Now a day I am having a virus issue at user end that is about " Blank named Folder " it is a virus. People say it is a shortcut virus but in this case i found nothing in Pen drive but it shows... it is full. some how it fixed by this command " E:\attrib -a -s -r -h /s /d " but this is all about in pen drive. I want to ask the issue is.. however i remove the virus from pen drive by formatting or by using attribute command, but when i insert this in an infected PC it goes blank. now I want the solution to remove it from PC because in my organization a large number of PC's are infected by this virus. it always attack on USB. Mass Storage.
I have faced same problem. Shortcuts everywhere.
Not once, many times.
I tried many solutions.
Shortcut Virus Remover is the best solution I found.
A 100% free simple application.
You can download it from this link - Shortcut Virus Remover
Place it in your pen drive and double click to run.
Press Enter to confirm its process.
That is all.
Shortcuts will remove and your data will be back in a second.
Windows PC Defender is designed to look like anti-virus or
anti-spyware software from Microsoft, but it is actually a virus.
Windows PC Defender pretends to scan the computer for
infections, displays a fake results log, then demands you to purchase the full
program to fix the "detected" viruses.
Although the program claims to be an anti-virus program, it
actually blocks real anti-virus programs from removing Windows PC Defender.
It also hijacks all program icons so that you can't launch
your real anti-virus software or any other program.
If your PC is infected with the Windows PC Defender virus
and you can't run your anti-virus or anti-malware software, you can remove the
infection manually.
Turn on or restart the computer and press "F8" on the boot screen to
open the Windows Advanced Boot Options menu.
Scroll to "Safe Mode" and press Enter.
Sign in to Windows. Hold down "Ctrl-Shift-Esc"
to open Windows Task Manager.
Click the "Processes" tab.
Click "Image Name" to alphabetize the processes.
Right-click "eb.exe."
Select "End Process" from the menu. Click
"End Process" again.
Repeat the above step for fix.exe, ppal.exe and
WP345d.exe.
Click "File." Click "New Task" to open
the "Run" window.
Type "cmd" and press "Enter" to open a
command-line window.
Type "cd c:\windows\system32" at the
command-line prompt.
Press "Enter."
Type "regsvr32 -u mozcrt19.dll" and press
"Enter" to unregister the Windows PC Defender dynamic linking
library.
Repeat the process for sqlite3.dll, cid.dll and ddv.dll.
Type "cd %userprofile%\recent" at the command
prompt and press Enter.
Unregister tempdoc.dll.
Close the command-prompt window.
Reopen the "Run" box. Type in
"regedit" or "regedit.exe."
Press Enter to open Windows Registry Editor.
Navigate through the "HKEY_CLASSES_ROOT" and
"CLSID" paths.
Right-click
"{3F2BBC05-40DF-11D2-9455-00104BC936FF}." Click "Delete."
Click "Yes" to confirm.
Return to "HKEY_CLASSES_ROOT."
Right-click "WP345d.DocHostUIHandler" and click
"Delete."
Click "Yes" to confirm the deletion.
Go through "HKEY_USERS ' .DEFAULT ' Software'
Microsoft' Internet Explorer." Click "SearchScopes."
Right-click "URL," which has the value of
"http://search-gala.com/?&uid=201&q={searchTerms," and click
"Delete."
Click "Yes" to confirm the deletion.
Return to "Internet Explorer." Right-click
"PRS," which has the value of "http://127.0.0.1:27777/?inj=%ORIGINAL%."
Click "Delete." Click "Yes."
Go to
"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet
Settings." Find and delete "UID" with the "201" value.
Click
"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet
Settings\5.0\User Agent\Post Platform." Delete "89770891803."
Open
"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run."
Delete "Windows PC Defender."
Click the Start button at the bottom left of your monitor
screen.
Click "Computer."
Enter "8424.mof" into the search bar and wait for
the computer to locate the file.
When the file appears in the results, right-click it, then
click "Delete."
Click "Yes."
Repeat the process for the following files associated with
Windows PC Defender: exec.tmp, mozcrt19.dll, CLSV.tmp, fix.exe, search.xml,
ddv.dll, eb.exe, sqlite3.dll, tempdoc.dll, WP345d.exe, runddlkey.drv, WPCD.ico,
ppal.exe, wpcd.cfg, energy.sys, vd952342.bd, cookies.sqlite, Windows PC
Defender.lnk, PE.drv, cid.dll, eb.sys, FS.drv, Instructions.ini, kernel32.drv
and PE.tmp.
Go to "C:\Documents and Settings\All
Users\Application Data."
Delete the following folders: "3adffe,"
"WPCDSys" and "345d567."
Type "%userprofile%\application data" into the
address bar and press Enter.
Right-click "Windows PC Defender" then click
"Delete."
Click "Yes" to completely remove the Windows PC
Defender virus from your computer.
Restart your computer.
http://www.2-spyware.com/remove-windows-pc-defender.html
SOURCE: PC incompatable to antivirus and adobe reader
Download a progran called Anti-Malware from www.Malwarebytes.org
SOURCE: Regarding usb drivers
Install the chipset drivers from your motherboard cd or from net
i.e. http://h10025.www1.hp.com/ewfrf/wc/softwareCategory?lc=en&dlc=en&cc=us&lang=en&product=3814517&#
1. Double click on My Computer.
2. Click on the Tools menu in the top menu bar.
3. Click on Folder Options...
4. Click on the View Tab
5. Click on the little button next to "Show hidden files and folders" (in the Advanced Settings box)
6. Click OK.
7. Double click on Local Disk (C:)
8. Double click on the Documents and Settings folder
9. Double click on the folder with your user name
10. Double click on Application Data. (That folder will be dimmed)
11. Double click on the Microsoft folder.
12. Double click on the Templates folder.
13. Right click on the Normal.dot file and delete it
14. Now you need to hide your hidden folders again
15. Click on the Tools menu in the top menu bar.
16. Click on Folder Options...
17. Click on the View tab.
18. Click on the little button next to "Do not show hidden files and folders" (in the Advanced Settings box)
19. Click on OK.
20. Close all the open windows and you are done!
169 views
Usually answered in minutes!
×