My computer has been infected by a virus rovmon.exe?

Question

My computer has been infected with a virus becuase of which my computer has gone so slow and i am also not able to remove it though i have spyerazer and avast 4 professional. I cannot open Task Manager and Regedit.

Plz help me someone as i may loose my very important data

Answer 1

Did you mean ravmond.exe?

Symantec: W32.HLLW.Lovgate Automatic Removal Tool
http://www.symantec.com/security_response/writeup.jsp?docid=2003-022414-1011-99
------------------------------------------------------
TrendMicroL Automatic cleanup
http://www.trendmicro.com/download/dcs.asp
download fom this page
Sysclean Package 3.3MB

Download Pattern file (lpt475.zip ) on following page
http://www.trendmicro.com/download/viruspattern.asp

Removal Instructions (follow exactly)
http://www.trendmicro.com/ftp/products/tsc/readme.txt

---------------------------------------------------
To minimize the chances of future infections:
All programs are free.
---------------------------------------------------------
Update your antivirus and run a full scan in safe mode

If you do not have virus protection install only one:
All are excellent.

AVG Antivirus 7.5 Free Edition
http://free.grisoft.com/freeweb.php/doc/avg-anti-virus-free/lng/us/tpl/v5
http://www.download.com/AVG-Anti-Virus-Free-Edition/3000-2239_4-10669237.html?tag=lst-0-1
or
Free antivirus - avast! 4 Home Edition
http://www.avast.com/eng/avast_4_home.html
or
AOL Active Virus Shield
http://www.activevirusshield.com/antivirus/freeav/index.adp
---------------------------------------------------------
Install Windows Defender (full time spyware protection)
Perform a full scan.
http://www.microsoft.com/athome/security/spyware/software/default.mspx
---------------------------------------------------------
Install the following five programs and run weekly or at least monthly. You need all five. They will greatly increase your protection. They are not a substitute for full time spyware and virus protection.

Ad-Aware SE Personal (update + full scan)
http://www.lavasoftusa.com/products/ad-aware_se_personal.php

Spybot Search & Destroy (update + immunize + scan)
Do not enable Tea Timer and SDHelper
After installation: update + scan + immunize
http://www.safer-networking.org/en/mirrors/index.html

SpywareBlaster: Update then open and click “enable all protection”.
http://www.javacoolsoftware.com/spywareblaster.html

SUPERAntiSpyware free version: (update + scan)
http://www.superantispyware.com/

CCleaner: Do not install toolbar option
Removes tracking cookies, unneeded files, history
In options.
Set to run when computer starts.
Place cookies you want to keep in save list
http://www.ccleaner.com/
-------------------------------------------------------------
Additional run this time and monthly.

Microsoft Update "Custom Mode" install everything
http://update.microsoft.com/microsoftupdate/v6/default.aspx?ln=en-us

Microsoft OneCare Live, run “full service scan”
Updates windows, virus and spyware scan, disk cleanup, disk fragmentation (if needed), backs up registry and then cleans registry, and checks for open firewall ports
http://onecare.live.com/site/en-us/default.htm

Malicious Software Removal Tool (run “full scan”)
http://www.microsoft.com/security/malwareremove/default.mspx
-----------------------------------------------
Online Free Scanners:
Run Trend Micro, Kaspersky, and Panda Scan now.
Run a different one each month.

Trend Micro: HouseCall Free Scan (removes what it finds)
http://housecall.trendmicro.com/
BitDefender Online Scanner http://www.bitdefender.com/scan8/ie.html
Kaspersky Labs Online Scanner http://www.kaspersky.com/virusscanner
McAfee http://us.mcafee.com/root/mfs/default.asp?affid=294
Panda ActiveScan Free Online Scanner http://www.pandasoftware.com/products/activescan?
Symantic Online Scanner http://security.symantec.com/sscv6/ssc_eula.asp?langid=ie&venid=sym&plfid=23&pkj=ALUFRHYTINMHDKDCWLL&vc_scanstate=2

Answer 2

Try this method for deep down trojans

Download Avast Home from www.avast.com

Install, choose to scan when computer restart

It should remove the trojans for for before Windows starting up, the time when most trojans are sleeping.

