well i have a virus that alters win.ini and other files so it loads itself when i boot, even in safe mode, there are two of them that came together at the same time they are:
a)win32.opaserv.worm (with different letters between opaserv and worm)
b)win32.protoride.worm (also with different letters between protoride and worm)

i have ATTEMPTED using over 5 different removal tools and yes i did DISABLE system restore while i used the removal tools. i have tried different methods of restoring string values in regedit but when i went to replace the suposedly INFECTED values they were exactly what they were supposed to be.
i need help badly i am open to any suggestions or methods or anything because its really messin my puter up, randomly freezes and cant go to any website with an unsecure connection, msn freezes, asks me to download my HOMEPAGE when i go onto internet, and when i shut down it says if you continue you will DISCONNECT "some weir name" do you wish to continue?
i am in desperate need of help plzzzzzzzz find a way to end it all.Hi,
When I hunt these things down, I do the following:
(1) Ctrl-Alt-Del (task manager)= see if anything there is or has some relationship to what I'm looking for. In your case it will be "opaserv" and "protoride".
(2) Then I go to msconfig (startup) and look for the same there and un-check it.
(3) Next I scope out the add/remove programs and look for anything similiar there.
(4) Finally, I go to both Hkey_Local_Machine and Hkey_Current_User and do the following steps: Software,Microsoft,Windows,CurrentVersion, Run, Run Once and look for the same there.

I do all the above before I try any removal tools. At times I have peeked in Windows Explorer. If you find yourself in doubt for example what the things listed in Ctrl-Alt-Del are, go to www.answersthatwork.com and click on tasks list. If you need more info on programs go to: www.windowsstartup.com....Keep us postedHi,
Disregard my previous email for now...Go to the following site; www.trendmicro.com/vinfo and you will see where it says virus search, type in "opaserv" and after that type in "protoride" and you will get all the info you need on them. When you type those in, as a reminder do so without the quotes...Good luckInteresting, I'm gonna try this next time I get a problem.
Thanks for the info.