In Windows Xp, While opening "My Computer" taking too much time for the item list, accessing "My Computer" from any dialog or shortcut took a lot of time displaying the standard Windows searching flashlight.
To Fix this, just stop a service with this simple procedure.
Click Start and launch Run Command
Type Services.msc and press enter
Find Windows Image Acquisition (WIA) service, Right-click it and select Stop.
You should also change WIA service startup mode to Manual.
Keep in mind when this service is disabled no scanner or camera related functionality will be available.
Your Delayed Opening of My Computer problem in windows xp should be solved now.
Showing posts with label Windows Xp. Show all posts
Showing posts with label Windows Xp. Show all posts
Windows Xp Tips - Place scraps of information on your desktop
If you frequently add the same information to your files, you can place the information on your desktop by creating a file called a scrap. Document scraps saves you from having to constantly retype information.
For example, you can create a scrap containing your name, address and telephone number, which you can then drag into a document when needed. You can also create a scrap for images, such as your company’s logo or whatever.
When creating a scrap, make sure the window that contains the information does not fill the entire screen. Part of the desktop should be visible so you can drag the information to the desktop.
Scraps are available only for programs that allow you to drag and drop information to other programs. For example, you cannot create scraps using a Notepad document. You can work with a scrap the same way you would work with any file.
Making Scarp with Windows Wordpad
Create a file with wordpad that contains the information you want to place on your desktop
Select/Highlight the information/text in the file
Take the mouse pointer over the selected information/text
Drag the information/text to a blank area on your desktop
Windows creates a file called a scrap
The scrap stores a copy of the information you selected
The information remains in the original file
To place the information from a scrap into a file, drag the scrap to the location in the file where you want to place the information. You can place the information from a scrap in as many files as you want. Make More Scraps for easy documentation!
For example, you can create a scrap containing your name, address and telephone number, which you can then drag into a document when needed. You can also create a scrap for images, such as your company’s logo or whatever.
When creating a scrap, make sure the window that contains the information does not fill the entire screen. Part of the desktop should be visible so you can drag the information to the desktop.
Scraps are available only for programs that allow you to drag and drop information to other programs. For example, you cannot create scraps using a Notepad document. You can work with a scrap the same way you would work with any file.
Making Scarp with Windows Wordpad
Create a file with wordpad that contains the information you want to place on your desktop
Select/Highlight the information/text in the file
Take the mouse pointer over the selected information/text
Drag the information/text to a blank area on your desktop
Windows creates a file called a scrap
The scrap stores a copy of the information you selected
The information remains in the original file
To place the information from a scrap into a file, drag the scrap to the location in the file where you want to place the information. You can place the information from a scrap in as many files as you want. Make More Scraps for easy documentation!
Windows Tips - Limit the hard disk space available for users
You can set quota limits to restrict the amount of hard disk space available for users to store files on your computer. Limiting the amount of disk space for users is useful when you have multiple users set up on your computer and limited hard disk space.
For example, you may want to prevent your children from filling up space on the hard disk with music and video files.
You must be logged on to Windows as a computer administrator to limit hard disk space for users. In addition, your hard disk must use the NTFS file system. Most new computers use the NTFS file system.
The quota limit you set for users must be at least 2 MB. If you set a user’s quota limit below 2 MB, the user may not be able to log on to Windows. You can set a quota limit for new users that you add to your computer. You cannot set a quota limit for users that are already set up on your computer.
For example, you may want to prevent your children from filling up space on the hard disk with music and video files.
You must be logged on to Windows as a computer administrator to limit hard disk space for users. In addition, your hard disk must use the NTFS file system. Most new computers use the NTFS file system.
The quota limit you set for users must be at least 2 MB. If you set a user’s quota limit below 2 MB, the user may not be able to log on to Windows. You can set a quota limit for new users that you add to your computer. You cannot set a quota limit for users that are already set up on your computer.
- Click Windows Start Menu
- Select My Computer to view the contents of your computer
- Right-click the hard disk you want to limit the available space on
- Select Properties
- Select Quota tab
- Click Enable Quota Management by Checking Check box
Adding Warning!!
Set the warning level an adequate amount below the quota limit, so each user has sufficient notice before they run out of disk space. You should set the warning level to about 80 percent of the quota limit.
For example, if you limit the amount of disk space available to each user to 10 GB, you should set the warning level to about 8 GB, so a warning message will appear when the amount of used hard disk space for a user reaches 8 GB.
Set the warning level an adequate amount below the quota limit, so each user has sufficient notice before they run out of disk space. You should set the warning level to about 80 percent of the quota limit.
For example, if you limit the amount of disk space available to each user to 10 GB, you should set the warning level to about 8 GB, so a warning message will appear when the amount of used hard disk space for a user reaches 8 GB.
Stop Windows from notifying you of security problems
You can stop Windows from notifying you of security problems on your computer. Windows is set up to automatically notify you about potential problems that may put your computer at risk.
For example, Windows will notify you if the firewall software included with Windows to prevent unauthorized access to your computer is turned off.
Windows will also notify you if the Automatic Updates feature, which automatically installs the latest Windows updates on your computer, is turned off.
If your computer is not using an antivirus program, Windows will also notify you.
You can have Windows stop notifying you of these types of problems. If Windows detects a problem with any of the three main security settings, including Firewall, Automatic Updates or Virus Protection, Windows displays an red shield icon on the taskbar and displays a message on your screen. You can click the icon to instantly display the Windows Security Center window to find information on how to fix the problem.
For example, Windows will notify you if the firewall software included with Windows to prevent unauthorized access to your computer is turned off.
Windows will also notify you if the Automatic Updates feature, which automatically installs the latest Windows updates on your computer, is turned off.