Once in Windows, use Avast within Windows to do another scan.

Answer 3

First, you need good anti-virus software - download, install and update AVG anti-virus (it's free for personal use) - you can find it here - http://www.malwaresolutions.com/tools_anti_virus.html

Then remove your System Restore points (viruses love to hide in the System Restore files), but be aware that if you do remove your existing Restore Points you will not be able to "roll back" your computer to a previous configuration. To find out how to disable System Restore see this page - http://www.malwaresolutions.com/disabling_system_restore.html

Just to be sure you don't have other malware on your computer I recommend that you download SpyBot Search & Destroy and Adware - both are free spyware/adware detection and removal software. They can be found here http://www.malwaresolutions.com/tools_spyware.html

Next, start the computer in Safe Mode - (as the comptuer is starting up, keep tapping the F8 key on your keyboard until you see a special start-up menu) - more on how to start in Safe Mode here - http://www.malwaresolutions.com/how_to_start_in_safe_mode.html

Using AVG - run a full system virus scan while in Safe Mode

After the viruses have been detected and removed, run SpyBot and AdAware (full system scans) then restart the comptuer, enable System Restore again and enjoy a virus-free computing experience.

If the problems are still there, try using MSCONFIG to help figure out how to manually disable the Trojan from starting up - see more about MSCONFIG here - http://www.malwaresolutions.com/how_to_use_msconfig.html

Check out this page for more information on what viruses are - http://www.malwaresolutions.com/what_is_a_virus.html, and this page for how to remove them - http://www.malwaresolutions.com/how_to_remove_viruses.html

For those of you who don't have AVG Anti-Virus yet, go here - http://www.malwaresolutions.com/tools_anti_virus.html

One other thing you can do is to help prevent malware from getting on your machine is to use a more secure web browser (not Internet Explorer, get rid of AOL) such as Mozilla FireFox - http://www.malwaresolutions.com/tools_browsers_firefox.html

To help protect against malware you should install a firewall, Zone Alarm works perfectly well and is free - you can find Zone Alarm and other free firewalls here - http://www.malwaresolutions.com/tools_firewalls.html

Also, don't forget to keep Windows up-to-date - using Microsoft Windows Update!

Answer 4

First use Windows Live OneCare, run a full scan, then WLOC will clean it or remove it.

Answer 5

1st backup ur all data and upgrade ur windows then ur computer has fast speed. if u don't know how do to upgrade pc plz visit
http://www.microsoft.com/windowsxp/using/setup/upgrade.mspx

Answer 6

You can find detail informations and the way of getting rid of it at http://www.fixit.in/antivirus.html

Answer 7

This is the best advice money can buy, your gratitude is appreciated(you're welcome).
Hijack this is to be used as a last resort!!
Follow these steps and it will remove all viruses and malware/spyware from your computer. It will also make your computer run faster.
.
•I know this procedure looks long, but much of this is explanatory text to help less experienced people.
•Please do not cheat by skipping any steps. You are only hurting yourself if you do. And you will waste more time. The goal is to get your PC fixed. Completing the steps in this generic guide may or may not resolve all of your malware problems, but in all cases it gets your PC into a known state to help make it easier for me to fix your problems. After completing all steps, if you still need help, please send a new question. You may have a problem trying to run steps in safe mode on user accounts that have limited priviledges. This will only be on Windows 2K, XP, & 2003 systems. Limited user accounts will not show when you boot into safe mode. You have two options, run the steps in normal boot mode which may not work to remove malware, or you can temporarily change the user account to an admin account and then complete the steps.
•0: Preliminary House Cleaning & Setup

Unistall Malware thru your computers Add?Remove program.
You MUST be sure that MSconfig is not being used to control Startups. Note: That some Window's OSs (like Win 2K) do not have MSconfig!
•MSConfig Startup Mode
Please go to Start > Run > type msconfig and click OK!
Select the General tab and select Normal Startup.
Thenclick Apply and OK and reboot PC before continuing.
Remain in this Normal Startup mode while your PC is being cleaned of malware.
1: Secondary House Cleaning

