How to Remove Virus shortcut Harry Potter

How to Remove Virus shortcut Harry Potter ?
Searched on facebook friend complained that her computer was attacked Shortcut virus, a type virus harry potter, there is no harm in me trying to give a little review and how to eradicate this virus.
Your computer (Windows XP with this particular) have a virus / malware folder shortcut harry potter ... lnk, microsoft, new folders steps Insha Allah I will give below can help overcome them.

According to my analysis of how the virus / malware is as follows:


* Virus / malware will put the file database.mdb, thumb.db, Autorun.inf, folder shortcut harry potter .... Lnk, folder shortcut microsoft, new folders and shortcuts on my document folder.
* Virus / malware will enable the file wscript.exe and thumb.db files residing in the folder windows system32 folder to run database.mdb files on my document.
* Shortcut folders had to be linked to files thumb.db.
* If you open this shortcut folders it will activate the file and the file wscript.exe thumb.db and will create a duplicate of an existing shortcut folder on your computer, thumb.db file and the autorun.inf file on all drives C.
* If your computer is virus / malware was then the whole drive C: you will have duplicate an existing shortcut folder on your computer, thumb.db file and the autorun.inf file. A scan will also drive, CD ROM, flash and your network as a medium of spreading the virus / malware.

There are two methods to remove the virus.

Method 1 by using an updated antivirus. Antivirus which can recognize the virus (author only has this antivirus 3), namely: 1. AVG: detected as VBS Worm. AVG will delete all the duplicate shortcut folders and files of the virus earlier.
2. Norton Antivirus 2009: detected as VBS Runauto. Norton will delete all files on drive C. thumb.db You can delete the Autorun.inf file and all copies of the shortcut folder manually.
3. Avira Antivir Premium: detect it as malware DR / Agent.JP.
4. Antivir will delete all files on drive C. thumb.db

You can delete the Autorun.inf file and all copies of the shortcut folder manually. Method 2 with the manual method. 1. Turn off System Restore.
2. Turn off the process wscript.exe virus using tools CProcess / CurrProcess (you can download via google). Run CProcess, search on name wscript.exe process tab then right click and click the kill procesess selected.
3. Open windows explorer, click tools menu options, folder options, view, click Show hidden files and folders, click / uncheck the Hide extensions for Known file types and Hide protected operating system files.Klik OK.
4. Open My Documents. Delete files database.mdb.
5. Click the Search button. Click All Files and Folders. In the All or part of the file name type: thumb.db, click on the Look in my computer. Delete all files that have been found. Repeat the steps above and delete all files that are found again.
6. Click the Search button. Click All Files and Folders. In the All or part of the file name type: Autorun.inf, click on the Look in my computer. Delete all files that have been found. Repeat the steps above and delete all files that are found again.
7. In step 6 actually a virus is gone or no longer active but there are still remaining duplicate shortcut folders created by virus / malware was.
8. If you want to eliminate them, you must be careful at all between the shortcut created by the virus with congenital shortcut on windows. Key features of the shortcut folders created by a virus that is when we appoint these folders will display a link from the shortcut that is in the direction Windows/System32. That we have to delete the shortcut.
9. How to find the folder shortcut: Click the Search button. Click All Files and Folders. In the All or part of the file name type: *. lnk, click on the Look in my computer. You should choose based on the characteristics of the shortcut folders created by the above virus.
10. You can delete the registry created by this virus using HijackThis tool. (Can download via google). Click Scan only and search system in the HKCU \ ... \ ... database.mdb, HKLM \ ... \ .... associated with windowsxp cd (I forget the name of its length, this is also for that but sometimes there are sometimes not), also HKCU \ ... \ .... disableregedit = 1. click the button fixed.
11. Now restart your computer. Actually if we do not delete the registry last (step 10) is not a problem, but at the time of restart windows will display two dialog boxes are essentially the first to find the file that we remove this database.mdb, who both asked to enter the cd windowsxp. click Ok aja uda ga problem. Then we'll likely regedit was disabled by a virus. This is also problematic if you ga ga brain often manipulated the windows registry. Method To counteract the virus comes back

This virus works if we click the new folder shortcut harry potter, microsoft. After we click the shortcut folder then he will find a file that is located in the folder wsript.exe windows system32 folder. With active wscritp.exe the virus will start spreading. So the key to active the virus is in the file wscript.exe. For that we have to turn off the road renaming wscript.exe.

The trick is:

1. Open windows explorer, click tools menu options, folder options, view, click Show hidden files and folders, click / uncheck the Hide extensions for Known file types and Hide protected operating system files.Klik OK.

