STEPS TO REMOVE THE TROJAN IISDLL.DLL.VBS
Important: These entire things should be done in the safe mode which is much
recommended
LOCATE THE DRIVES OF YOUR COMPUTER
This Trojan is a kind of vb script which run on the windows scripting shell
It’s a kind of vbscript which actually resides at the boot sector of the windows
First of all remove any flash drives or any removable disk which is connected using
USB of your computer.
Step1:
Go to the cmd window START -> RUN -> CMD
Step2:
Go to the command prompt
Type cd c:
Where c: is the system drive of your OS
C:\documents and settings\user1>Cd \
C:\Attrib –s –h –r autorun.ini
Step 3:
Now this autorun.inf file will be displayed in the c:\ directory itself
Respectively use the same command to remove the same files which is present in the
other drives
If E, F ,G is the respective drives of your computer use the same command which is
described above to remove the file instead of c: replace the drive letter of the respective
Letter
Now after deleting this
Step 4:
Go run -> type regedit -> browse to this location HKLM -> software -> Microsoft ->
windows -> current version -> run search for the registry key iisdll.dll.vbs key and delete
it
Step 5:
Now
Go the windows directories using cmd
Then type
C:\windows> attrib –s –h –r iisdll.dll.vbs
And now browse the file using your explorer and delete it
That’s it reboot your machine once
Posted by
Narayanan CJ
System administrator
No comments:
Post a Comment