If your computer is not using an antivirus program, Windows will also notify you.
You can have Windows stop notifying you of these types of problems. If Windows detects a problem with any of the three main security settings, including Firewall, Automatic Updates or Virus Protection, Windows displays an red shield icon on the taskbar and displays a message on your screen. You can click the icon to instantly display the Windows Security Center window to find information on how to fix the problem.
To Change Notification of Windows Security Alerts
- Start.
- Control Panel
- Security Center
- Change the way Security Center alerts me. [ Left side under Resources ]
- Unselect Items that you don't need to notify [ use Check box, on or off ]
- Click ok.
Manual Removal of W32/Zbot.JVE Trojan
Manual Removal of W32/Zbot.JVE Trojan
W32/Zbot.JVE is a trojan. The trojan will infect Windows systems.
This trojan first appeared on March 12, 2009.
Other names of W32/Zbot.JVE Trojan:
This trojan is also known as Trojan-Spy.Win32.Zbot.jve
This trojan first appeared on March 12, 2009.
Other names of W32/Zbot.JVE Trojan:
This trojan is also known as Trojan-Spy.Win32.Zbot.jve
Damage Level : Medium/High
Distribution Level: Medium
Distribution Level: Medium
No Removal Tool for W32/Zbot.JVE Trojan
W32/Zbot.JVE Trojan Manual Removal Instructions
Recommend Removal from Safe Mode:
How to Start in Safe mode:
Restart your Computer, Press F8 Repeatedly, when your Screen turns on, Select Safe mode, press enter.
W32/Zbot.JVE Trojan Manual Removal Instructions
Recommend Removal from Safe Mode:
How to Start in Safe mode:
Restart your Computer, Press F8 Repeatedly, when your Screen turns on, Select Safe mode, press enter.
The Infected Files Can be Seen in these folders and names also Running in Tasks
End the Following Active Process Before Removal
End the Following Active Process Before Removal
- [ Kill the Process, Use Killbox if your Access Denied ]
Download W32/Zbot.JVE Trojan Known File Removal Tool
- %Windows\System\twex.exe
- %Windows\System\user.ds
If you have any of these files in running process from task manger, end the process before removal.
Note: if task manager is disabled, Download the following file, Click to Download - Enable Registry.reg [ Right Click - Save Target As/Linked Content As ]
Open it with Regedit.exe [%system32\regedit.exe], then it Confirms Add to registry Yes or No, Confirm Yes, then click Ok.
W32/Zbot.JVE Trojan Entries Manual Removal From Registry
Click Start, Run,Type regedit,Click OK.
Note: If the registry editor fails to open the threat may have modified the registry to prevent access to the registry editor.
- Download this UnHookExec.inf, [ Right Click - Save Target As/Linked Content As ]
and then continue with the removal. Save it to your Windows desktop. Do not run it at this time, download it only. - After booting into the Safe Mode or VGA Mode
- Right-click the UnHookExec.inf file and click Install. [This is a small file. It does not display any notice or boxes when you run it.]
The W32/Zbot.JVE Trojan modifies registry at the following locations to ensure its automatic execution at every system startup:
Delete The Entries
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion
Delete file entry from right side
Delete The Entries
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion
Delete file entry from right side
Search Registry For W32/Zbot.JVE Trojan File Names listed above to remove completely,
Edit Menu - Find, enter Keyword and remove all value that find in search.
Edit Menu - Find, enter Keyword and remove all value that find in search.
Exit the Registry Editor,
Restart your Computer.
Recommended Removal Tools:
Kaspersky Antivirus or Internet Security (Shareware)
Spyware Doctor (Shareware)
AVG Antivirus (Freeware)
Spyware Doctor (Shareware)
AVG Antivirus (Freeware)
Killbox (Freeware)
Manual Removal of W32/SillyFDC.BBA Worm
Manual Removal of W32/SillyFDC.BBA Worm
W32/SillyFDC.BBA is a Worm. The Worm will infect Windows systems.
This Worm first appeared on March 10, 2009.
Other names of W32/SillyFDC.BBA Worm:
This Worm is also known as Win32.SillyFDC.BBA
This Worm first appeared on March 10, 2009.
Other names of W32/SillyFDC.BBA Worm:
This Worm is also known as Win32.SillyFDC.BBA
Damage Level : Medium/High
Distribution Level: Medium
Distribution Level: Medium
No Removal Tool for W32/SillyFDC.BBA Worm
W32/SillyFDC.BBA Worm Manual Removal Instructions
Recommend Removal from Safe Mode:
How to Start in Safe mode:
Restart your Computer, Press F8 Repeatedly, when your Screen turns on, Select Safe mode, press enter.
W32/SillyFDC.BBA Worm Manual Removal Instructions
Recommend Removal from Safe Mode:
How to Start in Safe mode:
Restart your Computer, Press F8 Repeatedly, when your Screen turns on, Select Safe mode, press enter.
The Infected Files Can be Seen in these folders and names also Running in Tasks
End the Following Active Process Before Removal
End the Following Active Process Before Removal
- [ Kill the Process, Use Killbox if your Access Denied ]
Download W32/SillyFDC.BBA Worm Known File Removal Tool
- %Windows\System\Desktop.ini
- %Windows\System\Perfume.exe
If you have any of these files in running process from task manger, end the process before removal.
Note: if task manager is disabled, Download the following file, Click to Download - Enable Registry.reg [ Right Click - Save Target As/Linked Content As ]
Open it with Regedit.exe [%system32\regedit.exe], then it Confirms Add to registry Yes or No, Confirm Yes, then click Ok.
