|
Posted by fjsalim on April 5, 2008, 3:37 am
Please log in for more thread options I forgot to add that you will need to change the files-view settings in the
windows explorer to see the relevant files.
Go to windows explorer (e.g. by going to My Computer), go the menu Tools
(ALT-T), click Folder Options..., choose the tab View, activate Show Hidden
Files And Folders and UNtick the Hide Protected Operating System Files
(Recommended) and, for the latter, click Yes when they ask whether you are
sure. Click OK at the Folder Options dialog box.
Do the opposite after you restart your computer doing the steps in the
previous post. I.e. DEactivae Show Hidden Files And Folders and retick the
Hide Protected Operating System Files (Recommended). Click OK at the Folder
Options dialog box.
"fjsalim" wrote:
> I just fixed this problem from my computer a few minutes ago and have
> restarted my system, so this is a verified solution. The problem began when I
> plugged in a USB drive that has been in contact with a public PC.
>
> Treatment:
> * Run the file 'autoruns' available from the zip file downloadable from
> second tab ('Logon'), untick the entry 'shell.dll.exe' and then right-click
> it to select delete. If warned, give your affirmative to delete. (You may
> want to try deleting it straightaway instead of unticking first, I am just
> retelling how I did it.)
>
> * in WINDOWS directory (e.g. C:\WINDOWS), remove the file 'shell.dll.exe'
> Note that the file 'shell.dll' - without the .exe extension - should be in
> \WINDOWS\SYSTEM32, \WINDOWS\SYSTEM and \WINDOWS\SYSTEM32\dllcache folders
> [http://icrontic.com/forum/showpost.php?p=167042&postcount=4].
>
> * go to Task Manager (i.e. press CTRL-ALT-DEL), go to the Process tab, click
> on 'web.exe' and then click the button End Process. Do the same to
> 'shell.dll.exe' i.e. End Process the 'shell.dll.exe'.
>
> * then go to My Computer, RIGHT-CLICK (do not double-click!!) on your fixed
> drives (e.g. C and D), click EXPLORE. Delete the files 'autorun.inf' and
> 'web.exe' in each drive. Then delete these files from the Recycle Bin too. At
> this stage, left-clicking your fixed drives will still go to the autoplay. It
> will prompt that 'web.exe' cannot be found. Right-clicking the drives will,
> on the other hand, show a bolded autoplay i.e. the default action for
> double-clicking the drive.
>
> * Restart the system and the above-mentioned autoplay on the fixed drives
> won't be there anymore.
>
>
> "2Sweet" wrote:
>
> > When double-click 'C' or 'D' drive in "My Computer", it goes to the link
> > http://www.nhanhlen.com/ intead of showing the content of the drive.
> > Could it be the workstation infected by virus? Symantec antivirus did not
> > detect virus after performed a full scan.
> >
> >
> >
| 
XML Sitemap