. i appreciate it :D




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users