 | Do you have pop-ups or your computer infected with trojan or spyware ? Learn how to ask us for help, click here! |
How to remove trojans that uses autorun.inf file
A group of dangerous trojans which uses autorun.inf file to infect computer called autorun.inf trojans. Once infected with autorun.inf trojan your computer will display many popups, Internet Explorer start page can to be change, TaskManager and Registry editor can be disabled. Also autorun.inf trojan configures itself to run automatically every time, when you start your computer. In addition the autorun.inf trojan creates a files with strange names, some examples:
ampfrb.cmd, hbs.exe, yfog8p.exe, as.bat, phwe.com, o0s.cmd, xa2c.exe, AutoStart.exe, ncyrf.bat, rcukd.cmd, 2u.com, q.com, RavMon.exe, x6.bat, rqq2v.bat, t.com, xp19.com, x0.cmd, yg.cmd, ntde1ect.com, tio8x6.cmd, d6fagcs8.cmd, gbiehbsb.dll, tio8x6.cmd, fooool.exe, 8ng8w.com, x.com, xn1i9x.com, invwft2h.com, selamat_berposa_dari_umt.js, ktnquo.exe, NewVirusRemoval.vbs, kinza.exe, rs.cmd, yssjnngm.cmd, h3.bat, 6fnlpetp.exe, boot.exe, winde32.exe, 6j2j.com, kjibu.com, fun.xls.exe, iqe68o.bat, boot.exe, killVBS.vbs, autorun.pif, lin32.exe, USB.exe, RisinG.exe. f.bat, uxdeiect.com, awda2.exe, clshsy.cmd, kongxsg.exe, autorunme.exe, x2tpc.cmd, winconfig.dll.vbs, w1hva13.exe, jun.exe, xpbkh.com, nfdmg.com, m9ma.exe, pbudsara.exe, herss.exe, cgaqyi.exe, dsoqq.exe, dsoqq0.dll
What is more, the trojans may drastically slow the performance of your computer. Read below how to remove them and any associated malware from your computer for free.
Step1: Remove malicious autorun.inf files from all your drives, include any usb/flash drives.
1. Manually:
- Reboot your PC in Safe mode.
1. Restart your computer
2. After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
3. Instead of Windows loading as normal, a menu should appear
4. Select the first option, to run Windows in Safe Mode. - Click Start -> Run.
- In the type box enter cmd and press Enter.
- In the command console type del /a:h /f c:\autorun.*
- Repeat previous step to all drives, make replacing “c” with the appropriate drive letter.
2. Automatically.
- Download Flash_Disinfector by sUBs and save it to your desktop.
- Double-click Flash_Disinfector.exe to run it and follow any prompts that may appear.
- The utility may ask you to insert your flash drive and/or other removable drives including your mobile phone.
- Please do so and allow the utility to clean up those drives as well.
- Wait until it has finished scanning and then exit the program.
- Reboot your computer when done.
Note: Flash_Disinfector will remove any autorun.inf files, create a hidden folder named autorun.inf in each partition and every USB drive plugged in when you ran it. Don’t delete this folder. It will help protect your drives from future infection.
Step 2: Remove autorun.inf trojan from the windows registry.
Download and install HijackThis.
Run HijackThis, click Do a system scan only button.
Put a checkmark next to the following items (if exists):
F2 – REG:system.ini: Shell=Explorer.exe csrcs.exe
O4 – HKLM\..\Run: [SystemDrive] c:\windows\system32\SVCH0ST.EXE
O4 – HKCU\..\Run: [avp] C:\WINDOWS\system32\avp.exe
O4 – HKCU\..\Run: [amva] C:\WINDOWS\system32\amvo.exe
O4 – HKCU\..\Run: [kxva] C:\WINDOWS\system32\kxvo.exe
O4 – HKCU\..\Run: [kava] C:\WINDOWS\system32\kavo.exe
O4 – HKCU\..\Run: [tava] C:\WINDOWS\system32\tavo.exe
O4 – HKCU\..\Run: [TaskMonitor] C:\WINDOWS\system32\TaskMonitor.exe
O4 – HKCU\..\Run: [Realshade] C:\WINDOWS\system32\realshade.exe
O4 – HKCU\..\Run: [cftmonn] C:\WINDOWS\system32\cftmonn.exe
O4 – HKCU\..\Run: [kamsoft] C:\WINDOWS\system32\kamsoft.exe
O4 – HKCU\..\Run: [vamsoft] C:\WINDOWS\system32\vamsoft.exe
O4 – HKCU\..\Run: [kmmsoft] C:\WINDOWS\system32\revo.exe
O4 – HKCU\..\Run: [cdoosoft] C:\WINDOWS\system32\olhrwef.exe
O4 – HKCU\..\Run: [cdoosoft] %Temp%\herss.exe
O4 – HKCU\..\Run: [dso32] %Temp%\dsoqq.exe
O4 – HKCU\..\Run: [cbvcs] C:\WINDOWS\system32\urretnd.exe
O4 – HKCU\..\Run: [jvsoft] C:\WINDOWS\system32\j3ewro.exe
O4 – HKCU\..\Run: [ckvo] c:\windows\system32\ckvo.exe
O4 – HKLM\..\Run: [winconfig] C:\WINDOWS\winconfig.dll.vbs
O4 – HKLM\..\Policies\Explorer\Run: [csrcs] C:\WINDOWS\system32\csrcs.exe
O4 – HKCU\..\Run: [WinUpdater AutoRun] C:\AutoProtect\DrvMonitor.exe
O6 – HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 – HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
Now close all browser and other windows except for HijackThis, and click “Fix Checked” to have HijackThis fix the entries you checked.
Step 3: Remove autorun.inf trojans files
Download Avenger from here and unzip to your desktop.
Run Avenger, copy,then paste the following text in Input script Box:
Files to delete:
c:\0jbnlnu8.exe
C:\11rhbu.cmd
c:\1q8p0y.com
C:\2fiy.bat
c:\2g.com
C:\32agsg.exe
c:\39ysi89.com
c:\3jkka91.com
c:\6fnlpetp.exe
C:\6fnlpetp.exe
C:\6j2j.com
C:\8.bat
c:\80avp08.com
C:\8ng8w.com
c:\92j11sm.com
c:\9fo3ar0j.exe
c:\a.exe
C:\a2h2.com
c:\ampfrb.cmd
c:\as.bat
c:\AutoRun\autorun.pif
c:\AutoRun\AutoStart.exe
c:\AutoRun\AutoStart.exe
C:\AutoProtect\DrvMonitor.exe
c:\awda2.exe
c:\bo1dhu.bat
C:\bwpncb6.com
c:\boot.exe
c:\cgaqyi.exe
c:\cjrp8.com
c:\clshsy.cmd
C:\d1vmq.exe
C:\d6fagcs8.cmd
c:\dp.exe
C:\e.cmd
C:\eaywxx.cmd
C:\f9cvum.exe
C:\fooool.exe
c:\fun.xls.exe
C:\gbiehbsb.dll
C:\gfqgq.cmd
C:\gi2ky.exe
C:\gldegkby.cmd
c:\gumkrhf.bat
C:\qxty9be.cmd
C:\gy.exe
c:\h3.bat
c:\hbs.exe
c:\ioockw.bat
C:\ij.bat
C:\imo.exe
c:\invwft2h.com
C:\ioockw.bat
c:\iqe68o.bat
C:\j60osk9.cmd
C:\jeorels.cmd
c:\jg6w3yx.com
c:\killVBS.vbs
c:\kinza.exe
C:\kjibu.com
c:\ktnquo.exe
c:\m9ma.exe
c:\main.vbs
c:\MicrosoftPowerPoint.exe
c:\n0qls.exe
c:\NewVirusRemoval.vbs
c:\nfdmg.com
C:\ntde1ect.com
c:\ntnq.exe
c:\nw0t1l0d.exe
c:\o0s.cmd
c:\pbudsara.exe
c:\phwe.com
C:\pook.com
c:\q0rppr.exe
C:\qphdin.com
C:\rcukd.cmd
c:\Recycled\ctfmon.exe
c:\resycled\boot.com
c:\RECYCLED\appmgmt.exe
C:\rqq2v.bat
c:\rs.cmd
C:\sq.com
C:\system.exe
c:\System\DriveGuard\DriveProtect.exe
C:\t.com
C:\tio8x6.cmd
c:\tj8odymw.exe
C:\tjjqtejq.bat
C:\tvlx2fg.exe
c:\uh31.exe
c:\usbcash.exe
c:\USBFlash.exe
C:\uvsqfgwd.cmd
c:\uxdeiect.com
c:\vnkucvv.com
c:\VirusCleaner.vbe
c:\VirusRemoval.vbs
c:\w1hva13.exe
C:\x0.cmd
c:\x2tpc.cmd
c:\xa2c.exe
C:\x.com
C:\x.cmd
C:\x2csvg.exe
C:\xih9.cmd
C:\xn1i9x.com
C:\xp19.com
c:\xpq63xl.exe
c:\xwpehlv.com
c:\yfog8p.exe
C:\yg.cmd
c:\yssjnngm.cmd
C:\w98.com
%Temp%\cvasds0.dll
%Temp%\cvasds1.dll
%Temp%\dsoqq.exe
%Temp%\dsoqq0.dll
%Temp%\dsoqq1.dll
%Temp%\dsoqq2.dll
%Temp%\dwg3gngs.exe
%Temp%\herss.exe
%Temp%\kxvo.exe
%Temp%\new folder\ufjtre.exe
%Temp%\o2g.exe
%Temp%\ufjtre.exe
%Windir%\expiorer.exe
%windir%\system32\afmain0.dll
%Windir%\system32\amvo.exe
%Windir%\system32\avp.exe
%windir%\system32\avpo.exe
%Windir%\system32\Bitkv0.dll
%Windir%\system32\Bitkv1.dll
%Windir%\system32\cftmonn.exe
%Windir%\system32\ckvo0.dll
%Windir%\system32\ckvo.exe
%Windir%\system32\expiorer.exe
%Windir%\system32\fool0.dll
%Windir%\system32\fool1.dll
%Windir%\system32\fool2.dll
%Windir%\system32\gasretyw0.dll
%Windir%\system32\gasretyw1.dll
%Windir%\system32\haozs0.dll
%Windir%\system32\ieso0.dll
%Windir%\system32\j3ewro.exe
%Windir%\system32\jwedsfdo0.dll
%Windir%\system32\kamsoft.exe
%Windir%\system32\kavo0.dll
%Windir%\system32\kavo1.dll
%Windir%\system32\kavo.exe
%Windir%\system32\kxvo.exe
%windir%\system32\locale.exe
%windir%\system32\nmdfgds1.dll
%windir%\system32\nmdfgds0.dll
%windir%\system32\olhrwef.exe
%windir%\system32\optyhww0.dll
%windir%\system32\optyhww1.dll
%Windir%\system32\RavMon.exe
%Windir%\system32\realshade.exe
%Windir%\system32\revo.exe
%Windir%\system32\revo1.dll
%Windir%\system32\revo2.dll
%Windir%\system32\revo6.dll
%Windir%\system32\revo5.dll
%Windir%\system32\revo4.dll
%Windir%\system32\revo3.dll
%Windir%\system32\SCVVHSOT.exe
%Windir%\System32\taskmagr.exe
%Windir%\system32\TaskMonitor.exe
%Windir%\system32\tavo0.dll
%Windir%\system32\tavo1.dll
%Windir%\system32\tavo.exe
%Windir%\system32\urretnd.exe
%Windir%\system32\usbmons.exe
%Windir%\system32\usbmons.dll
%Windir%\system32\vamsoft.exe
%Windir%\system32\vbsdfe0.dll
%Windir%\system32\vbsdfe1.dll
%Windir%\system32\wincab.sys
%Windir%\winconfig.dll.vbs
Then click on ‘Execute’. Your computer will be reloaded.
Note: if you need help with the instructions, then post your questions in our Spyware Removal forum.
Related articles: How to disable the autorun feature to prevent malware from spreading, Cannot open C Drive – How to fix it using Flash Disinfector.
58 Comments »
RSS feed for comments on this post. TrackBack URI
Leave a comment
Follow Us:
Malware Removal:
- How to remove Windows Secure Surfer virus
- How to remove Windows Be-on-Guard Edition virus
- How to remove Windows Abnormality Checker virus
- How to remove Windows Pro Solutions virus
- How to remove Windows Sleek Performance virus
- How to remove Windows ProSecurity Scanner virus
- How to remove Windows Internet Booster virus
- How to remove Windows Advanced User Patch virus
- How to remove Total Anti Malware Protection virus
- How to remove Windows Pro Web Helper virus
Recent Forum Posts:
- Slow after recovery from blue screen error
- Happili redirect
- Smart fortress 2012
- slow, internet disconnects, no external drive connect
- PING.EXE
- Please help remove trojan.fakealert and other spyware!
- massive spyware infection
- Need help to remove ie3sh.exe, a BHO.DLL please!
- Vista Security 2012 virus removal please!
- Need Help Super Slow Comp That Freezes
Recent Comments:
- At first, Iam not a english speaker, so sorry for...
- Thank you for this page and your help!! Your Advic...
- thanks!...
- This is an easy little virus. Just kick it into Sa...
- Joseph, try follow the 2.3-2.4 steps above....
- Hello.When i finish install the malware,I double...
- You are the best.....A very big thanks........
- Add/remove program indeed works fine. Malware byte...
- Man thank you very very much, you fix my pc thanks...
- No joke when I got the virus I was scared because...
Categories:
Archives:
- May 2012 (12)
- April 2012 (27)
- March 2012 (18)
- February 2012 (5)
- January 2012 (5)
- December 2011 (3)
- November 2011 (5)
- October 2011 (3)
- September 2011 (6)
- August 2011 (2)
- July 2011 (9)
- June 2011 (20)
- May 2011 (16)
- April 2011 (8)
- March 2011 (26)
- February 2011 (22)
- January 2011 (17)
- December 2010 (17)
- November 2010 (18)
- October 2010 (11)
- September 2010 (14)
- August 2010 (21)
- July 2010 (9)
- June 2010 (11)
- May 2010 (11)
- April 2010 (7)
- March 2010 (19)
- February 2010 (20)
- January 2010 (26)
- December 2009 (26)
- November 2009 (23)
- October 2009 (26)
- September 2009 (18)
- August 2009 (12)
- July 2009 (10)
- June 2009 (10)
- May 2009 (7)
- April 2009 (18)
- March 2009 (21)
- February 2009 (15)
- January 2009 (13)
- December 2008 (7)
- November 2008 (15)
- October 2008 (14)
- September 2008 (10)
- August 2008 (5)
- July 2008 (3)
- June 2008 (4)
- May 2008 (5)
- April 2008 (1)
- March 2008 (4)
- February 2008 (3)
- January 2008 (2)
- December 2007 (7)
- November 2007 (27)
- October 2007 (4)
- July 2007 (2)
- June 2007 (3)
- April 2007 (1)
- March 2007 (6)
- February 2007 (6)
- December 2006 (1)
- November 2006 (2)
- October 2006 (7)
- September 2006 (2)
- August 2006 (10)
- July 2006 (7)
- June 2006 (22)
- May 2006 (18)
- April 2006 (12)
- March 2006 (24)
- February 2006 (33)
- January 2006 (52)
- December 2005 (50)
- November 2005 (66)
Help by linking to us:
- MyAntiSpyware needs your support. Please make a link from your site to us.
Use the button:
Bookmark Us:
My Anti Spyware - Free antispyware programs and Spyware Removal Instructions.
It is very much pleasing that you have floated free virus removal tools which are very much effective. God may bless you and give more opportinuties to serve the humenity in a more better way. Thanks.
Comment by Malik Akram — August 14, 2008 #
Iam very great thankful to you fro providing these
virus removal tools,it is working perfectly for my
problem,Thanks a lot .
Comment by adithya — August 17, 2008 #
this is helpful alright but got virus ….detected: virus Heur.Invader (modification) URL: download.bleepingcomputer.com/sUBs/ComboFix.exe//PE_Patch.UPX//327882R2FWJFW/catchme.cfexe//PE_Patch.UPX
..
Comment by wesaxis — August 17, 2008 #
it`s false alert
Comment by Patrik — August 20, 2008 #
if the problem is just to get rid of autorun.inf worm, do I have to do steps 1 to 4 or can i just do step 1. thanks.
Comment by Sandy — September 5, 2008 #
If the problem of my pc and flashdrive is the presence of autorun.inf do I still need to do steps 1 to 4 or can I just do steps 1 and 4. Thanks.
Comment by Sandy — September 5, 2008 #
When I had the autorun.inf worm in the PC system, I could no longer use Yahoo Messenger. Will it help if I uninstall Yahoo MS and download another Yahoo MS? Thanks.
Comment by Sandy — September 5, 2008 #
Minimum do steps: 1,2 and 4.
Yes, uninstall, donwload a fresh Yahoo MS and install it.
Comment by Patrik — September 5, 2008 #
it worked well for me buddy. Thnx for the valuble service. I appreciate it.
Comment by srivenu paturi — September 13, 2008 #
Hi again! My kids classmate used a flashdrive in our PC that has redtube virus. Now each time we used the Explorer we see the pornographic site redtube.com. How can we fix this problem without affecting our files? Thanks.
Comment by Sandy — September 15, 2008 #
Please try Flash_Disinfector.exe by sUBs(read above, how to use it), if you are still having problems with your PC, I would recommend that you follow these instructions.
Comment by Patrik — September 15, 2008 #
I have McAfee antivirus and I got the message from it that it had detected and deleted the c:\autorunif trojan (sorry if I typed it’s exact name wrong but u know wat I mean) the problem was that it kept on doing it it kept detecting it and deleting it like every 30 seconds so I looked for a way to delete it and found one before this one and it said to restart the pc I did that and what i was using didn’t work then I did a full scan using McAfee and didn’t find anything. then I tried your step 1 to manually remove it I put the computer in safe mode than start run and typed in del /a:h /f c:\autorun.* and it came back saying that it couldn’t find it I doubt I have gotten rid of it can you help?????????
Comment by John — November 14, 2008 #
John, yes i can help you. Please follow these instructions.
Comment by Patrik — November 14, 2008 #
thank uuu verrry much.. it worked a lot for me..
Comment by dillu — December 9, 2008 #
Iwant to try but i have a problem with avenger…
http://swandog46.geekstogo.com/avenger2/avenger.zip\\avenger.exe
detected: Win32:Rootkit-gen [Rtk]
Comment by Gil — December 15, 2008 #
Gil, its false alert. Disable your antivirus and try again.
Comment by Patrik — December 15, 2008 #
can you help me??? I do not know which file3s I should delete after launching the hijackthis….
here is the log
Logfile of Trend Micro HijackThis v2.0.2
…
Comment by pichu — December 16, 2008 #
pichu, yes your computer infected with autorun.inf trojan. Please follow these steps. I will help you.
Comment by Patrik — December 16, 2008 #
How use the avenger it ask for a validate script
Comment by Mauro — December 24, 2008 #
You should type a text from the step3 and click Execute button. If you need help, follow these steps.
Comment by Patrik — December 24, 2008 #
when i pluged in the usb in my computer,
my antivirus AVAST gives alert about virus BV:AutoRun-G [Wrm]
i gives the antivirus to delete this file but after sometime this alert comes on again and again.
i don`t know what i have to do……….
please help me to solve this problem….
Comment by M Arshad Malik — December 30, 2008 #
M Arshad Malik, please read the instructions above or follow these steps.
Comment by Patrik — December 30, 2008 #
I Have Remove BV:AutoRun-G [Wrm] By Flash_Disinfector.exe Try it
Comment by Yuvraj YR — January 5, 2009 #
If You Are Useing Avast !4.8 .Geting Warning Of Autorun.inf Found( BV:AutoRun-G [Wrm])
For Stop This Message Use ‘Flash_Disinfector.exe’
http://download.bleepingcomputer.com//sUBs/Flash_Disinfector.exe
Comment by Yuvraj YR — January 5, 2009 #
Gday,
the command
del /a:h /f c:\\autorun.*
does not work when i type it into run.
And this is the problem.
LF to reply
Comment by Tim — January 6, 2009 #
Tim, you should run command console (Click Start -> Run, type cmd and press Enter) before enter “del /a:h /f c:\autorun.*”.
Comment by Patrik — January 6, 2009 #
thanks, it worked, appreciate it
have you got anyidea how to get rid of Vamsoft.exe
apparantly its very similar to Kamsoft.exe which i waht highjack this picks up
Comment by Tim — January 7, 2009 #
Great help thanks HijackThis and Avenger got rid of autorun finally, I have avg antivirus that detected the virus but could not get rid of it. But it gave me the paths where it was it attacked all of my hard drives and with a little variance so after using hijack this use avenger and add:
G:\resycled\boot.com
E:\resycled\boot.com
C:\autorun.inf
E:\autorun.inf
C:\resycled\boot.com
G:\autorun.inf
F:\autorun.inf
J:\resycled\boot.com
J:\autorun.inf
I have 3 hard drives you get the picture. Hope this helps some out there thanks again. Finally my A: floppy drive stopped going on and off every couple of minutes
Comment by Rick — January 10, 2009 #
Hey I Picked Up a Trojan, My pc had to restart so i did so, and when i turned it on, it kept restarting itself everytime from a autorun, i managed to open command prompt when starting and disable the autorun, which was using cli.exe, i deleted that file but still it manages to close my computer when i turn it on, my anti virus deleted the trojan but i cant find the autorun, i have a external hardrive which i unplugged, now when i turn my pc on, it runs and then restarts over and over and its a bit annoying, is there anyway i can find how to delete the autorun so it stops restarting my pc, cheers.
Comment by Rob — January 13, 2009 #
Hey guys, does anybody know why i try to see the hidden folders and files and it doesnt appear when use the show hidden folders and files from the tools menu.
I used to had a virus, i use combofix and no more virus but i still want to see the hidden files.
Amny comments will be very appreciated.
Regads
Comment by Felipe — January 23, 2009 #
Looks like your computer still have a virus. Read and follow these steps.
Comment by Patrik — January 23, 2009 #
hey guys i got a prob w/ autorun.inf i cant remove it every time i plug in a flash drive it keeps always alerting.. aim using avast 4.8 i did what you guys post but noting happens.. even flash disinfector noting happens.. i also try autorun eater.. same noting happen.. help me guys thanx
Comment by bien — January 31, 2009 #
Bien, please read and follow these steps.
Comment by Patrik — February 1, 2009 #
Thank you very much for such helpful information.
Comment by Babar Jahangir — February 2, 2009 #
ok hope it will help tnx patrik…
Comment by bien — February 5, 2009 #
I have downloaded Avenger and pasted a list of virus’ name. After executing, it ended up with the following message INVALID SCRIPT. A VALID SCRIPT MUST BEGIN WITH A COMMAND DIRECTIVE. ABORTING EXECUTION.
Comment by Loeky — February 6, 2009 #
Loeky, check whats you have pasted into “Input script Box”, maybe you have made a mistake.
Comment by Patrik — February 6, 2009 #
Hello for all , one way for disable autorun.inf without any anti virus is : create on folder who names is (auturun.inf) in all hard drive and flash drive , it make your drive for prevent create autorun.inf file who any virus create it .
also we can use a program name’s is (ninja pendisk ) for create automatic autorun.inf folder .
tanks for your help …
Comment by Hamid Raisiyan — February 11, 2009 #
Hi guys i am using zone labs as my antivirus.whenever I tried to open my C: drive its always showing this message:
gfqgq.cmd is trying to load driver:\Registry\Machine\System\CurrentControlSet\Services\KAVsys
I do no how to remove it.I also used avenger but nothing happened.Pls help me to get out from this.
Regards,
Sabari
Comment by Sabari — February 12, 2009 #
Sabari, please follow these steps.
Comment by Patrik — February 12, 2009 #
Hey thnx alot buddy … i owe u big time ..it took me 10hrs to look for the solution to remove this (olhrwef.exe)bloody virus but nuthing worked till i get to yr website .. u ROCKSSSSS man…..
Thanx a ton
btw its still showing in my msconfig on startup but i have disabled it .. i can open my hidden folders now which wernt accessible earlier …
so u think is it still harmful if its disabled in startup ???
Comment by Nazim — February 13, 2009 #
The best way is remove all harmful registry entries and malware files. Please follow these steps, i will help you
Comment by Patrik — February 13, 2009 #
I have a problem, whenever i start the computer in the safe mode, it does not start at all. i formatted the disk, then again the virus is there only… is there any virus removal tool from which i can remove the virus from my system.
Thanks
Sheikh Pervez
Comment by Sheikh — February 23, 2009 #
Sheikh, please follow these steps.
Comment by Patrik — February 25, 2009 #
Thanks alot
Comment by trups — March 15, 2009 #
A new one was found today, the filename is vncjmy.exe but i can’t find it anywhere on the web. any ideas?
Comment by PataPata — March 18, 2009 #
PataPata, please follow these steps.
Comment by Patrik — March 19, 2009 #
hi, patrik, I hope u can solve my problem.
My computer is severely affected by pook.com, i have fully formatted by all drives then also it still affecting PC, plz help.
Comment by Manish — May 9, 2009 #
Manish, ask help at our forum.
Comment by Patrik — May 9, 2009 #
Adam önce ingilizce bilicek sonra bu sayfaları okumaya gayret gösterecek böyle bişi olmuyo… Değişmiyo… Kütük hep kütükdür…
thank you very much.. it worked a lot for me..
Comment by pdrturk — May 28, 2009 #
oh u r an angel in disguise! thank u so very much! please continue doing good for mankind! hahaha! thanks again..
Comment by jane — June 18, 2009 #
heii becox of that 2u.com virus i cant open my safemode!!! the blue screencomes and shuts down!!
Comment by ishern — January 25, 2010 #
ishern, then run Flash Disinfector.
Comment by Patrik — January 25, 2010 #
Hi. My LG Cookie is having problems. I plug my USB connection into my phone & the USB logos show up as folders. It won’t even AutoPlay either. Is this an autorun.inf file in my phone?
Comment by Cameron — March 14, 2010 #
Cameron, open a new topic in our Spyware removal forum.
Comment by Patrik — March 15, 2010 #
thank you so much !!
Comment by v0dSkaa — July 15, 2010 #
thank ! please can you update this list ?!
Comment by SMed79 — July 29, 2010 #
Thank you for this valuable information. My antivirus has detected Foool.exe. USB contained autorun.inf file and tried to run it. Thanks to my BitDefender my system is ok
Comment by postavitev spletne strani — August 31, 2010 #