Results 1 to 3 of 3

Thread: Remove / Delete Boot.vbs Autorun Virus

  1. #1
    Join Date
    Feb 2008
    Location
    Islamabad, UK
    Posts
    88,506
    Mentioned
    1028 Post(s)
    Tagged
    9706 Thread(s)
    Thanked
    603
    Rep Power
    21474934

    candel Remove / Delete Boot.vbs Autorun Virus

    i - Remove / Delete Boot.vbs Autorun Virus

    Trouble:

    Boot.vbs is a virus which is from the family of W32/Autorun.worm.h worm which attempts deploy itself to the root directory of all the drives by creating the autorun.inf files. Autorun.inf files in the root directory of each drive will execute the virus when ever user opens that drive.



    Boot.vbs virus comes from W32/Lsetspy-C worm which also creates the following files on your computer as dxdlg.exe, wscript.exe and kinza.exe. Its located in windows at the following locations:


    • C:\Windows\System32\dxdlg.exe
    • C:\Windows\System32\boot.vbs



    Here is the removal procedure to remove boot.vbs virus completely in 5 minutes.



    Fix:

    In order to remove boot.vbs virus you will need to end the primary process of the boot.vbs virus named dxdlg.exe, wscript.exe



    Normally for removing this worm you will need to boot in safe mode but with we will tell you the procedure to remove this boot.vbs virus without booting in the safemode



    1. Download Process Explorer from this link.



    2. Run process explorer and Locate the following process, right click and select Kill Process or press Del key and Enter to end the process named dxdlg.exe and wscript.exe





    3. Press Window + R and type msconfig and press Enter, click the startup tab



    4. Uncheck the entries containing the names dxdlg.exe, wscript.exe and click OK



    5. Now, Search for the following files on your computer and delete them from any where found in your computer.

    dxdlg.exe
    wscript.exe
    boot.vbs
    kinza.exe






    Note: Also delete all the autorun.inf files in the root directory of the drive using autorun eater tool here. Now you need to remove the registry changes done by the virus in the registry



    6. Open Start Menu >> Run, type regedit and press Enter.

    Navigate to the following path:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon



    7. In the right pane, double click the edit the value of Userinit and set the value as C:\windows\system32\userinit.exe there should be nothing else written with this value mentioned.



    8. Close registry and restart your computer, boot.vbs virus will be gone.



  2. #2
    Join Date
    Feb 2008
    Location
    Karachi, Pakistan, Pakistan
    Posts
    125,914
    Mentioned
    836 Post(s)
    Tagged
    9270 Thread(s)
    Thanked
    1179
    Rep Power
    21474971

    Default Re: Remove / Delete Boot.vbs Autorun Virus

    nice
    صرف آواز نہیں ، لفظ بھی مقفل ہیں مرے

    سوچ میں ہوں کہ اب تجھ کو پکاروں کیسے

  3. #3
    Join Date
    Mar 2008
    Location
    Hijr
    Posts
    152,763
    Mentioned
    104 Post(s)
    Tagged
    8577 Thread(s)
    Thanked
    80
    Rep Power
    21474998

    Default Re: Remove / Delete Boot.vbs Autorun Virus

    Nice Sharing
    پھر یوں ہوا کے درد مجھے راس آ گیا

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •