W32 stration dr virus

All the sites I have just looked at say that updating your antivirus and running a full scan is enough.

Good luck. Using Symantec scan full system. Then locate the infected files and delete them all manually. If you can't delete, rename the file. It is a mass mailer, of a general type of family. I agree with earlier poster, reboot to safe mode, make sure you have latest definitions, then a full AV scan will fix it. If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem.

Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

Please note: Do not post advertisements, offensive material, profanity, or personal attacks. Please remember to be considerate of other members. All submitted content is subject to our Terms Of Use.

General discussion. I have tried to delete it with my Symantec Antivirus, but each time i restart my computer, then it will prompt back again and again. I have tried different methods, but seem to be useless. You should also run a full scan. A full scan might find other hidden malware. This threat might change the contents of your Hosts file. You can reset it to the default:.

This threat might make lasting changes to your files that won't be restored when it is detected and removed. You might need to restore the infected files from a backup. You can also see our advanced troubleshooting page or search the Microsoft virus and malware community for more help. BN might be downloaded and installed by other malware. File infection. BN infects. EXE and. SCR files, hence actions such as copying or viewing files with Explorer , including on shares with write access will result in files being infected, and the virus spreading from PC to PC.

The virus injects its own code into a system process such as " explorer. DLL :. Thus, every time an infected process runs, so does the virus. When you open an HTML file, the browser connects to this server without you knowing. The HTML page hosted at this location attempts to exploit a number of different vulnerabilities browser-based and program-specific vulnerabilities in order to run a copy of the virus. The virus also modifies the local machine's Hosts file, redirecting the domain " zief. Allows backdoor access and control.

Should this fail, it instead attempts to connect to " proxim. It contains functionality to download and run files on your PC.