From today onwards i ll be continuously posting all my experiences here. I found the ways to remove orkut/mozilla virus on net (though i wasn't infected by this). But i had a little problem in my PC. I trust on sysinternals, believe me guys if you download process explorer from there then you can fight with any virus with applying some logic. My process explorer was showing a dirty entry of svchost.exe, here i ll tell what does this dirty entry mean. It means this svchost.exe was not generic, i.e. doesn't have a Microsoft signature. So then process explorer told me the path of this svchost.exe. I traced the path and found that this file was stored in
c:\Documents and Settings\Administrator\Local Settings\Temp\MsData\
after unhiding i found that there are some more files like microsoftpowerpoint.exe etc. which were the root cause for the problem.
so .. here you go..
- Kill the process svchost.exe(not the generic one) with the help of task manager, or the same with the help of process explorer. http://www.microsoft.com/technet/sysinternals/SystemInformation/ProcessExplorer.mspx
- Delete folder c:\Documents and Settings\Administrator\Local Settings\Temp\MsData
- Delete file c:\windows\system32\Winlogons.exe (remeber its winlogons.exe, not winlogon.exe)
- Reboot your system, and you are done.
thanks and regards,
Surya Prakash Garg
2 comments:
This is very informative and helps to general public in case they face problems regarding the computer hacking n all....so a very gud initiative by SP
Thanks DJ
Post a Comment