Hi, I was wondering if you could help answer my question. I clicked on a link, downloaded this accidentally, and got a message right away from Norton saying: Norton Antivirus has detected a virus on your computer. Object Name C:\Do...\extremecheaterv345[1].exe Virus Name Backdoor.Prorat Action Taken Unable to repair this file. I click ok and then this message pops up. Norton Antivirus has detected a virus on your computer. Object Name C:\Do...\extremecheaterv345[1].exe Virus Name Backdoor.Prorat Action Taken Access to the file was denied I never opened this .exe and deleted the file but do not understand what the action taken means. Does it mean: A. Access of the file to my computer was denied so I don't have a virus, or B. Norton was denied access to the file and now I am infected. Please reply asap. Thank you, Scott King

Go here and print out the instructions, then do as Norton advise... http://securityresponse.symantec.com/avcenter/venc/data/backdoor.prorat.html Learn How To GOOGLE! Here

I've been there already but dont want to do that unless I am for sure that there is a virus still on my computer. I ran a scan on the whole computer and it shows nothing. I also deleted the file before opening it. Don't you actually have to open the .exe to infect your pc?

That message from Norton means that it detected the virus and deleted it before it could infect your system. Under "Histories" check "Virus History" to see what action it too. If it was quarantined and not deleted you can delete it manually: click on "View" and then "Quarantine". Select any entries there, right click, and select "Delete Permanently". Sounds like Norton was set to delete so it's probably already gone.

Probably is a bad word when it comes to viruses..."Action Taken Access to the file was denied" means norton attempted to clean the file delete the file and quarantine but it failed because it couldnt get access due to the file being used by a process. The following could be infected: %System%\Main.exe %System%\Loader.exe %System%\Msmsg.exe %System%\Winserv.dll %System%\Fservice.exe %System%\Sservice.exe %Windir%\Winlogon.exe ________________________________________ These are the registry entries you need to search using regedit(Run on start menu) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ Policies\Explorer\Run HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5Y99AE78-58TT-11dW-BE53-Y67078979Y} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ____________________________________________ Delete these values if found in the previous registry entries ( you must search each one for the following) "MSNMESENGER"="%System%\Main.exe" "DirectX for Microsoft Windows"="%System%\Fservice.exe" "DirectX for Microsoft Windows"="%System%\Sservice.exe" "StubPath"="C:\Windows\system\Sservice.exe" ____________________________________________ Last step...very easy just go to this entry and modify its value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon The value MUST look like this "Shell"="explorer.exe" NOT this "Shell"="explorer.exe %System%\Fservice.exe" Then try a scan using your antivirus s--- happens....so fix it

That last response is a total of about 10-15 minutes of work at the most s--- happens....so fix it