This second step of house cleaning may save a load of time later .
•Empty any quarantine folders for antivirus and antispyware applications. Make sure you do this. Logs could be huge otherwise. If you are a Symantec/Norton user make sure you empty their Norton Nprotect folder guarding the Recycle Bin. Empty your Recycle Bin
•Download and install CCCleaner
•MAKE SURE you download and avoid getting the Yahoo Toolbar version. I do not want you to install any unnecessary baggage.
•Also it is recommeded to login to all other User Accounts on the PC including the Administrator account which will only show when you boot in safe mode. Run CCleaner on each account. This can greatly reduce scan time and log sizes from the later scanning you will do below.
2: Enable viewing of hidden files, system files and file extensions

Some programs hide themselves by making their files invisible in normal Windows settings. Not doing this would allow file extensions commonly used by trojans and spyware to be hidden, for example a file ending in .exe or dll making manually finding it, if needed, difficult to impossible.


3: Do not use Multiple Antivirus Applications or Software Firewalls
•Antivirus: If you have multiple antivirus applications installed on your PC, please choose the one you prefer and uninstall all others. Do this now before continuing because you will only be asked to do it later if not done now. This does not mean online scanners. It is only referring to full antivirus applications like McAfee, Symantec, AVG, Avast, AntiVir, Kaspersky, etc.
•Firewall: Only use one software firewall. Running multiple software firewalls is unnecessary and using more than one software firewall on the same connection could cause issues with connectivity to the Internet or other unexpected behavior including excessive use of system resources which will slow down overall PC performance.
4: Downloading Tools

Download the following tools and save in your favorite download folder or create one, for example C:\Spyware Tools or C:\Downloads. ( It is not a good idea to download them to any folder within C:\Documents and Settings.) And then install, update, and configure as indicated below. Do not run the scans until later when indicated. Also DO NOT confuse the word download with the actual installation of the program. You should install all programs to their recommended (by the install program). default installation folders. First you download the files and then you install (if the program requires installation) the program. It is also a bad idea to download and save anything you need into any kind of Temp folder. Malware hides in Temp folders and standard cleaning practices will delete everything from Temp folders.

Download GetRunKey.Zip and ShowNew.Zip from the below links and extract all files from both ZIP files into a folder of their own. You can extract both ZIP files into the same folder. Like C:\MGTools While these tools will run from your Desktop, i strongly recommend that you DO NOT extract them to your Desktop. Please install them where recommended. Do not run the scans yet!!!


SpyBot - Search & Destroy
•PLEASE leave all settings at default!!!! Install, do the search for updates now and get any updates, then fix the below problem with Spybot default products. If you get an error message about "bad checksum" when trying to update, just choose a different server location. Also look for the Immunize feature in Spybot and use it. Do not use the Teatimer function. It can be a resource hog and also makes removal of certain problems more difficult. Make sure you leave the SDhelper ( IE bad download blocker) checked to install (this is the default).
•Fixing SpyBot's Ignore Products Bug: Please run SpyBot and get into the Advanced mode by selecting Mode and then Advanced mode. Then select Settings and the in the left column select Ignore Products. In the right window pane make sure the All products tab is selected. Then in that window, right click your mouse and choose "Deselect all". Now exit Spybot. We will run a scan later.
Now if running Windows XP, 2K or NT do the below. If you have Windows 95, 98, or ME skip to Downloads for Older Windows OS below. CounterSpy and AVG Antispyware will no longer run on the older Windows's OS.

CounterSpy

•If you had previously used a CounterSpy trial, you may not be able to run it again. If this is the case, then run the below AVG Antispyware Removal procedure and attach the log later.
AVG Anti-Spyware
•Only run the AVG Anti-Spyware procedure if you could not run CounterSpy. You do not need to run both of these.
Note: If you are using an older Windows OS you may not be able to run some of the above tools! So if you are running Windows 95, 98, or ME run SUPERAntiSpyware and save a log from it so you can attach it. This step is not required if you are running Windows XP, 2K or NT) HOWEVER, no matter what OS you are running, if you could not run CounterSpy or AVG Antispyware then run SuperAntiSpyware.


