Previous Topic Next Topic

Rahul'sVirusprotection.Vbe

Closed
gayu14 - Aug 29, 2011 at 10:56 PM
Ambucias Posts 47356 Registration date Monday February 1, 2010 Status Moderator Last seen February 15, 2023 - Aug 30, 2011 at 06:05 AM
Hello,

What is this Root cause of this Rahul virus?..

I tried the steps that are given below..

how to Remove:
******************
1) In Windows Explorer
Tools -- Folder Options --View
Show hidden files and folders ---check this one
Hide prorected operation system file(Recommended) --Uncheck this one

2) GO TO System Directoty ex: (C:\windows\ system32)
find this file "Rahul'sVirusprotection.vbe" and delete this one,
if u can't do that following the below steps
1)open the TaskManager(press control+Shift+Escapte key) then in
process Tab find ths Process "wscript.exe" and delete this one
or
2) using Unlocker 1.8.8.exe (search in Google site) for delete this
file
3) Type Regedit.exe into RUN Command
HKEY_CURRENT_USER\ SOFTWARE\ MICROSOFT\ INTERNET EXPLORER\MAIN
[Window Title = ""]
[Start Page = "www.google.com"]
HKEY_LOCAL_MACHINE\SOFTWARE\ MICROSOFT\Windows NT\ CurrentVersion
\Winlogon
[Userninit = "C:WINDOWS\system32\userinit.exe"]

But I could not find any entry Rahul in system32 directory or any process called wscript or in my Regedit..

I even tried taskkill /f /im wscript.exe from my CMD prompt..
It says process not found...

Yet Rahul keeps coming on my screen everytime i restart..

How do I get rid of this?...

PLEASE HELPPPPP :-(


1 response

Answer 1 / 1
Ambucias Posts 47356 Registration date Monday February 1, 2010 Status Moderator Last seen February 15, 2023 11,170
Aug 30, 2011 at 06:05 AM
Hi Gayu

Stardard procedure

1. go to task manager and end process the wscript

2. delete rahul vbe file from c:\windows\system32

3. go to HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN\ Window Title : LORD RAHUL COOL '''clear this value''

4. Empty recycle bin
delete this values into registry

5.Start>>Allprograms>>RUN

6.and type REGEDIT into run window

7.to this KEYS into registry editor

HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN\
-------------------------------------------------------------

8. delete the key value
Window Title : LORD RAHUL COOL '''delete this value or change it.

Not so standard


1) In Windows Explorer
Tools -- Folder Options --View
Show hidden files and folders ---check this one
Hide prorected operation system file(Recommended) --Uncheck this one

2) GO TO C:\windows\ system32
find this file "Rahul'sVirusprotection.vbe" and delete this one,
if u can't do that follow the below steps

2)open the TaskManager(press control+Shift+Escape key) then in
process Tab find ths Process "wscript.exe" and delete this one
or



3) Type Regedit.exe into RUN Command
HKEY_CURRENT_USER\ SOFTWARE\ MICROSOFT\ INTERNET EXPLORER\MAIN
[Window Title = ""]
[Start Page = "www.google.com"]
HKEY_LOCAL_MACHINE\SOFTWARE\ MICROSOFT\Windows NT\ CurrentVersion
\Winlogon
[Userninit = "C:WINDOWS\system32\userinit.exe"]

Good luck
1