2. Open the folder C: \ Windows \ system32 \ dllcache. Folder is a collection of backup files from the files in the System32 folder. Find the file wsript.exe then right click to rename eg wscriptx.exe. Then open the C: \ Windows \ system32, find the file then right click rename wsript.exe such a wscriptx.exe too.
Thus my explanation of the shortcut virus, may be useful

Related Post



43 komentar:

Link Tea said...

Ok sobat linknya dah saya pasang juga ya

jurug said...

great tutorials, but this tutorials same with me :D...

den Budi ! said...

@jurug :great blog with a tutorial as above, thank you for your visit
@ Linktea : thank you for your visit

yogi said...

I'm coming.
great blog,,
thx for visit my blog

galih maulana ardi said...

wahaha, icon webnya pake :bingung

den Budi ! said...

heheh..maksudnya klo ada sobat2 yg bingung bisa mencari solusinya di blog ini gitu...

Anonymous said...

Great web site. Plenty of helpful information here. I
am sending it to a few friends ans also sharing in delicious.
And certainly, thanks for your sweat!

my web blog: Ohio Movers

Anonymous said...

Hi, Neat post. There is a problem with your website in internet
explorer, could check this? IE nonetheless is the marketplace leader
and a large element of folks will miss your fantastic
writing because of this problem.

Here is my blog post golfsmith canada promotion code

Anonymous said...

Wow, wonderful blog structure! How lengthy have you been blogging for?
you made running a blog glance easy. The total look of your web site is wonderful, let alone the content!


My web site: golf clubs reviews irons

Anonymous said...

Yes! It operates additionally with a Lexmark E210 with this operation .
.. Thank you significantly! I'm extremely pleased to continuously use my printer!

Also visit my site ... xerox phaser 8560 driver

Anonymous said...

I've recently started a blog, the data you offer on this website has solved the problem tremendously. Appreciation for your complete time & work.

My web blog ... ,cheap earring Studs for women

Anonymous said...

It is appropriate time to make some plans for the future and it's time to be happy. I have read this post and if I could I desire to suggest you few interesting things or tips. Perhaps you can write next articles referring to this article. I desire to read even more things about it!

Look into my web site ... Avis binoa

Anonymous said...

I do accept as true with all of the concepts you've introduced for your post. They are very convincing and will certainly work. Nonetheless, the posts are too quick for beginners. May you please prolong them a bit from subsequent time? Thanks for the post.

My blog post ... Pilgrim jewellery website

Anonymous said...

Hey There. I found your blog using msn. This is a really well written article.
I'll be sure to bookmark it and return to read more of your useful info. Thanks for the post. I will certainly return.

My weblog: xerox 8560 driver

Anonymous said...

I loved as much as you'll receive carried out right here. The sketch is attractive, your authored material stylish. nonetheless, you command get got an impatience over that you wish be delivering the following. unwell unquestionably come further formerly again as exactly the same nearly a lot often inside case you shield this increase.

Take a look at my web blog :: xerox 8560 maintenance kit

Anonymous said...

I'm really enjoying the theme/design of your site. Do you ever run into any internet browser compatibility issues? A few of my blog visitors have complained about my site not working correctly in Explorer but looks great in Chrome. Do you have any suggestions to help fix this issue?

Stop by my site: public golf courses in kissimmee

Anonymous said...

Really wonderful, should try it today.

Feel free to surf to my web page :: xerox phaser 8560 toner

Anonymous said...

I've liked the page plus totally deeply in love with Polish With the Rough (with Diamond) ring. It can be soooooo pretty.

Here is my web page: web site

Anonymous said...

Hello arе using Wordpresѕ for your sіte platfoгm?
I'm new to the blog world but I'm trying to get startеd аnd set up my оwn.
Do you need anу coding knoωledge to make your own blog?
Any hеlp woulԁ be really apprесiаted!


Fеel free tο vіsit my web site: get on facebook

Anonymous said...

When someone writes an post he/she maintains the plan of
a user in his/her mind that how a user can understand it.

Therefore that's why this paragraph is perfect. Thanks!

Also visit my weblog :: xerox 8560 phaser

Anonymous said...

You should buy the ring at our store in Newtown

My page ... usjr.classrecord.com

Anonymous said...

Thank you so much for drivers. really useful site!

Here is my page; http://shelljewelry.org

Anonymous said...

Why visitors still use to read news papers when in this technological world everything is accessible
on net?

Stop by my weblog Private cloud

Anonymous said...

