Sunday, 1 August 2010

REMOVE NEW FOLDER,REGVR,AUTORUN.INF VIRUS

Here is The Best way to Remove the Virus Manually When your Antivirus Fails:

# Search for autorun.inf file. It is a read only file so you will have to change it to normal by right clicking the file , selecting the properties and un-check the read only option

# Open the file in notepad and delete everything and save the file.

# Now change the file status back to read only mode so that the virus could not get access again.

# Now Follow the Steps Below, and do as said,

First Step:
# Click start->run and type msconfig and click ok
# Go to startup tab look for regsvr and uncheck the option click OK.
# Click on Exit without Restart, cause there are still few things we need to do before we can restart the PC.
# Now go to control panel -> scheduled tasks, and delete the At1 task listed their.

Second Step:

    * Click on start -> run and type gpedit.msc and click Ok.
    * If you are Windows XP Home Edition user you might not have gpedit.msc in that case download and install it from Windows XP Home Edition: gpedit.msc and then follow these steps.
    * Go to users configuration->Administrative templates->system
    * Find “prevent access to registry editing tools” and change the option to disable.
    * Once you do this you have registry access back.

Third Step:

    * Click on start->run and type regedit and click ok
    * Go to edit->find and start the search for regsvr.exe
    * Delete all the occurrence of regsvr.exe; remember to take a backup before deleting. KEEP IN MIND regsvr32.exe is not to be deleted. Delete regsvr.exe occurrences only.
    * At one ore two places you will find it after explorer.exe in theses cases only delete the regsvr.exe part and not the whole part. E.g. Shell = “Explorer.exe regsvr.exe” the just delete the regsvr.exe and leave the explorer.exe

Fourth Step:

    * Click on start->search for files and folders.
    * Their click all files and folders
    * Type “*.exe” as filename to search for
    * Click on ‘when was it modified ‘ option and select the specify date option
    * Type from date as 1/31/2008 and also type To date as 1/31/2008
    * Now hit search and wait for all the exe’s to show up.
    * Once search is over select all the exe files and shift+delete the files, caution must be taken so that you don’t delete the legitimate exe file that you have installed on 31stJanuary.
    * Also selecting lot of files together might make your computer unresponsive so delete them in small bunches.
    * Also find and delete regsvr.exe, svchost .exe( notice an extra space between the svchost and .exe)

Fifth Step:

    * Now do a cold reboot (ie press the reboot button instead) and you are done.

 Enjoy....................

Subscribe to this Blog via Email:

Click here to Subscribe to FREE email updates from "Tricks and Tips", so that you do not miss out anything that can be valuable to you and your blog!!

0 comments:

Post a Comment