After this infection, your drives cannot be open with double clicks but need to open using right click then open. Here are the steps:
- once you open your drive, open Tools>Folder Option>View then tick the Show hidden files and folders option.
- then untick 'Hidden protected operating systems files'
- now you'll be able to see the 'autorun.inf' and 'autoupdate.dll.vbs' files. right click on 'autoupdate.dll.vbs' and click Properties, untick the Read-Only option.
- right click again on 'autoupdate.dll.vbs', click Edit. you can see a script will be open in notepad.
- if you scroll down you can see something like HKEY...there will be 'Free for Yahaa' and etc.
- delete or change those sentences like put your name.
- after that, save the changes and double-click on that file. now you can see the changes you made.
- after that, type 'msconfig' in Run, a window will appear click on Startup option. Find 'autoupdate.dll' and untick it.
- now delete the 'autorun.inf' and 'autoupdate.dll.vbs'
- if you cant delete the file press 'Ctrl+Alt+Del' to open Task Manager and click on Process option. End process that related to autoupdate.dll. Now u can delete.
- restart, and check if you successfully get rid of it.
3 comments:
where do i locate the vbs file? i dont know where to find it or how. please please help2
hello..my pc had been hacked by this stupid script oso..but my antivirus software (AVG) detected it and i already removed all the script files. but problem now is when i right click on My Computer -> properties,like what u said the properties is changed already. so without the autoupdate.dll.vbs script file now how can i change back the properties? and also the title on my IE window still remains T.T
well try use anti-yahaa first..
if still cant means..
send ur reply in shoutbox..
i'l give another way (quite long )
Post a Comment