How to Remove Backdoor.Rohimafo?
# This article How to Remove Backdoor.Rohimafo Virus is an article in Spyware Removal Instructions, the original author is Security-Wire.com .You can read more information in the following:
Backdoor.Rohimafo information:
Backdoor.Rohimafo is a Trojan Horse that opens a backdoor for vairous malware. Backdoor.Rohimafo runs silently in the background and doesn’t pop up security alerts. It can disable many antivirus and antispyware programs so as not to be detected. Once infected, users’ computer will get infected by more and more Trojans and spyware. What’s worse is that it collects users’ private information, such as credit card passwords.
Manual Removal
Note: If you are not proficient with computer, it’s suggested that you backup your registry before manually removing Backdoor.Rohimafo. And double check the entries that you are going to delete, or your computer can’t work for missing some files.
Step 1. Temporarily Disable System Restore.
Step 2. Reboot computer in SafeMode.
Step 3. Delete the following registry entries.
Navigate to and delete the following registry entries:
HKEY_CURRENT_USER\Software\Microsoft\Windows\cCurrent Version\Run\”FileSystem” = “%SystemDrive%\system32\[RANDOM CHARACTERS].exe”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\”option_1″ = “[DWORD VALUE]”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\”option_2″ = “[DWORD VALUE]”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\”option_3″ = “[DWORD VALUE]”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\”option_4″ = “[DWORD VALUE]”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\”option_5″ = “[DWORD VALUE]”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\”option_6″ = “[DWORD VALUE]”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\”option_7″ = “[DWORD VALUE]”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\”option_8″ = “[DWORD VALUE]”
Restore the following registry entries to their previous values, if required:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\Current Version\Winlogon\”userinit”= “%Windir%\system32\userinit.exe,%SystemDrive%\system32\[RANDOM CHARACTERS].exe,”
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Shared Access\Parameters\FirewallPolicy\StandardProfile\GloballyOpen Ports\List\”15425:TCP” = “15425:TCP:*:Enabled:15425″
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip \Parameters\Persistent Routes\”[NETWORK ADDRESS],255.255.255.0,[GATEWAY],1″ = “”
Step 4: Reboot your computer.
Automatic Backdoor.Rohimafo removal:
1. Restart your computer and keep pressing F8 Key before Windows launches. Use the arrow keys to select the “Safe Mode with Networking” option, and then hit ENTER Key to continue.
2. Download Backdoor.Rohimafo Virus Remover, install it and update its database to the latest. After that, restart your computer so as to make Backdoor.Rohimafo Virus Remover fully functional. Repeat Step 1 into Safe Mode and run an Online Scan of your computer so that Backdoor.Rohimafo Virus Remover can detect all potential malware in your system.
NOTE: If you have problem installing Backdoor.Rohimafo Virus Remover, you can download this correction script, unzip it and then double click to run it. It will correct your registry settings that the virus has modified. Then double click the program and finish the installation.
3. After the Online Scan finishes, click “Details” for the malware detected to make sure that your important data are not infected and removed. Ignore or select the scan result and click “Remove” to remove the threats. Reboot your computer and let Backdoor.Rohimafo Virus Remover delete all detected virus.
4. Click to repair your corrupted registry
Why should you need to repair the registry?
As we all know, virus and Trojans modify and destroy system registry and make the computer malfunction so that the computer will not perform normally. Even if the virus and Trojans are removed, the registry is still destroyed or modified, so the computer still has problems. That’s the very reason why you need to repair the registry. At the meanwhile, some virus and Trojans leave some DLL files in the registry and this will cause strange DLL errors and affect the computer performance.
To make your computer run as perfectly as before or much faster than before:
1. Download and install Multi-Awarded Registry Tool.
2. Run a full scan of your registry.
3. Click “Repair Problems” and repair all errors detected.
After these 3 easy steps, your computer will run much faster than before within minutes!
No related posts.
Tweets that mention Step by Step Remove Backdoor.Rohimafo Guide | Spyware Removal Guides -- Topsy.com on April 28th, 2010
[…] This post was mentioned on Twitter by Tom Lee. Tom Lee said: Remove Backdoor.Rohimafo http://security-wire.com/04/how-to-remove-backdoor-rohimafo.html […]