W32/SillyFDC.BBA Worm Entries Manual Removal From Registry
Click Start, Run,Type regedit,Click OK.
Note: If the registry editor fails to open the threat may have modified the registry to prevent access to the registry editor.
- Download this UnHookExec.inf, [ Right Click - Save Target As/Linked Content As ]
and then continue with the removal. Save it to your Windows desktop. Do not run it at this time, download it only. - After booting into the Safe Mode or VGA Mode
- Right-click the UnHookExec.inf file and click Install. [This is a small file. It does not display any notice or boxes when you run it.]
The W32/SillyFDC.BBA Worm modifies registry at the following locations to ensure its automatic execution at every system startup:
Delete The Entries
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{28ABC5C0-4FCB-11CF-AAX5-22CX3C644241}
Delete The Entries
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{28ABC5C0-4FCB-11CF-AAX5-22CX3C644241}
StubPath = %SystemDrive%\SYSTEM\[SID]\Perfume.exeDelete Worm File(s) entry from right side
Search Registry For W32/SillyFDC.BBA Worm File Names listed above to remove completely,
Edit Menu - Find, enter Keyword and remove all value that find in search.
Edit Menu - Find, enter Keyword and remove all value that find in search.
Exit the Registry Editor,
Restart your Computer.
Recommended Removal Tools:
Kaspersky Antivirus or Internet Security (Shareware)
Spyware Doctor (Shareware)
AVG Antivirus (Freeware)
Spyware Doctor (Shareware)
AVG Antivirus (Freeware)
Killbox (Freeware)
Manual Removal of W32/Wincod Trojan
Manual Removal of W32/Wincod Trojan
W32/Wincod is a trojan. The trojan will infect Windows systems.
This trojan first appeared on March 9, 2009.
Other names of W32/Wincod Trojan:
This trojan is also known as Trojan.Wincod
This trojan first appeared on March 9, 2009.
Other names of W32/Wincod Trojan:
This trojan is also known as Trojan.Wincod
Damage Level : Medium/High
Distribution Level: Medium
Distribution Level: Medium
No Removal Tool for W32/Wincod Trojan
W32/Wincod Trojan Manual Removal Instructions
Recommend Removal from Safe Mode:
How to Start in Safe mode:
Restart your Computer, Press F8 Repeatedly, when your Screen turns on, Select Safe mode, press enter.
W32/Wincod Trojan Manual Removal Instructions
Recommend Removal from Safe Mode:
How to Start in Safe mode:
Restart your Computer, Press F8 Repeatedly, when your Screen turns on, Select Safe mode, press enter.
The Infected Files Can be Seen in these folders and names also Running in Tasks
End the Following Active Process Before Removal
End the Following Active Process Before Removal
- [ Kill the Process, Use Killbox if your Access Denied ]
Download W32/Wincod Trojan Known File Removal Tool
- %Program Files\MediaSystem
- %Program Files\MediaSystem\1.gif
- %Program Files\MediaSystem\wall.html
- %Program Files\MediaSystem\wmptray.exe
If you have any of these files in running process from task manger, end the process before removal.
Note: if task manager is disabled, Download the following file, Click to Download - Enable Registry.reg [ Right Click - Save Target As/Linked Content As ]
Open it with Regedit.exe [%system32\regedit.exe], then it Confirms Add to registry Yes or No, Confirm Yes, then click Ok.
W32/Wincod Trojan Entries Manual Removal From Registry
Click Start, Run,Type regedit,Click OK.
Note: If the registry editor fails to open the threat may have modified the registry to prevent access to the registry editor.
- Download this UnHookExec.inf, [ Right Click - Save Target As/Linked Content As ]
and then continue with the removal. Save it to your Windows desktop. Do not run it at this time, download it only. - After booting into the Safe Mode or VGA Mode
- Right-click the UnHookExec.inf file and click Install. [This is a small file. It does not display any notice or boxes when you run it.]
The W32/Wincod Trojan modifies registry at the following locations to ensure its automatic execution at every system startup:
Delete The Entries
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Delete wmptray.exe entry from right side
Delete The Entries
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Delete wmptray.exe entry from right side
Search Registry For W32/Wincod Trojan File Names listed above to remove completely,
Edit Menu - Find, enter Keyword and remove all value that find in search.
Edit Menu - Find, enter Keyword and remove all value that find in search.
Exit the Registry Editor,
Restart your Computer.
Recommended Removal Tools:
Kaspersky Antivirus or Internet Security (Shareware)
Spyware Doctor (Shareware)
AVG Antivirus (Freeware)
Spyware Doctor (Shareware)
AVG Antivirus (Freeware)
Killbox (Freeware)
Manual Removal of W32/Ilomo.B Trojan
Manual Removal of W32/Ilomo.B Trojan
W32/Ilomo.B is a trojan. The trojan will infect Windows systems.
This trojan first appeared on March 6, 2009.
Other names of W32/Ilomo.B Trojan:
This trojan is also known as TROJ_ILOMO.B
This trojan first appeared on March 6, 2009.
Other names of W32/Ilomo.B Trojan:
This trojan is also known as TROJ_ILOMO.B
Damage Level : Medium/High
Distribution Level: Medium
Distribution Level: Medium
No Removal Tool for W32/Ilomo.B Trojan
W32/Ilomo.B Trojan Manual Removal Instructions
Recommend Removal from Safe Mode:
How to Start in Safe mode:
Restart your Computer, Press F8 Repeatedly, when your Screen turns on, Select Safe mode, press enter.
W32/Ilomo.B Trojan Manual Removal Instructions
Recommend Removal from Safe Mode:
How to Start in Safe mode:
Restart your Computer, Press F8 Repeatedly, when your Screen turns on, Select Safe mode, press enter.
The Infected Files Can be Seen in these folders and names also Running in Tasks
End the Following Active Process Before Removal
End the Following Active Process Before Removal
- [ Kill the Process, Use Killbox if your Access Denied ]
Download W32/Ilomo.B Trojan Known File Removal Tool
- %Documents and Settings\Default User\Application Data\dumpreport.exe
- %Documents and Settings\Default User\Application Data\event.exe
- %Documents and Settings\Default User\Application Data\helper.exe
- %Documents and Settings\Default User\Application Data\iexeca.exe
- %Documents and Settings\Default User\Application Data\logon.exe
- %Documents and Settings\Default User\Application Data\lsas.exe
- %Documents and Settings\Default User\Application Data\rundll.exe
- %Documents and Settings\Default User\Application Data\service.exe
- %Documents and Settings\Default User\Application Data\sound.exe
- %Documents and Settings\Default User\Application Data\svchosts.exe
If you have any of these files in running process from task manger, end the process before removal.
Note: if task manager is disabled, Download the following file, Click to Download - Enable Registry.reg [ Right Click - Save Target As/Linked Content As ]
Open it with Regedit.exe [%system32\regedit.exe], then it Confirms Add to registry Yes or No, Confirm Yes, then click Ok.
W32/Ilomo.B Trojan Entries Manual Removal From Registry
Click Start, Run,Type regedit,Click OK.
Note: If the registry editor fails to open the threat may have modified the registry to prevent access to the registry editor.
- Download this UnHookExec.inf, [ Right Click - Save Target As/Linked Content As ]
and then continue with the removal. Save it to your Windows desktop. Do not run it at this time, download it only. - After booting into the Safe Mode or VGA Mode
- Right-click the UnHookExec.inf file and click Install. [This is a small file. It does not display any notice or boxes when you run it.]
The W32/Ilomo.B Trojan modifies registry at the following locations to ensure its automatic execution at every system startup:
Delete The Entries
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Delete file entry from right side
Delete The Entries
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Delete file entry from right side
Search Registry For W32/Ilomo.B Trojan File Names listed above to remove completely,
Edit Menu - Find, enter Keyword and remove all value that find in search.
Edit Menu - Find, enter Keyword and remove all value that find in search.
Exit the Registry Editor,
Restart your Computer.
Recommended Removal Tools:
Kaspersky Antivirus or Internet Security (Shareware)
Spyware Doctor (Shareware)
AVG Antivirus (Freeware)
Spyware Doctor (Shareware)
AVG Antivirus (Freeware)
Killbox (Freeware)
Manual Removal of W32/Popwin.CJM Trojan
Manual Removal of W32/Popwin.CJM Trojan
W32/Popwin.CJM is a trojan. The trojan will infect Windows systems.
This trojan first appeared on March 5, 2009.
Other names of W32/Popwin.CJM Trojan:
This trojan is also known as TROJ_ILOMO.B
This trojan first appeared on March 5, 2009.
Other names of W32/Popwin.CJM Trojan:
This trojan is also known as TROJ_ILOMO.B
Damage Level : Medium/High
Distribution Level: Medium
Distribution Level: Medium
No Removal Tool for W32/Popwin.CJM Trojan
W32/Popwin.CJM Trojan Manual Removal Instructions
Recommend Removal from Safe Mode:
How to Start in Safe mode:
Restart your Computer, Press F8 Repeatedly, when your Screen turns on, Select Safe mode, press enter.
W32/Popwin.CJM Trojan Manual Removal Instructions
Recommend Removal from Safe Mode:
How to Start in Safe mode:
Restart your Computer, Press F8 Repeatedly, when your Screen turns on, Select Safe mode, press enter.
The Infected Files Can be Seen in these folders and names also Running in Tasks
End the Following Active Process Before Removal
End the Following Active Process Before Removal
- [ Kill the Process, Use Killbox if your Access Denied ]
- %Windows\System\6022.exe
- %Windows\System\kbd101c.dll
- %Windows\System\kbd103.dll
- %Windows\System\kbd106.dll
- %Windows\System\kbdjpn.dll
- %Windows\System\kbdkor.dll
- %Windows\System\CB68.exe
- %Windows\System\kbd101b.dll
- %Windows\System\ppo.exe
- %Windows\System\0010D.exe
- %Documents and Settings\Default User\Local Settings\Temporary Internet Files\sh11enji[1].exe
If you have any of these files in running process from task manger, end the process before removal.
Note: if task manager is disabled, Download the following file, Click to Download - Enable Registry.reg [ Right Click - Save Target As/Linked Content As ]
Open it with Regedit.exe [%system32\regedit.exe], then it Confirms Add to registry Yes or No, Confirm Yes, then click Ok.
W32/Popwin.CJM Trojan Entries Manual Removal From Registry
Click Start, Run,Type regedit,Click OK.
Note: If the registry editor fails to open the threat may have modified the registry to prevent access to the registry editor.
- Download this UnHookExec.inf, [ Right Click - Save Target As/Linked Content As ]
and then continue with the removal. Save it to your Windows desktop. Do not run it at this time, download it only. - After booting into the Safe Mode or VGA Mode
- Right-click the UnHookExec.inf file and click Install. [This is a small file. It does not display any notice or boxes when you run it.]
