Mark Manching Posted September 17, 2007 Share Posted September 17, 2007 Credits to PC Express Online and stardestiny for the fix I've finally learned how to kill it... but first an intro... I got this virus in a internet cafe in Cebu, Philippines It exploits the autorun feature in memorycards and copies itself to computers and connected memory cards thereafter Because it does not spread itself to the internet, it hasn't gained enough notoreity to be included in virus defenses of various programs Be sure to also clean your infected memory cards... Here's how you clean it: Download startup control Panel at mlin.net (You're going to use this later) Go to your Task Manager (Ctrl+Alt+Del) Terminate the Wscipt.exe process Terminate the Explorer.exe process Click New Task and Type "cmd" (without the quotes) type the following in your command prompt del c:pooh.vbs /f/s/q/a del d:pooh.vbs /f/s/q/a (include your other drives and USB drives that have been infected) del c:autorun.inf del d:autorun.inf (include your other drives and USB drives that have been infected) del c:windowssystem32kernell.dll.vbs del c:aikelyu.html /f/s/q/a Use the start-up program from mlin.net to remove aikelyu.html on windows startup Go to New Task and type "regedit" (without the quotes) Go to HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogon and modify it to make the value in Shell to only contain "explorer.exe" That's about it... Good luck everybody... Oh yeah... to the creator of the virus... "Jayker"... go f*ck yourself further readings: http://www.mydigitallife.info/2007/04/19/u...torunvbs-error/ to Jayker: You're Sore Loser! :x Quote Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.