February 1, 2011


As this comes in the form of an attachment it is easy to identify. All we have to do is to scan the attachment with a good anti-virus product. However the manual removal involves the following things when PC is already infected.

Step 1: We need to go to Recovery Console by using Bootable Disk.
Step 2: Navigate to Windows folder using Cd command
Step 3: Type  the following files and restart the computer

  • del %System%\ifcmgr32.dll
  • del %System%\ifcconf.exe
  • del %System%\infowshb.dll
  • del %System%\rtutvb5d.dll
Step 4: You should go to task manager and  processes  and remove the processes that you see with the same name as the above files and any other files with unknown manufacturer.

Step 5: Goto registry editor remove the auto start registry key
  • HKEY_LOCAL_MACHINE>SOFTWARE>Microsoft>Windows>CurrentVersion>Run
                ifcdiag = "%System%\ifcconf.exe"
and all the files stated above

  • HKEY_LOCAL_MACHINE>SOFTWARE>Microsoft>WindowsNT>CurrentVersion>Winlogon>Notify dbgmgr
  • HKEY_LOCAL_MACHINE>SOFTWARE>Microsoft shdosbei 
Step 6: Restore the registry keys
  • HKEY_LOCAL_MACHINE>SOFTWARE>Microsoft>Windows NT>CurrentVersion>Windows 
             AppInit_DLLs = "infowshb.dll confifc.dll ifcstat.dll" delete the value after = and leave it blank

Step 7: delete the shdosbei.dat files from the the system using search feature



Post a Comment

Related Posts Plugin for WordPress, Blogger...

Search This Blog



There was an error in this gadget
Twitter Delicious Facebook Digg Stumbleupon Favorites More