Here is some Instruction which you shoud follow after a Fresh reboot or in safe mode.
1) First go to the problem drive(s) through the Explore option.
2) Click TOOLS -> FOLDER OPTIONS.
3) Click the button which says "Show hidden files and folders".
4) UNCHECK the following boxes:
Hide extensions for known file typesHide protected operrating system files
5) Find and delete the autorun.ini file and the resycled folder on the root directory of all affected drives.
6) Check whether “c:\windows\system32\dllcache” for boot.com file and delete it if there is.
7) Check Whether “c:\windows\prefetch” for boot.com file and delete if if there is.
8) Delete all files and folder from c:\windows\temp
(If some files may not delete, it's ok, they’re in use by the system and not virus files.)
9) Delete all files and folder from c:\Documents and Settings\[USER PROFILE]\Local Settings\Temp
(Again, some files may not delete, don’t worry.)
10) Now,go to Run -> Regedit.
11) Make sure you are at the very first entry of the registry hive. (your Computer should be highlighted) then click EDIT -> FIND
12) Search for “boot.com”. If it finds an entry, delete it. Keep hitting F3 until you’ve deleted all instances of boot.com in the entire registry.
13) Scroll the left comumn back up to the top and hilight the My Computer again at the top of the registry hive.
14) Click Edit -> Find again and search for ‘resycled’ and repeat as in step 13, deleting the entries as it finds them. (I found 2 of each)
15) Close registry editor and try opening the infected drives. They should work now.
Ok have a nice day.............
Saturday, March 7, 2009
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment