Here's how to remove it:
Step 1: run the task manager or simply press CTRL+ALT+DEL..
Step 2: End the following process:
password_viewer.exe or bar311.exe or photos.zip.exe
Step 3: The Virus have an entry in the registry, we should modify the entry in order to delete the virus. We will use regedit, Click on START then RUN then type regedit...
Step 4: Now that regedit is popout, we will start to modify. Go to
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
WindowsNT\CurrentVersion\Winlogon
Step 5: In the userinit entry right click and modify
you will notice the value, userinit.exe,bar311.exe
remove the ,bar311.exe. "DO NOT DELETE userinit.exe"
Step 6: Go to:
HKEY_CURRENT_USER\Software\Microsoft\Windows\ CurrentVersion\Explorer\Advanced
delete the ff. entries
"Hidden"=dword:00000001
"HideFileExt"=dword:00000000
"ShowSuperHidden"=dword:00000001
Step 7: Go to:
HKEY_CURRENT_USER\Software\Microsoft\Command Processor
in the autorun entry,
delete "c:\Windows\pc-off.bat" or delete the autorun key
Step 8: Now we will remove the autorun.inf, heres how...
Open a notepad then paste this codes
@echo off
c:
attrib autorun.inf -h -r -s
del autorun.inf -h -r -s
d:
attrib autorun.inf -h -r -s
del autorun.inf -h -r -s
del /a /f c:\Windows\bar311.exe
del /a /f c:\Windows\password_viewer.exe
del /a /f c:\Windows\photos.zip.exe del /a /f c:\Windows\pc-off.bat
Save the file as removeWinzip.bat then run, this will remove the virus
Hope this will help.. Have Fun, deleting virus...
THANKS TO SEPIROTH OF HUBPAGES.COM
Sunday, August 31, 2008
Subscribe to:
Posts (Atom)
