Computer Virus Removal EMERGENCIES NO EXTRA CHARGE Panic Popups Porn Spam Computer runs slowly or freezes Is your computer running as fast as when you first brought it home? A general clean up gets it running faster. Removing viruses, infections, spyware, trojans and adware. Hate VISTA? I can reinstall windows xp! Have VISTA and want to move to Windows 7? I'll be your advisor... Upgrade RAM, larger hard drive, dvd burner? Hardware upgrades available. www.schiffkey.com www.oilsyn.com

Sunday, May 16, 2010

Remember this virus: Belt.ini Belt.inf

Update the definitions.
Run a full system scan and delete all the files detected as Adware.Binet.
Delete the keys that were added to the registry.
Delete Belt.ini and Belt.inf if found.
Delete infected .cab files if necessary.

For specific details on each of these steps, read the following instructions.

CHANGE Norton Anti Virus.
1) options – manual scan – page defaults
2) options – auto protect – page defaults
you will not see any changes ON THE SCREEN – but it does make changes

3. Deleting the keys from the registry
On the Windows taskbar, click Start > Run.
In the Run dialog box, type regedit and then click OK.
In the Register Editor, navigate to and delete the keys:

HKEY_CLASSES_ROOT\CLSID\{000006B1-19B5-414A-849F-2A3C64AE6939}
HKEY_CLASSES_ROOT\TypeLib\{690BCCB4-6B83-4203-AE77-038C116594EC}
HKEY_CLASSES_ROOT\Interface\{4534CD6B-59D6-43FD-864B-06A0D843444A}
HKEY_CLASSES_ROOT\BiDll.BiDllObj.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BiDll.BiDllObj.1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\
Explorer\Browser Helper Objects\{000006B1-19B5-414A-849F-2A3C64AE6939}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\
{4534CD6B-59D6-43FD-864B-06A0D843444A}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\
{000006B1-19B5-414A-849F-2A3C64AE6939}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\
{690BCCB4-6B83-4203-AE77-038C116594EC}
Navigate to the registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
In the right pane, delete the value:

=
Exit the Registry Editor.
4. Deleting the .ini and .inf files
Search the system for Belt.ini/Susp.ini and Belt.inf/Susp.inf, deleting them if found.

Follow the instructions for your operating system:
Windows 95/98/Me/NT/2000
On the Windows taskbar, click Start > Find or Search > Files or Folders.
Make sure that "Look in" is set to (C:) and that "Include subfolders" is checked.
In the "Named" or "Search for..." box, type, or copy and paste, the file names:

Belt.ini Belt.inf or Susp.ini Susp.inf
Click Find Now or Search Now.
Delete the displayed files.


Windows XP
On the Windows taskbar, click Start > Search.
Click All files and folders.
In the "All or part of the file name" box, type, or copy and paste, the file names:

Belt.ini Belt.inf or Susp.ini Susp.inf
Verify that "Look in" is set to "Local Hard Drives" or to (C:).
Click "More advanced options."
Check "Search system folders."
Check "Search subfolders."
Click Search.
Delete the displayed files.

5. Deleting infected .cab files
If this threat was detected in a .cab file that is in the Windows Temp folder, your Symantec antivirus program may report that it cannot delete it. If this happens, manually delete it.
On the Windows taskbar, click Start > Run.
Type the following and then click OK:

%temp%
Click the Edit menu > Select All.
Press Delete and then click Yes to confirm. If you see a message that Windows cannot delete files, restart the computer and repeat steps 1 to 3. If you still see the message, just select and delete files that have the .cab extensions.

Search This Blog

Followers