This is a very frustrated virus, its a antivirus looking that block almost everything on ya pc, you can't even open task manager to end the proses, now this is how u get tha virus: u get a backdoor kind of malware than it uses some sites to pop some kind of online scanning telling you that you are infected and than it pops a download file, please ignore it just close the window and get a system scan(pc tools, registry booster) if it's too late, follow these steps to delete it...
1st u need to boot in safe mode with no internet connection next right click on the desktop icon go to properties and click find target or find folder location, than you just delete all that, after that get a full system scan to repair the damaged files...(best way is to back up files, format and reinstall a clean windows after these steps) the files are numbers some times like these:3417217364 or 587474, but there is lot more..
Enjoy!
Friday, July 30, 2010
Saturday, July 10, 2010
XP: how to instal the recovery console on ya drive
start ya pc and insert the WXP cd
go to start click on run
type in c:\i386\winn32.exe /cmdcons
follow the instructions
each time you start ya pc it will ask if you want to use the recovery console or go to windows
go to start click on run
type in c:\i386\winn32.exe /cmdcons
follow the instructions
each time you start ya pc it will ask if you want to use the recovery console or go to windows
autorun.inf virus(hidden file)
This is a common virus in ya drives it copy itself in all ya drives, usb, cellphones, cameras so if you have this on ya pc, means everything that was plugged in ya pc is infected, follow these steps to remove...
go to start click run type cmd than enter
type cd\ than enter
to view the virus type in dir /ah you see autorun.inf and a number on its left
type attrib -h -r -s autorun.inf than enter
type del autorun.inf than enter
type md autorun.inf than enter
thats it, remember never remove the folder that was created
note that you need to boot in safe mode than follow the steps above to remove from usb flashs(to go to a flash simply type cd\ enter than e: enter or f: etc
in some cases you can kill the explorer.exe from task manager but i recomend to booth in safe mode, try also killing ctfmon.exe before removal if it fails
go to start click run type cmd than enter
type cd\ than enter
to view the virus type in dir /ah you see autorun.inf and a number on its left
type attrib -h -r -s autorun.inf than enter
type del autorun.inf than enter
type md autorun.inf than enter
thats it, remember never remove the folder that was created
note that you need to boot in safe mode than follow the steps above to remove from usb flashs(to go to a flash simply type cd\ enter than e: enter or f: etc
in some cases you can kill the explorer.exe from task manager but i recomend to booth in safe mode, try also killing ctfmon.exe before removal if it fails
svchost.exe (usb or other drives)
If you see a file in ya usb flash that's called svchost it's 100% a virus even if you delete it it will come back,so u would need to follow these manual steps to remove and prevent it to copy itself in ya usb drives:
go to start click run than cmd to open the command prompt do this with ya usb plugged
before u follow the nexy steos do this, open a note pad or write in ya browser: md svchost.exe and copy it....
type in command promt cd\ than enter
type f: than enter ( you can do so with e g etc)
type attrib svchost.exe -s -h -r -a than enter
type del svchost.exe note that you need to be very quik on the next step or the virus copy itself back
right click and paste md svchost.exe right after you delete it so it can't copy it's self back in ya drive, repeat this with ya other drives to remove the virus
Note to see the svchost.exe u need to enable view hidden files or go to command prompt type in the drive you want to check and type in dir /ah to view hidden files.
go to start click run than cmd to open the command prompt do this with ya usb plugged
before u follow the nexy steos do this, open a note pad or write in ya browser: md svchost.exe and copy it....
type in command promt cd\ than enter
type f: than enter ( you can do so with e g etc)
type attrib svchost.exe -s -h -r -a than enter
type del svchost.exe note that you need to be very quik on the next step or the virus copy itself back
right click and paste md svchost.exe right after you delete it so it can't copy it's self back in ya drive, repeat this with ya other drives to remove the virus
Note to see the svchost.exe u need to enable view hidden files or go to command prompt type in the drive you want to check and type in dir /ah to view hidden files.
Subscribe to:
Posts (Atom)