usb-virus-temizleme
brrijesh

Remove virus from PC manually – regsvr and newfolder

Step 1 –

First of all, boot into safe mode. After you get to your desktop, press F3 or Ctrl + F and search for “autorun.inf” file in your computer and delete all the subsequent files. In case you are not able to delete them, select all the files and uncheck the”Read Only” option.

Now go to

start – > run –> type ”msconfig”

and press enter

Go to startup tab and uncheck “regsvr”, click ok and then click on “Exit without restart”.

Now go to

control panel –> scheduled tasks and delete “At1” task listed there.

Once done, close all windows.

Step 2 –

Your registry might be disabled,and you need to activate it back to undo all the malicious changes done by worm. In order to do that, you need to go to

start – > run –> type ”gpedit.msc”

and press enter

then navigate to

users configuration –> Administrative templates –> systems

Find “prevent access to registry editing tools”, double click it and change the option to disable.

Once done, your Regedit will be enabled. In case your task manager is disabled, you need to enable it.

Step 3 –

We have to perform some registry edits to enable our explorer and to remove all instances of worm from the registry.

Go to

start – > run –> type ”regedit”

and press enter

Click on Edit –> Find and search for regsvr.exe . Find and delete all the occurrences of regsvr.exe virus (don’t delete regsvr32.exe as its not a virus).

then navigate to entry

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

and modify the entry

Shell = “Explorer.exe regsvr.exe”

to delete the regsvr.exe from it, so that it becomes

Shell = “Explorer.exe”

Once done, close all windows and get ready to delete all virus files.

Step 4 –

The final step is to delete all the virus files in your computer. To do this, Press F3 or Ctrl + F and search for regsvr.exe (make sure to search in hidden folders ) and delete all “regsvr.exe” “svchost .exe” files (notice the gap between ‘svchost’ and ‘.exe’, keep in mind you don’t delete the legitimate file.).

Clean your recycle bin and restart your PC.

You May Also Like

http

How to change color combination in blogger by writing custom CSS

brrijesh
Jio_Phone

How to troubleshoot Jio Phone in Boot Loop – Break Lock – Hard Reset

brrijesh
mediatek-phone

How to use SP Flash Tool to flash any mediatek phone with custom ROM

brrijesh

Leave a Reply

Your email address will not be published. Required fields are marked *