Anybody got a fix for BackDoor.Generic3.LRT?

Reporting results so far: finally identified as BKDR_HAXDOOR.JG

- Ewido was useless for this particular nasty
- AVG similarly useless
- SuperAntiSpyware similarly useless
- Avast similarly useless
- Since it was stopping me from getting online I could not do any online
scans, so they are useless in these cases
- TrendMicro is worse than useless since it requires you to "Activate" via
the web (see above)

What seems to have worked was to:

- delete (caution! heavily abbreviated regkeys here!)
HKLM>SW>MS>NT>CV>Winlogon>Notify>yvbb01
- delete (caution! heavily abbreviated regkeys here!)
HKLM>SYS>CurrentControlSet>Control>SafeBoot>Minimal>yvbb02.sys
- delete (caution! heavily abbreviated regkeys here!)
HKLM>SYS>CurrentControlSet>Control>SafeBoot>Network>yvbb02.sys

then:

search for lps.dat & kgctini.dat & delete

"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
news:RWH0h.2345$Wy6.358@trnddc01...
> From: "Lisa Simpson" <none.TakeThisOut@none.com>
>
> | Anybody got a fix for BackDoor.Generic3.LRT?
> |
>
> Use my Multi AV Scanning Tool.
>
> --
> Dave
> http://www.claymania.com/removal-trojan-adware.html
> http://www.ik-cs.com/got-a-virus.htm
>
>
 >> Stay informed about: Anybody got a fix for BackDoor.Generic3.LRT? 

From: "Lisa Simpson" <none.DeleteThis@none.com>

| Reporting results so far: finally identified as BKDR_HAXDOOR.JG
|
| - Ewido was useless for this particular nasty
| - AVG similarly useless
| - SuperAntiSpyware similarly useless
| - Avast similarly useless
| - Since it was stopping me from getting online I could not do any online
| scans, so they are useless in these cases
| - TrendMicro is worse than useless since it requires you to "Activate" via
| the web (see above)
|
| What seems to have worked was to:
|

Because you Multi-Posted this instead of Cross-Posting this, you will have to see my OTHER
reply.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm
 >> Stay informed about: Anybody got a fix for BackDoor.Generic3.LRT? 

"Lisa Simpson" <none.TakeThisOut@none.com> wrote in message
news:bMQ0h.19906$pq4.717@tornado.ohiordc.rr.com...
>
> What seems to have worked was to:
>
> - delete (caution! heavily abbreviated regkeys here!)
> HKLM>SW>MS>NT>CV>Winlogon>Notify>yvbb01
> - delete (caution! heavily abbreviated regkeys here!)
> HKLM>SYS>CurrentControlSet>Control>SafeBoot>Minimal>yvbb02.sys
> - delete (caution! heavily abbreviated regkeys here!)
> HKLM>SYS>CurrentControlSet>Control>SafeBoot>Network>yvbb02.sys
>
> then:
>
> search for lps.dat & kgctini.dat & delete
>

Question: Did you use a 3rd party registry cleaning tool, or did you scan
the registry using the M/S search engine? Just curious.
 >> Stay informed about: Anybody got a fix for BackDoor.Generic3.LRT? 

I used RegEdit . . .

"optikl" <optikl.RemoveThis@invalid.invalid> wrote in message
news:ei2chi$f3i$1@registered.motzarella.org...
>
> "Lisa Simpson" <none.RemoveThis@none.com> wrote in message
> news:bMQ0h.19906$pq4.717@tornado.ohiordc.rr.com...
> >
> > What seems to have worked was to:
> >
> > - delete (caution! heavily abbreviated regkeys here!)
> > HKLM>SW>MS>NT>CV>Winlogon>Notify>yvbb01
> > - delete (caution! heavily abbreviated regkeys here!)
> > HKLM>SYS>CurrentControlSet>Control>SafeBoot>Minimal>yvbb02.sys
> > - delete (caution! heavily abbreviated regkeys here!)
> > HKLM>SYS>CurrentControlSet>Control>SafeBoot>Network>yvbb02.sys
> >
> > then:
> >
> > search for lps.dat & kgctini.dat & delete
> >
>
> Question: Did you use a 3rd party registry cleaning tool, or did you scan
> the registry using the M/S search engine? Just curious.
>
>
 >> Stay informed about: Anybody got a fix for BackDoor.Generic3.LRT?