I'm extremely impressed with your writing skills and also with the layout on your weblog. Is this a paid theme or did you modify it yourself? Either way keep up the excellent quality writing, it is rare to see a great blog like this one nowadays.

Feel free to visit my homepage - miznaem.com

Anonymous said...

It's actually a cool and useful piece of information. I'm glad that
уou simply shareԁ this hеlpful info
with us. Pleasе stay us informed liκе this.
Thanks for ѕharing.

Нeгe is my web site: http://Dreamfc.net/

Anonymous said...

I am mot impressed with your guidance on making tags.

I am using the Open Workplace method. Can you recommend, I discover the
type is also near the edge of each label, when I do a test.
Can I relocate the text to the center of the tag?
Anticipate
hearing from you and I will certainly be visting you once more.


Look into my site; xerox phaser 8560dn

Anonymous said...

A fascinating discussion is worth comment. There's no doubt that that you ought to write more about this issue, it might not be a taboo subject but generally folks don't talk about such subjects.
To the next! Kind regards!!

Also visit my web site :: pilgrim jewellery uk online ()

Anonymous said...

I drop a comment whenever I especially enjoy a article
on a site or if I have something to contribute to the conversation.
It's caused by the fire communicated in the article I read. And after this article "How to Remove Virus shortcut Harry Potter". I was actually excited enough to post a thought ;-) I do have 2 questions for you if it's
allright. Could it be simply me or do some of the remarks look
like coming from brain dead visitors? :-P And, if you are posting on additional online sites, I would like to keep up with anything
new you have to post. Could you list every one of your communal sites like
your twitter feed, Facebook page or linkedin profile?


Also visit my weblog :: micro chip cat flap

Anonymous said...

sir, kindly send me the video.

my weblog: xerox phaser 8560dn

Anonymous said...

Hi, I would like to subscribe for this weblog to get most recent
updates, therefore where can i do it please help out.


Here is my site pilgrim jewellery denmark

Anonymous said...

Such a Brillant Article!
Gorgeous Jewellery, so versatile & your thinking to mix and match just
magnificent. Might find me spakling in which I am going.

...

Visit my blog; ,cheap earring shop

Anonymous said...

I know this if off topic but I'm looking into starting my own weblog and was wondering what all is needed to get setup? I'm assuming having a blog like yours would
cost a pretty penny? I'm not very web smart so I'm not 100% certain.
Any suggestions or advice would be greatly appreciated. Thank you

Also visit my webpage ... xerox 8560 solid ink

Anonymous said...

Actually Interesting. Many thanks for the Facts. I love your site.


Also visit my homepage ... xerox phaser 8560mfp
()

Anonymous said...

What's up to every body, it's my first visit of this web
site; this weblog consists of amazing and truly excellent data for
readers.

Here is my web page :: LG 42LS5600 Review

Anonymous said...

When I initially left a comment I seem to have clicked the -Notify me when new comments are added- checkbox and now each
time a comment is added I recieve 4 emails with the same comment.
There has to be an easy method you are able to remove
me from that service? Appreciate it!

Visit my webpage how to get rid of acne

Anonymous said...

Hello my family member! I wish to say that this article is awesome,
great written and come with almost all vital infos.
I would like to peer extra posts like this .


My web blog; pilgrim jewellery debenhams

Anonymous said...

Consider all-time low of among the notice emails and you can pull out any time.


Here is my homepage: xerox phaser 8560 (blogspot.fr)

Anonymous said...

Wow, this piece of writing is pleasant, my sister
is analyzing these things, therefore I am going to inform her.


My blog post ... xerox 8560 service manual

Raju Shaikh said...

Bijoy bayanno bangla tutorial-Software with Bangla to english writing

https://www.youtube.com/watch?v=TW4mB7ts-4Q

Facebook like page: https://www.facebook.com/videogurubd

thank you. Admin

Mot in Basildon said...

At PTS Mot in Basildon, Essex UK, we understand the importance of having a reliable car for your daily life. You have places to go and you need to have a vehicle that can get you there. That’s what we are here for! Click here for more details.

My Gadgets 360 said...

this post very help full . this video can be help full https://www.youtube.com/watch?v=qg3lFtZKr0k

John Smith said...

Thanks for this awesome information And Guys here is the app by using this you can download paid app from google play store in free download by using this link Download Now

harry son said...

Some truly wonderful work on behalf of the owner of this internet site , perfectly great articles .
Titanium Pendants UK

Post a Comment

Please leave a comment here
Comment spam and other promotions will be deleted