5: Cleaning Malware


Important Note Before continuing with the below scans:

The best method to remove malware is to do it after booting in Safe Mode with no connection to the internet possible and no browsers running. Booting in safe mode is important because best results are achieved since safe mode disables most drivers and running programs. If you cannot boot in safe mode due to the malware problem then run the scans in normal boot mode but make sure you tell us later in any messages you post.

Thus you will need to print or save these instructons locally in a text file so you can refer to them while offline. Do this before continuing!
•Reboot into safe mode
•Physically unplug your cable to the internet (even if you have dial-up, unplug modem)
•Shut down ALL unrequired applications including browsers
•Run Ccleaner with the default options to clean out temporary files. Only use the Default Scan on the Windows Tab and select Run Cleaner. Do not run any other options from other tabs.
•Run Spybot Search & Destroy and allow it to fix all that it finds. Make sure you use the Immunize feature and use the SDHelper function but do not use Teatimer.
•For Windows XP, 2K and NT users
•Run CounterSpy - Make sure you have it Quarantine all detections! Also attach the log from CounterSpy later if you still have problems. To get the log after scanning. Click View -> Spyware Scan -> View Spyware Scan History. Next click on the scan you want to view, then click view full details of scan. Right-click anywhere in the window that just opened, click on Select All, right-click again select Copy. Now open notepad and right-click anywhere in notepad and select Paste. Now Save As CounterSpy.txt. If you could not run CounterSpy for any reason, run the steps in the following link for AVG Antispyware Running AVG Anti-Spyware and allow it to fix all that it finds. Save the log as requested and attach it later if you still have problems and have to post a message requesting support.
•For Windows 95, 98 and ME users
•you should now run SuperAntiSpyware
6A: Online Virus And Trojan Scanning

Please run the below two online scanning tools and make sure you save and attach the logs later to any request for help that you post. From step 5 you should already be in safe mode but you will need to reconnect your cable now and possibly reboot and choose Safe Mode with Networking Support. If you cannot connect in safe mode for any reason (like dial-up users), run the online scanners in normal boot mode. You will need to use Internet Explorer to run these online scans. Also MAKE SURE YOU HAVE THE LATEST SUN JAVA Version installed by checking against the below link which normally has the most current version. This may help prevent some problems in trying to get these online scanners to run. Before installing the current version, you should uninstall all previous versions first!!!!


*** MAKE SURE YOU RUN BITDEFENDER BEFORE PANDA ACTIVE SCAN ***
*** But if Bitdefender cannot be run then run PandaActiveScan anyway ***


Bitdefender agree to the license and then select Scan. DO NOT CHANGE THE OPTIONS TO SHOW ALL FILES SCANNED. Once Bitdefender completes the scan:

Click-on the Detected Problems tab. When the window comes up to save the report, change the Save as type: box to Text (Tab Delimited) (*.txt) and then in the File name box enter change to bdscan then click save. This will save a file named bdscan.txt in whatever folder you are currently in when you save the file (take notice of where you are at so you can find it later). This bdcan.txt file will actually contain HTML code that i can easily view later while reviewing your log. All i have to do is rename the file to bdscan.html.

If you do not follow these step, you will have an incorrect log or worse a log summary which is useless to me.

Panda ActiveScan It will only fix certain viruses and trojans. Most items found will not be fixed. When it finishes the scan click on See Report . Then in the next window click Save Report. The default report name is Activescan.txt. Just save it where you can find it so you can attach to your message when you begin a thread with a request for help. If you have any problems trying to get a PandaActiveScan log,If you use Avast antivirus and it gives you and error like below when trying to use Panda, just disable Avast while your run the scan. The error is a false positive. See the below link for more info.
Do the following and see what happens......