1. Temporarily Disable System Restore (Windows Me/XP). [how to]
2. Update the virus definitions.
3. Reboot computer in SafeMode [how to]
4. Run a full system scan and clean/delete all infected file(s)
5. Delete/Modify any values added to the registry. On Start Menu,
click Run, type regedit on the field.
Navigate to and restore the following registry entry if required:
HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Explorer
\Advanced\”ShowSuperHidden” = “0″
6. Exit registry editor and restart the computer.
7. Find and delete the following files:
- %SystemDrive%\Documents and Settings\tazebama.dl_
- %SystemDrive%\Documents and Settings\hook.dl_
- %UserProfile%\Start Menu\Programs\Startup\zPharoh.exe
- %SystemDrive%\Documents and Settings\tazebama.dll
- [DRIVE]:\zPharaoh.exe
- [DRIVE]:\autorun
No comments:
Post a Comment