The W32/Popwin.CJM Trojan modifies registry at the following locations to ensure its automatic execution at every system startup:
Delete The Entries
HKEY_USERS\S-1-5-21-XXXXXXXXXX-XXXXXXXXXX-XXXXXXXXX-XXXX\Software\Microsoft\Windows\CurrentVersion\Run
Delete file entry from right side
Delete The Entries
HKEY_USERS\S-1-5-21-XXXXXXXXXX-XXXXXXXXXX-XXXXXXXXX-XXXX\Software\Microsoft\Windows\CurrentVersion\Run
Delete file entry from right side
Search Registry For W32/Popwin.CJM Trojan File Names listed above to remove completely,
Edit Menu - Find, enter Keyword and remove all value that find in search.
Edit Menu - Find, enter Keyword and remove all value that find in search.
Exit the Registry Editor,
Restart your Computer.
Recommended Removal Tools:
Kaspersky Antivirus or Internet Security (Shareware)
Spyware Doctor (Shareware)
AVG Antivirus (Freeware)
Spyware Doctor (Shareware)
AVG Antivirus (Freeware)
Killbox (Freeware)
Manual Removal of W32/Koobface.AZ Worm
Manual Removal of W32/Koobface.AZ Worm
W32/Koobface.AZ is a worm. The worm will infect Windows systems.
This worm first appeared on March 4, 2009.
Other names of W32/Koobface.AZ Worm:
This worm is also known as WORM_KOOBFACE.AZ
W32/Koobface.AZ Worm can create, delete or modify files on the disk.
Damage Level : Medium/High
Distribution Level: Medium
This worm first appeared on March 4, 2009.
Other names of W32/Koobface.AZ Worm:
This worm is also known as WORM_KOOBFACE.AZ
W32/Koobface.AZ Worm can create, delete or modify files on the disk.
Damage Level : Medium/High
Distribution Level: Medium
No Removal Tool for W32/Koobface.AZ Worm
W32/Koobface.AZ Worm Manual Removal Instructions
Recommend Removal from Safe Mode:
How to Start in Safe mode:
Restart your Computer, Press F8 Repeatedly, when your Screen turns on, Select Safe mode, press enter.
W32/Koobface.AZ Worm Manual Removal Instructions
Recommend Removal from Safe Mode:
How to Start in Safe mode:
Restart your Computer, Press F8 Repeatedly, when your Screen turns on, Select Safe mode, press enter.
The Infected Files Can be Seen in these folders and names also Running in Tasks
End the Following Active Process Before Removal
End the Following Active Process Before Removal
- [ Kill the Process, Use Killbox if your Access Denied ]
Add Comment if you Want the File Remover
Download W32/Koobface.AZ Worm Known Files Removal Tool
[In Windows Vista Run As Administrator, After Execution System Will Restart] Download W32/Koobface.AZ Worm Known Files Removal Tool
- %Windows\freddy35.exe [ MAY be Hidden (+H) Attribute ]
- %Windows\f23567.dat [ MAY be Hidden (+H) Attribute ]
- Other Known Files
- %Windows\bolivar22.exe
- %Windows\bolivar24.exe
- %Windows\bolivar25.exe
- %Windows\bolivar26.exe
- %Windows\bolivar27.exe
- %Windows\bolivar28.exe
- %Windows\bolivar29.exe
- %Windows\bolivar30.exe
- %Windows\fbtre8.exe
- %Windows\ugo01.exe
If you have any of these files in running process from task manger, end the process before removal.
Note: if task manager is disabled, Download the following file, Click to Download - Enable Registry.reg [ Right Click - Save Target As/Linked Content As ]
Open it with Regedit.exe [%system32\regedit.exe], then it Confirms Add to registry Yes or No, Confirm Yes, then click Ok.
W32/Koobface.AZ Worm Entries Manual Removal From Registry
Click Start, Run,Type regedit,Click OK.
Note: If the registry editor fails to open the threat may have modified the registry to prevent access to the registry editor.
- Download this UnHookExec.inf, [ Right Click - Save Target As/Linked Content As ]
and then continue with the removal. Save it to your Windows desktop. Do not run it at this time, download it only. - After booting into the Safe Mode or VGA Mode
- Right-click the UnHookExec.inf file and click Install. [This is a small file. It does not display any notice or boxes when you run it.]
The W32/Koobface.AZ Worm modifies registry at the following locations to ensure its automatic execution at every system startup:
Delete the freddy35.exe Entry by the Worm:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Delete the freddy35.exe Entry by the Worm:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Search Registry W32/Koobface.AZ Worm for keys, check if are related to the Worm, if yes you can delete them. File Names listed above can search to remove completely,
Edit Menu - Find, enter Keyword and remove all value that find in search.
Edit Menu - Find, enter Keyword and remove all value that find in search.
Exit the Registry Editor,
Restart your Computer.
Recommended Removal Tools:
Kaspersky Antivirus or Internet Security [Shareware]
Spyware Doctor [Shareware]
AVG Antivirus [Freeware]
Spyware Doctor [Shareware]
AVG Antivirus [Freeware]
Killbox [Freeware]
Manual Removal of W32/VirusDoctor.A Trojan
Manual Removal of W32/VirusDoctor.A Trojan
W32/VirusDoctor.A is a trojan. The trojan will infect Windows systems.
This trojan first appeared on March 3, 2009.
Other names of W32/Murlo.ABJ Trojan:
This trojan is also known as FraudTool.Win32.VirusDoctor.a, Trojan.Dropper.Fraud.VirusDoctor.A
This trojan first appeared on March 3, 2009.
Other names of W32/Murlo.ABJ Trojan:
This trojan is also known as FraudTool.Win32.VirusDoctor.a, Trojan.Dropper.Fraud.VirusDoctor.A
Damage Level : Medium/High
Distribution Level: Medium
Distribution Level: Medium
No Removal Tool for W32/VirusDoctor.A Trojan
W32/VirusDoctor.A Trojan Manual Removal Instructions
Recommend Removal from Safe Mode:
How to Start in Safe mode:
Restart your Computer, Press F8 Repeatedly, when your Screen turns on, Select Safe mode, press enter.
