View Full Version : new virus: BackDoor.IRC.Ratsou.B
louis
December 6th 03, 01:46 PM
This virus has attached itself to file C:\winnt\system32
\explorer.dll. My Norton AntiVirus could not remove the
virus nor could it delete the infected file. How can I
fix this!
The Stare
December 6th 03, 01:46 PM
"louis" > wrote in message
...
> This virus has attached itself to file C:\winnt\system32
> \explorer.dll. My Norton AntiVirus could not remove the
> virus nor could it delete the infected file. How can I
> fix this!
Search the Symantec site for information on it. They will have directions
for you to follow.
Ramesh
December 6th 03, 01:46 PM
Hi,
First, delete the two values from the following keys:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run
a.. In the right pane, delete the values:
HID.EXE
lsass
Restart Windows and re-do a virus scan and delete the affected files.
More information from Symantec:
http://securityresponse.symantec.com/avcenter/venc/data/backdoor.irc.ratsou.
b.html
Regards,
Ramesh
"louis" > wrote in message
...
This virus has attached itself to file C:\winnt\system32
\explorer.dll. My Norton AntiVirus could not remove the
virus nor could it delete the infected file. How can I
fix this!
vBulletin® v3.6.4, Copyright ©2000-2012, Jelsoft Enterprises Ltd.