Emergency Help Needed!

by **Shack** on Fri Jan 10, 2003 9:38 pm

Rip sorry to hear of your woes.
You don't think you deleted the wrong file by mistake did you?? Theres also a file regsvc.exe that you need. Maybe if you can boot into safe mode and run sfc/scannow and see if you can replace the file and then try this fix.

For some reason, my coworkers and I all got the Backdoor.OptixPro.11.b Trojan virus. I wonder where it came from.

If you have it, go to to Task Manager, delete the 'regsrv.exe' process. MAKE SURE YOU DELETE the right one. There's also a regsvc.exe process also. What a sneeky way of hiding itself huh?

After, use Norton and scan c:\winnt\ Delete the virus using Norton.

To delete this from your registery, go to Start -> Run. Type regedit. Go to HKEY_LOCAL_MACHINE -> SOFTWARE -> Microsoft -> Windows -> CurrentVersion -> Run

These are the programs that start up when you computer is first turned on. Delete the key that runs regsrv.exe

That should be it.

Tuesday, November 12, 2002
10:18 AM: Backdoor.OptixPro.11.b
[Category: Daily Ramblings]
PHP-Princess.net

by ***Starz*** on Fri Jan 10, 2003 11:33 pm

Aaw geez Shack...

I'm just now finding this...it was quite some time ago that I checked for him last...I've sent him a message that if he gets back up to come look at this...He did spend quite a bit of time speaking with Bell...he shut down to do some more work...but he isn't back up yet as far as I know...thanks for posting it... :yesnod:

by ***Starz*** on Fri Jan 10, 2003 11:39 pm

Shack

He just came back up...he can't get here right now...but I sent your directions via IM...thanks again... :yesnod:

by **purplehawk** on Sat Jan 11, 2003 12:35 am

Kudos to all. This was a great team effort. Can't wait for Rip to get back and tell us all about it.

by ***Starz*** on Sat Jan 11, 2003 12:40 am

Unfortunately he's still in trouble...he has done as much as everyone has suggested and then some...Now it is showing up as Optix.Pro.12 instead of .11.b

Just slap out of ideas at this point...think I will go check some more archives for him... :hmmm:

by **purplehawk** on Sat Jan 11, 2003 1:02 am

Oh, no...

Who's working with him now?

by ***Starz*** on Sat Jan 11, 2003 1:07 am

He thinks he got it with an antitrojan tool...he's about to come back to the forum now...doing some more scans meanwhile...hope this is it...been over 14 hours now... :confused

by **RIP!** on Sat Jan 11, 2003 1:14 am

Welp I think Starz said it all on her last post....so lets just keep our eyes, fingers, and toes crossed ... I want to Thank each and everyone for all the hard work that you all have done for me today, it really has been wonderful to see such an effort to help a complete and total stranger fix something. WOW!

I will let you know further how things are as I know my self.

Thanks Again!! :yesnod:

by **purplehawk** on Sat Jan 11, 2003 1:15 am

I may hang out and wait on him... I'm about half-baked awake, anyway. :huzzah:

by **Mac33** on Sat Jan 11, 2003 7:44 am

RIP i hope your problem is solved now, and i must say the team helping you are doing a marvelous job...Good on you Michel and all the others. RIP let us know how you are getting on and if you need more help, i know a few peeps here are waiting for your outcome.
all the best :yesnod:

Emergency Help Needed!

Who is online

PROnetworks - Technology News, Analysis, and Support