| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 75988 | 2007-01-17 01:44:00 | HELP - the VBS/Butsur virus | Aporosa (5671) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 516703 | 2007-01-18 02:12:00 | Delete all the autorun.inf files that came up, when u did a search for autorun.inf. | Speedy Gonzales (78) | ||
| 516704 | 2007-01-18 02:18:00 | Speedy, ARE YOU SURE THIS IS SAFE and is not going to wipe r prevent me accessing the ext HDD or files I have saved to the ext HDD. What do you think? Can I phone you? |
Aporosa (5671) | ||
| 516705 | 2007-01-18 02:26:00 | As I said hdd's dont use autorun.inf files. Only cd's etc do. And maybe flash drives if u put one on it. And no u cant phone me. Just delete them and reboot. Then do another search for autorun.inf again. See if they come up again. If they don't then it's ok. I would say since its saying this file is missing, there's nothing to worry about anyway. Coz the file isnt there. Its just coz the entry is in these autorun.inf files you're seeing. Unless you're going to go thru all of those files and look for that vbs entry and delete it then save it again. The entries pointing to the external hdd, whats the path for them?? That'll tell us what else we need to delete |
Speedy Gonzales (78) | ||
| 516706 | 2007-01-18 02:53:00 | Speedy, First, sorry about the "can I phone", thats panic speaking. I did what you asked, deleted all the "autorun.inf" files and reboted, but still the same window = "canot find..." Re: "The entries pointing to the external hdd, whats the path for them??", sorry, I don't understand. The Ext HDD is my F drive if that is what you are asking. A |
Aporosa (5671) | ||
| 516707 | 2007-01-18 03:09:00 | Do a search on the external hdd then / f for autorun.inf. If any files are found, delete them too. Does the can not find message come up from the external hdd or C?? The main hdd? Does it give a letter in the message when u reboot?? Do any files still come up when u search for autorun.inf on C?? |
Speedy Gonzales (78) | ||
| 516708 | 2007-01-18 03:34:00 | Speedy, I did a new search of the Ext HDD looking for autorun . inf . There is NONE . The message, “Can not find script file F:\MS32DLL . dll . vbs only appears when I double click the Ext HDD icon in My Computer and try to access the Ext HDD or, when I plug in my flash drive and click the icon to try and access it flash dve . My C drive, the main HDD on the actual computer opens fine . The computer boots like normal and it does not warn or give any letters that I can see . If there was a problem, where would I look? There is only 4 references for autorun . inf when I search the C drive = 1 for PowerDVD 1 for the NTI CD maker 1 for the HP all in 1 printer and 1 for HP Memories disc What do you think? |
Aporosa (5671) | ||
| 516709 | 2007-01-18 03:51:00 | OK. Well I would disable system restore. Then go here (http://housecall.trendmicro.com/) And let it scan both hdd's and that USB flash drive. |
Speedy Gonzales (78) | ||
| 516710 | 2007-01-18 03:57:00 | Can do. I know where to find the System Restore prgramme, but how do you disable it. Once I know, I'll do it. How do I let it know to scann the HDD and flash Dve, or will it do it automatically if they are plugged in and turned on? | Aporosa (5671) | ||
| 516711 | 2007-01-18 04:03:00 | Right mouse on my computer on the desktop. System restore tab tick the option. Are u sure u did this to remove everything from the system/registry? 1. Click Start > Run. 2. Type regedit 3. Click OK. 4. Navigate to the subkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run 5. In the right pane, delete the value: "MS32DLL" = "%Windir%\MS32DLL.dll.vbs" <- u did delete this if it was there didn't you? 6. Navigate to the subkey: HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main 7. In the right pane, delete the value: "Window Title" = "Hacked by[REMOVED]" 8. Exit the Registry Editor. |
Speedy Gonzales (78) | ||
| 516712 | 2007-01-18 04:47:00 | Speedy, first, yes, I am sure I did the system/registry thing and I even went back and checked . It is NOT in there . Regarding the online scanning that you suggested, I have over 150GB worth of data on my laptop and the ext HDD, but I only have a DIAL-UP connection, so is this possible to do such a scann? As it is, it takes me over an hour to download a 5MB file . . . . . Also, because I deleted all of the autorun . inf files off the Ext HDD, are you sure the problem is on the Ext HDD, cause if not, I can reinstall the C drive using my Ghost image? This is getting a bit serious . . . . . . . . . do you think a solution is near? My Masters thesis is now due in 3 days . . . . . . . . Cheers, THE PANIC MAN!! |
Aporosa (5671) | ||
| 1 2 3 4 5 | |||||