Categorii

Remove W32.Rontokbro.B@mm

A few steps to Remove W32.Rontokbro.B@mm

1. Disable System Restore (Windows Me/XP).

2. Restarted your computer in Safe mode

3. In safe mode run xp_secconsole.exe and in Windows explorer > uncheck
Disable Folder Options then in System Security > uncheck Disable
Regedit after that exit that application.

xp_secconsole.exe can be download from
http://www.dougknox.com/xp/utils/xp_secconsole.zip

4. Delete the following files:

%UserProfile%\Local Settings\Application Data\csrss.exe
%UserProfile%\Local Settings\Application Data\inetinfo.exe
%UserProfile%\Local Settings\Application Data\lsass.exe
%UserProfile%\Local Settings\Application Data\services.exe
%UserProfile%\Local Settings\Application Data\smss.exe
%UserProfile%\Local Settings\Application Data\winlogon.exe
%UserProfile%\Start Menu\Programs\Startup\Empty.pif
%UserProfile%\Templates\A.kotnorB.com
%Windir%\inf\norBtok.exe
%System%\3D Animation.scr

Note:
%System% is a variable that refers to the System folder. By default
this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32
(Windows NT/2000), or C:\Windows\System32 (Windows XP).
%Windir% is a variable that refers to the Windows installation folder.
By default, this is C:\Windows (Windows 95/98/Me/XP) or C:\Winnt
(Windows NT/2000).
%UserProfile% is a variable that refers to the current user’s profile
folder. By default, this is C:\Documents and Settings\[CURRENT USER]
(Windows NT/2000/XP).

Delete the directory:

%UserProfile%\Local Settings\Application Data\Bron.tok-3-3

5. delete the scheduled tasks added by the worm

Click Start, and then click Control Panel. (In Windows XP, switch to
Classic View.)
In the Control Panel window, double click Scheduled Tasks.
Right click the task icon and select Properties from pop-up menu.
The properties of the task is displayed.
Delete the task if the contents of the Run text box in the task pane,
matches the following:

%UserProfile%\Templates\A.kotnorB.com

Note that if you use removable storage media, it’s sure that device
will be with that virus. So what you can do is here. Folder Options >
click View All file and folder and Click System file and folder. And
view your device there will be some virus files in your device. Just
give them SHIFT + DELETE. There you go, happy, your system is clean
now. Thanks for reading this.


Sursa
2009-01-31 16:31:26



Comenteaza





Ultimele 25 posturi adăugate

06:05:00POEME —» Leo Butnaru
13:33:00Arcadie Zaporojanu face azi 60 de ani! —» Sandu GRECU
13:08:00Life happens. —» Ghiocika
11:30:09Muzicologul Efim Tcaci —» Biblioteca de Arte 'Tudor Arghezi'
10:49:00A fi istoric! —» Biblioteca de Arte 'Tudor Arghezi'
10:28:04Dieta digitală —» Jurnal A.
06:38:00DESPRE LUCRURI VESELE —» Leo Butnaru
20:46:00Energie economisită, facturi reduse: măsuri de eficiență energetică adoptate de locuitorii Chișinăului pe timp de iarnă ☃️❄️ —» Sandu GRECU
16:30:00Impactul facturilor la energie asupra chișinăuienilor: Metode de economisire și rolul educației tinerilor —» Sandu GRECU
14:12:00Sport, comunitate, performanță. Kaufland devine Partener Principal Echipa Țării și Partener Oficial FMF ⚽️ —» Sandu GRECU
12:38:00Cât costă turismul olimpic. Ministrul care va face pușcărie. Incendiar. Gheorghiu 🔥🔥🔥 —» Sandu GRECU
04:40:00RACURSIU —» Leo Butnaru
14:47:32Canto academic la Chișinău —» CHIŞINĂU MUZICAL | Blogul Bibliotecii de Arte "Tudor Arghezi"
11:18:00FLORILEGIU DIN FLORILE DALBE —» Leo Butnaru
07:41:00Circomvoluțuni —» Andrei LANGA. Blogul personal
07:41:00Circomvoluțuni —» Andrei LANGA. Blogul personal
07:33:55Invazia rusească în Ucraina trece în anul V —» Curaj.TV | Media alternativă
18:41:38ARGHEZI: „Vecia închisă” a lui Eminescu —» Biblioteca de Arte 'Tudor Arghezi'
14:56:00Eden —» Andrei LANGA. Blogul personal
13:03:00Cum implementează Loteria Națională a Moldovei programul „Joc Responsabil” ☝️ —» Sandu GRECU
16:04:08UPD: Chișinăul și Kievul încearcă să detensioneze conflictul comercial —» Fine Wine
14:25:38Despre rezonanța muzicală a versului —» CHIŞINĂU MUZICAL | Blogul Bibliotecii de Arte "Tudor Arghezi"
14:25:38Despre rezonanța muzicală a versului —» CHIŞINĂU MUZICAL | Blogul Bibliotecii de Arte "Tudor Arghezi"
11:34:12Crama Mircești lansează vinurile din roada 2025 —» Fine Wine
09:28:00DIN STRICTUL NECESAR —» Leo Butnaru