Dear group,

More on the cntinuing saga of Zohar and the Dell...the only av scan I found that cured anything was bitdefender which eliminated me from having Trojan Backdoor. IzRam1.7, backdoor SBot.Gen, and Downloader Keeval.E

But they are not the main culprits..they are invited guests of this file...
wrar30b5.exe [WinCon.SFX=>{Upx}..and this file is resistant to delete in any mode by any service.
In fact even though ..and immediately as ...bitdefender found it, the screen altered leaving me only the choices to ignore or apply to all.
When you delete it it loads itself into the _restore files in C:\SystemVolume Information\ directory..and kills all restore points ...loads into the HKLM on reboot [Run\..& RunServices]
Also corrupts the Prefetch folder...and takes over internet service. This bug aims at AV's, disabling them if it is targeted..and furthermore it loads a prog called WAUCLT.EXE into your startup processes..and brings taskmger.exe with it. They take over the Standard and Local settings Folders.
I used RegClean to get rid of invalid entries and immediately lost my internet [again].
Tried booting in safe mode but now I get the error message 0x0000009a Violation Of License Agreement. Went to microsoft and they told me that's what i get for trying to tamper with licensed product on say, a 30 day trial..[!!!] they also said if I screwed up the registry with a third party product there was nothing they could do.
So now I'm really, really screwed.
Other than ritual suicide is there something someone can suggest.
[And Please DO pass this warning around to anyone on p2p ]

Thanks
-Zohar

Recommended Answers

All 3 Replies

Nasty.

I can only repeat my advice, and hope someone else posts agreement, cause you've simply ignored it so far. Repartition. If you can't get rid of the nasty any other way, that way will do it, and then a reinstall of XP will put you back to rights.

Nasty.

I can only repeat my advice, and hope someone else posts agreement, cause you've simply ignored it so far. Repartition. If you can't get rid of the nasty any other way, that way will do it, and then a reinstall of XP will put you back to rights.

Dear Duncan,

I can only repeat what I said way back when this started..we thought of repartitioning and were told the virus would only copy itself in again..but we tried like you [and a dozen others said...] thing is..our Dell/Windows XP would not accept a new re-install or rewrite or partiton...we'd get half-way through the process..the sytem would reboot and then a message came up saying for its own protection Windows would not let us continue because there was either a hardware problem or a boot virus. It recommended a full AV scan and to try again. We did full scans, spyware scans, trojan scans...nothing stopped this message from coming up..so we were unable to do anything ...and meanwhile on start-up a black screen told us to choose Setup or Windows XP Home..,.and only XP Home would carry through to a full reboot.
But of course the problem was still in the machine.
So we tried regcleaner after another on-line scan and like I said..once it erased the invalid entries the internet connection was lost..we ran another av scan..seemed clear so we tried to reboot and finish installing a new XP [as you suggested..and that's when the dreaded violation of license warning came up...so now we can't get it to even boot.
I'm frazzled....

-Sincerely

Oh well, I gave it my best shot, and I'm out of ideas, besides sending it to Dell.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.