Results 1 to 8 of 8

Thread: w32/protoride.worm virus removal

  1. #1
    Junior Member
    Join Date
    May 2004
    Posts
    1

    w32/protoride.worm virus removal

    I am running windows 98nt on an emachine. My son managed to pick up the virus W32/Protoride.worm and it is also called Bkdr.ircbot.b. I can find it with my virus scan(I have used housecall, Mcaffee and FixIt. All detect it but Fixit says it cant be cleaned. I tried to install Nortons but it wont let me open it as now my computer says that it is missing the start.exe file. The virus is located in the following folder Windows/Startmenu/Programs/Startup/msupdate.exe . I have tried everything I can think of to get this out of here. I cant take it out manually be cause I cant open the folder it is in due to the missing Start.exe file. Funny thing is when I do a scan the start.exe file is found but it is in the infected folder so it won't let me use it. Is there any way to clean this worm out of my computer without doing a complete restore on my complete system. I am unable to open programs on my desktop due to the missing file. Any help would be greatly appreciated, I have been working on this for 3 days straight and am at wits end. Thanks. tkbest

  2. #2
    Junior Member
    Join Date
    May 2004
    Posts
    1

    w32/protoride.worm virus removal

    I am running windows 98nt on an emachine. My son managed to pick up the virus W32/Protoride.worm and it is also called Bkdr.ircbot.b. I can find it with my virus scan(I have used housecall, Mcaffee and FixIt. All detect it but Fixit says it cant be cleaned. I tried to install Nortons but it wont let me open it as now my computer says that it is missing the start.exe file. The virus is located in the following folder Windows/Startmenu/Programs/Startup/msupdate.exe . I have tried everything I can think of to get this out of here. I cant take it out manually be cause I cant open the folder it is in due to the missing Start.exe file. Funny thing is when I do a scan the start.exe file is found but it is in the infected folder so it won't let me use it. Is there any way to clean this worm out of my computer without doing a complete restore on my complete system. I am unable to open programs on my desktop due to the missing file. Any help would be greatly appreciated, I have been working on this for 3 days straight and am at wits end. Thanks. tkbest

  3. #3
    AntiOnline n00b
    Join Date
    Feb 2004
    Posts
    666
    hi

    Start your computer in the Safe Mode and then Scan your Computer with any of the AV's maybe it'sd because the file is in use . Ok if the AV 's say it cannot be cleaned then let them remove/quarintine the infecteds file.

    I cant open the folder it is in due to the missing Start.exe file
    i don't understand what start.exe got to do with folder opening and start.exe is inthe "%systemRoot%/windows/command" folder whats it doing in the startup folder.

    Do you have the win98 cd-rom ready or have it copied to some where on the harddisk?
    Start.exe is in win98_42.cab for 98fe and win98_46.cab for 98se. If you have the Windows 98 Disk you can decompress the file start.exe from it the command would be

    extract /Y /A /E /L c:\windows\command e:\win98\win98_42.cab start.exe
    Assuming that your windows installetion files are in "C:\windows" and your CD-Drive is "E:"

    Heres more info HOW TO: Extract Original Compressed Windows Files


    Heres more info about the worm at
    Synmetics You can follow the removal instructions there. just follow them step by step and you are done hopfully.


    --Good Luck--

    Hey nihil i think deleting the file is not a problem there are hell lot of ways to delete it , ( start your computer with a bootable disk or........... ) I think i am not getting the situation properly here..... . start. exe is missing and it is in the startup folder , and folder not opening due to mising start .exe it's a bit strange for me.....

  4. #4
    AntiOnline n00b
    Join Date
    Feb 2004
    Posts
    666
    hi

    Start your computer in the Safe Mode and then Scan your Computer with any of the AV's maybe it'sd because the file is in use . Ok if the AV 's say it cannot be cleaned then let them remove/quarintine the infecteds file.

    I cant open the folder it is in due to the missing Start.exe file
    i don't understand what start.exe got to do with folder opening and start.exe is inthe "%systemRoot%/windows/command" folder whats it doing in the startup folder.

    Do you have the win98 cd-rom ready or have it copied to some where on the harddisk?
    Start.exe is in win98_42.cab for 98fe and win98_46.cab for 98se. If you have the Windows 98 Disk you can decompress the file start.exe from it the command would be

    extract /Y /A /E /L c:\windows\command e:\win98\win98_42.cab start.exe
    Assuming that your windows installetion files are in "C:\windows" and your CD-Drive is "E:"

    Heres more info HOW TO: Extract Original Compressed Windows Files


    Heres more info about the worm at
    Synmetics You can follow the removal instructions there. just follow them step by step and you are done hopfully.


    --Good Luck--

    Hey nihil i think deleting the file is not a problem there are hell lot of ways to delete it , ( start your computer with a bootable disk or........... ) I think i am not getting the situation properly here..... . start. exe is missing and it is in the startup folder , and folder not opening due to mising start .exe it's a bit strange for me.....

  5. #5
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Hi,

    Try to start in safe mode, then

    <start>
    <run>

    Type in:

    winfile.exe

    Then hit the "OK" button

    This is the old 16 bit file manager program, and should let you delete what you want



    Cheers

  6. #6
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Hi,

    Try to start in safe mode, then

    <start>
    <run>

    Type in:

    winfile.exe

    Then hit the "OK" button

    This is the old 16 bit file manager program, and should let you delete what you want



    Cheers

  7. #7
    The Doctor Und3ertak3r's Avatar
    Join Date
    Apr 2002
    Posts
    2,744
    Please note that I have seen Start.exe used as the mixer prog for some sound cards... That is probably the one that is being seen.. in the search..


    Follow SwordFish_13's advice on getting Start.exe back where it belongs.. the information on getting rid of the bug states Starting the machine in Safemode.. it will be very easy to get rid of the file if you follow this advice..

    windows 98nt
    just to be sure is it 98 or nt?

    cheers
    "Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr

  8. #8
    The Doctor Und3ertak3r's Avatar
    Join Date
    Apr 2002
    Posts
    2,744
    Please note that I have seen Start.exe used as the mixer prog for some sound cards... That is probably the one that is being seen.. in the search..


    Follow SwordFish_13's advice on getting Start.exe back where it belongs.. the information on getting rid of the bug states Starting the machine in Safemode.. it will be very easy to get rid of the file if you follow this advice..

    windows 98nt
    just to be sure is it 98 or nt?

    cheers
    "Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •