The regsvr.exe is most common virus for people who deal with transferring files across PC's using their Pen drives or USB drives. These are the main sources from where this virus travels. Most of the anti virus softwares should detect this virus and delete it but if your system gets infected for some reason get ready to clean it manually.
regsvr.exe virus first creates entries in the startup folders so that it will execute at every startup. It also creates entries in scheduled tasks so as to execute at a specific time and date. And finally it creates autorun.inf files in the root of all the drives, which prevent you from opening these drives.
Here are the steps to get this resvr.exe virus out of your computer.
--- If the virus disables your task manager and registry then you should consider the tips given here to get them back.
--- After that you need to get rid of the autorun.inf file. This file will be hidden so follow these tips here to delete these files.
--- Now type msconfig in start menu --> Run and press enter and uncheck the option that says regsvr. Press ok and dont restart yet.
--- Now go to ControlPanel --> Scheduled tasks and delete the entry At1 which is created by the virus.
--- Now go to registry editor by typing regedit in run dialog box and then to find menu in regedit and search for regsvr.exe and delete all entries except one that say "Explorer.exe regsvr.exe". You need to edit this entry to only remove the regsvr.exe part and leave the other part as it is.
--- Now search your entire system for regsvr.exe and delete any entries you find. Make sure you search within Hidden files & system files also.
--- Reboot your system for the changes to take effect and the virus is gone without any traces.
No comments:
Post a Comment