W32/VirusDoctor.A Trojan Manual Removal Instructions
Recommend Removal from Safe Mode:
How to Start in Safe mode:
Restart your Computer, Press F8 Repeatedly, when your Screen turns on, Select Safe mode, press enter.
The Infected Files Can be Seen in these folders and names also Running in Tasks
End the Following Active Process Before Removal
End the Following Active Process Before Removal
- [ Kill the Process, Use Killbox if your Access Denied ]
Add Comment if you Want the File Remover
Download W32/VirusDoctor.A Trojan Known File Removal Tool
[In Windows Vista Run As Administrator, After Execution System Will Restart]Download W32/VirusDoctor.A Trojan Known File Removal Tool
- %Documents and Settings\All Users\Application Data\unins000.exe
- %Documents and Settings\All Users\Application Data\VDocd389.exe
If you have any of these files in running process from task manger, end the process before removal.
Note: if task manager is disabled, Download the following file, Click to Download - Enable Registry.reg [ Right Click - Save Target As/Linked Content As ]
Open it with Regedit.exe [%system32\regedit.exe], then it Confirms Add to registry Yes or No, Confirm Yes, then click Ok.
W32/VirusDoctor.A Trojan Entries Manual Removal From Registry
Click Start, Run,Type regedit,Click OK.
Note: If the registry editor fails to open the threat may have modified the registry to prevent access to the registry editor.
- Download this UnHookExec.inf, [ Right Click - Save Target As/Linked Content As ]
and then continue with the removal. Save it to your Windows desktop. Do not run it at this time, download it only. - After booting into the Safe Mode or VGA Mode
- Right-click the UnHookExec.inf file and click Install. [This is a small file. It does not display any notice or boxes when you run it.]
The W32/VirusDoctor.A Trojan modifies registry at the following locations to ensure its automatic execution at every system startup:
Delete The Entries
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
Delete Vdoctor entry from right side
Delete The Entries
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
Delete Vdoctor entry from right side
Search Registry For W32/VirusDoctor.A Trojan File Names listed above to remove completely,
Edit Menu - Find, enter Keyword and remove all value that find in search.
Edit Menu - Find, enter Keyword and remove all value that find in search.
Exit the Registry Editor,
Restart your Computer.
Recommended Removal Tools:
Kaspersky Antivirus or Internet Security (Shareware)
Spyware Doctor (Shareware)
AVG Antivirus (Freeware)
Spyware Doctor (Shareware)
AVG Antivirus (Freeware)
Killbox (Freeware)
Manual Removal of W32/AutoTDSS.XP Worm
Manual Removal of W32/AutoTDSS.XP Worm
W32/AutoTDSS.XP is a worm. The worm will infect Windows systems.
This worm first appeared on February 27, 2009.
Other names of W32/AutoTDSS.XP Worm:
This trojan is also known as AutoTDSS.XP, Worm.Win32.AutoTDSS.xp, Trojan.Dropper.AutoTDSS.XP
This worm first appeared on February 27, 2009.
Other names of W32/AutoTDSS.XP Worm:
This trojan is also known as AutoTDSS.XP, Worm.Win32.AutoTDSS.xp, Trojan.Dropper.AutoTDSS.XP
Damage Level : Medium/High
Distribution Level: Medium
Distribution Level: Medium
No Removal Tool for W32/AutoTDSS.XP Worm
W32/AutoTDSS.XP Worm Manual Removal Instructions
Recommend Removal from Safe Mode:
How to Start in Safe mode:
Restart your Computer, Press F8 Repeatedly, when your Screen turns on, Select Safe mode, press enter.
W32/AutoTDSS.XP Worm Manual Removal Instructions
Recommend Removal from Safe Mode:
How to Start in Safe mode:
Restart your Computer, Press F8 Repeatedly, when your Screen turns on, Select Safe mode, press enter.
The Infected Files Can be Seen in these folders and names also Running in Tasks
End the Following Active Process Before Removal
End the Following Active Process Before Removal
- [ Kill the Process, Use Killbox if your Access Denied ]
Add Comment if you Want the File Remover
Download W32/AutoTDSS.XP Worm Known Files Removal Tool
[In Windows Vista Run As Administrator, After Execution System Will Restart]Download W32/AutoTDSS.XP Worm Known Files Removal Tool
- %SystemInstalledDrive\autorun.inf [ Hidden (+H) Attribute ]
- %SystemInstalledDrive\resycled [ Hidden (+H) Attribute ]
- %SystemInstalledDrive\resycled\boot.com [ Hidden (+H) Attribute ]
- %SystemInstalledDrive\Program Files\totalvid
- %SystemInstalledDrive\Program Files\totalvid\Uninstall.exe
- %SystemInstalledDrive\Documents and Settings\jimmy\Start Menu\Programs\totalvid\Uninstall.lnk
- %SystemInstalledDrive\WINDOWS\system32\msqpdxdqwbdinl.dll [ MAY be Hidden (+H) Attribute ]
- %SystemInstalledDrive\WINDOWS\system32\drivers\msqpdxserv.sys [ MAY be Hidden (+H) Attribute ]
- %SystemInstalledDrive\WINDOWS\system32\drivers\msqpdxageextkp.sys [ MAY be Hidden (+H) Attribute ]
If you have any of these files in running process from task manger, end the process before removal.
Note: if task manager is disabled, Download the following file, Click to Download - Enable Registry.reg [ Right Click - Save Target As/Linked Content As ]
Open it with Regedit.exe [%system32\regedit.exe], then it Confirms Add to registry Yes or No, Confirm Yes, then click Ok.
W32/AutoTDSS.XP Worm Entries Manual Removal From Registry
Click Start, Run,Type regedit,Click OK.
Note: If the registry editor fails to open the threat may have modified the registry to prevent access to the registry editor.
- Download this UnHookExec.inf, [ Right Click - Save Target As/Linked Content As ]
and then continue with the removal. Save it to your Windows desktop. Do not run it at this time, download it only. - After booting into the Safe Mode or VGA Mode
- Right-click the UnHookExec.inf file and click Install. [This is a small file. It does not display any notice or boxes when you run it.]
The W32/AutoTDSS.XP Worm modifies registry at the following locations to ensure its automatic execution at every system startup:
Delete the DNS changed by the Worm:
HKLM\System\CS1\Services\Tcpip\Parameters:
NameServer = 85.255.114.46;85.255.112.210
HKLM\System\CCS\Services\Tcpip\Parameters:
NameServer = 85.255.114.46;85.255.112.210
Delete the DNS changed by the Worm:
HKLM\System\CS1\Services\Tcpip\Parameters:
NameServer = 85.255.114.46;85.255.112.210
HKLM\System\CCS\Services\Tcpip\Parameters:
NameServer = 85.255.114.46;85.255.112.210
Search Registry W32/AutoTDSS.XP Worm for keys that start with “msqpdx” or “msqp” and check if are related to the Worm, if yes you can delete them. File Names listed above can search to remove completely,
Edit Menu - Find, enter Keyword and remove all value that find in search.
Edit Menu - Find, enter Keyword and remove all value that find in search.
Exit the Registry Editor,
Restart your Computer.
Recommended Removal Tools:
Kaspersky Antivirus or Internet Security (Shareware)
Spyware Doctor (Shareware)
AVG Antivirus (Freeware)
Spyware Doctor (Shareware)
AVG Antivirus (Freeware)
Killbox (Freeware)
Manual Removal of W32/AntiVirusPro.FS Trojan
Manual Removal of W32/AntiVirusPro.FS Trojan
W32/AntiVirusPro.FS is a trojan. The trojan will infect Windows systems.
This trojan first appeared on February 26, 2009.
Other names of W32/Murlo.ABJ Trojan:
This trojan is also known as Trojan-Downloader.Win32.Murlo.abj, Troj/FakeAV-KS, TR/Dldr.FakeAler.IM.
This trojan first appeared on February 26, 2009.
Other names of W32/Murlo.ABJ Trojan:
This trojan is also known as Trojan-Downloader.Win32.Murlo.abj, Troj/FakeAV-KS, TR/Dldr.FakeAler.IM.
Damage Level : Medium/High
Distribution Level: Medium
Distribution Level: Medium
No Removal Tool for W32/AntiVirusPro.FS Trojan
W32/AntiVirusPro.FS Trojan Manual Removal Instructions
Recommend Removal from Safe Mode:
How to Start in Safe mode:
Restart your Computer, Press F8 Repeatedly, when your Screen turns on, Select Safe mode, press enter.
W32/AntiVirusPro.FS Trojan Manual Removal Instructions
Recommend Removal from Safe Mode:
How to Start in Safe mode:
Restart your Computer, Press F8 Repeatedly, when your Screen turns on, Select Safe mode, press enter.
The Infected Files Can be Seen in these folders and names also Running in Tasks
End the Following Active Process Before Removal
End the Following Active Process Before Removal
- [ Kill the Process, Use Killbox if your Access Denied ]
Add Comment if you Want the File Remover
Download W32/AntiVirusPro.FS Trojan Known Files Removal Tool
[In Windows Vista Run As Administrator, After Execution System Will Restart]Download W32/AntiVirusPro.FS Trojan Known Files Removal Tool
- %Program Files\AdwarePro
- %Program Files\AdwarePro\AdwarePro.exe
- %Program Files\AdwarePro\StartApp.exe
- %Program Files\AdwarePro\uninst.exe
- %Program Files\AdwarePro\SSEngine.dll
If you have any of these files in running process from task manger, end the process before removal.
Note: if task manager is disabled, Download the following file, Click to Download - Enable Registry.reg [ Right Click - Save Target As/Linked Content As ]
Open it with Regedit.exe [%system32\regedit.exe], then it Confirms Add to registry Yes or No, Confirm Yes, then click Ok.
W32/AntiVirusPro.FS Trojan Entries Manual Removal From Registry
Click Start, Run,Type regedit,Click OK.
Note: If the registry editor fails to open the threat may have modified the registry to prevent access to the registry editor.
- Download this UnHookExec.inf, [ Right Click - Save Target As/Linked Content As ]
and then continue with the removal. Save it to your Windows desktop. Do not run it at this time, download it only. - After booting into the Safe Mode or VGA Mode
- Right-click the UnHookExec.inf file and click Install. [This is a small file. It does not display any notice or boxes when you run it.]
The W32/AntiVirusPro.FS Trojan modifies registry at the following locations to ensure its automatic execution at every system startup:
Delete The Entries
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Delete run=AdwarePro.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
Delete run=AdwarePro.exe - boot
HKEY_CURRENT_USER\Software\AdwarePro
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AdwarePro_is1
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System DisableTaskMgr = 0x00000001 (Change Value to 1)
Delete The Entries
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Delete run=AdwarePro.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
Delete run=AdwarePro.exe - boot
HKEY_CURRENT_USER\Software\AdwarePro
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AdwarePro_is1
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System DisableTaskMgr = 0x00000001 (Change Value to 1)
Search Registry For W32/AntiVirusPro.FS Trojan File Names listed above to remove completely,
Edit Menu - Find, enter Keyword and remove all value that find in search.
Edit Menu - Find, enter Keyword and remove all value that find in search.
Exit the Registry Editor,
Restart your Computer.
Recommended Removal Tools:
Kaspersky Antivirus or Internet Security (Shareware)
Spyware Doctor (Shareware)
AVG Antivirus (Freeware)
Spyware Doctor (Shareware)
AVG Antivirus (Freeware)
Killbox (Freeware)
Manual Removal of W32/Murlo.ABJ Trojan
Manual Removal of W32/Murlo.ABJ Trojan
W32/Murlo.ABJ is a trojan. The trojan will infect Windows systems.
This trojan first appeared on February 25, 2009.
Other names of W32/Murlo.ABJ Trojan:
This trojan is also known as Trojan-Downloader.Win32.Murlo.abj, Troj/FakeAV-KS, TR/Dldr.FakeAler.IM.
This trojan first appeared on February 25, 2009.
Other names of W32/Murlo.ABJ Trojan:
This trojan is also known as Trojan-Downloader.Win32.Murlo.abj, Troj/FakeAV-KS, TR/Dldr.FakeAler.IM.
Damage Level : Medium/High
Distribution Level: Medium
Distribution Level: Medium
No Removal Tool for W32/Murlo.ABJ Trojan
W32/Murlo.ABJ Trojan Manual Removal Instructions
Recommend Removal from Safe Mode:
How to Start in Safe mode:
Restart your Computer, Press F8 Repeatedly, when your Screen turns on, Select Safe mode, press enter.
W32/Murlo.ABJ Trojan Manual Removal Instructions
Recommend Removal from Safe Mode:
How to Start in Safe mode:
Restart your Computer, Press F8 Repeatedly, when your Screen turns on, Select Safe mode, press enter.
The Infected Files Can be Seen in these folders and names also Running in Tasks
End the Following Active Process Before Removal
End the Following Active Process Before Removal
- [ Kill the Process, Use Killbox if your Access Denied ]
Add Comment if you Want the File Remover
Download W32/Murlo.ABJ Trojan Known Files Removal Tool
[In Windows Vista Run As Administrator, After Execution System Will Restart]Download W32/Murlo.ABJ Trojan Known Files Removal Tool
- %Windows\System\init32.exe
- %Windows\System\frmwrk32.exe
- %Windows\System\userinit.exe
If you have any of these files in running process from task manger, end the process before removal.
Note: if task manager is disabled, Download the following file, Click to Download - Enable Registry.reg [ Right Click - Save Target As/Linked Content As ]
Open it with Regedit.exe [%system32\regedit.exe], then it Confirms Add to registry Yes or No, Confirm Yes, then click Ok.
W32/Murlo.ABJ Trojan Entries Manual Removal From Registry
Click Start, Run,Type regedit,Click OK.
Note: If the registry editor fails to open the threat may have modified the registry to prevent access to the registry editor.
- Download this UnHookExec.inf, [ Right Click - Save Target As/Linked Content As ]
and then continue with the removal. Save it to your Windows desktop. Do not run it at this time, download it only. - After booting into the Safe Mode or VGA Mode
- Right-click the UnHookExec.inf file and click Install. [This is a small file. It does not display any notice or boxes when you run it.]
The W32/Murlo.ABJ Trojan modifies registry at the following locations to ensure its automatic execution at every system startup:
Delete The Entries
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Delete run=frmwrk32.exe
The following registry entry is set, disabling system software:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System
DisableTaskMgr Change Value to 1
Registry entries are set as follows: Manually Edit:
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop
NoChangingWallpaper Change Value to 1
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
NoSetActiveDesktop Change Value to 1
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
NoActiveDesktopChanges Change Value to 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop
NoChangingWallpaper Change Value to 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
NoSetActiveDesktop Change Value to 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
NoActiveDesktopChanges Change Value to 1
HKCU\Software\Microsoft\Internet Explorer\Desktop\Components
GeneralFlags Change Value to 0
HKCU\Software\Microsoft\Internet Explorer\Desktop\Components\0
CurrentState Change Value to 40000004
HKCU\Software\Microsoft\Internet Explorer\Desktop\General
Wallpaper\ahtn.htm
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System DisableTaskMgr = 0x00000001
Delete The Entries
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Delete run=frmwrk32.exe
The following registry entry is set, disabling system software:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System
DisableTaskMgr Change Value to 1
Registry entries are set as follows: Manually Edit:
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop
NoChangingWallpaper Change Value to 1
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
NoSetActiveDesktop Change Value to 1
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
NoActiveDesktopChanges Change Value to 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop
NoChangingWallpaper Change Value to 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
NoSetActiveDesktop Change Value to 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
NoActiveDesktopChanges Change Value to 1
HKCU\Software\Microsoft\Internet Explorer\Desktop\Components
GeneralFlags Change Value to 0
HKCU\Software\Microsoft\Internet Explorer\Desktop\Components\0
CurrentState Change Value to 40000004
HKCU\Software\Microsoft\Internet Explorer\Desktop\General
Wallpaper
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System DisableTaskMgr = 0x00000001
Search Registry For W32/Murlo.ABJ Trojan File Names listed above to remove completely,
Edit Menu - Find, enter Keyword and remove all value that find in search.
Edit Menu - Find, enter Keyword and remove all value that find in search.
Exit the Registry Editor,
Restart your Computer.
Recommended Removal Tools:
Kaspersky Antivirus or Internet Security (Shareware)
Spyware Doctor (Shareware)
AVG Antivirus (Freeware)
Spyware Doctor (Shareware)
AVG Antivirus (Freeware)
Killbox (Freeware)