I will need to know how many usb devices and hard drives you have and the drive letters.
Please do not plug in any usb device until you have done the tweakui portion. After you have done that part, please only plug in the devices with the drive letters covered in this fix. The OTMOVEIT2 fix will only cover drives C,D,E, F, G and H. If there are more or other letters, we will do them separatley.
Download and Install Microsoft's TweakUI:
http://www.microsoft.com/windowsxp/downloads/powertoys/xppowertoys.mspx Obtain and install TweakUI (right hand panel, 147kb in size), and then start TweakUI.
Expand the My Computer branch, then the AutoPlay branch, and then select Drives.
Turn off the checkbox next to every drive letter to disable AutoPlay -- except your CD/DVD drive letters
This will prevent autoruns from running on your computer. Make sure you uncheck
all drive letters in the list, except your cd/dvd.
Then
Download "Clean Autoruns":From HERE
http://forums.techguy.org/attachments/103397d1176780296/clean-autoruns.zipPlug in as many usb storage device you can or have. Phones, ipods etc count.
Save and extract its contents to the desktop. It is a folder containing a Batch file, Clean autoruns.bat, Written by Mosaic1. Once extracted, open the folder and double click on the Clean autoruns.bat to run the fix.
If any autoruns are found, the fix will move them to a backup folder.
If any autoruns are found on the root of your drives, it will kill explorer so that the registry entries in the MountPoint(s) key are fixed.
It will produce two files, Part1.txt and Part2.txt , that will show the state before and after the cleaning.
Please post those.
Please download
OTMoveIt2 by OldTimer.Save it to your
desktop.Please double-click OTMoveIt2.exe to run it. Make sure the usb drives are plugged in.
Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
C:\Autorun.inf
D:\Autorun.inf
E:\Autorun.inf
F:\Autorun.inf
G:\Autorun.inf
H:\Autorun.inf
C:\amvo*.* /s
D:\amvo*.* /s
E:\amvo*.* /s
F:\amvo*.* /s
G:\amvo*.* /s
C:\amvo*.* /s
D:\amvo.* /s
E:\amvo.* /s
F:\amvo.* /s
G:\amvo.* /s
H:\amvo.* /s
Return to OTMoveIt2, right click in the "Paste List Of Files/Patterns To Search For and Move" window
(under the yellow bar) and choose Paste.
this fix will not work if the wrong box is usedClick the red Moveit! button.
Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
Close OTMoveIt2
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.
NOTE: If OTMOVEITE reboots, before you can get the ruslts they can be found here
C:\_OTMoveIt\MovedFiles\********_******.log
(where "********_******" is the "date_time")
Now to protect those drives, I will need you to down load and run this program, with your usb devices attached.
Download this program, Flash Drive Disinfector by sUBs from
http://www.techsupportforum.com/sectools/sUBs/Flash_Disinfector.exeDouble-click Flash_Disinfector.exe to run it and follow any prompts that may appear.
The utility may ask you to insert your flash drive and/or other removable drives including your mobile phone. Please do so and allow the utility to clean up those drives as well. Just skip that part.
Wait until it has finished scanning and then exit the program.
Reboot your computer when done.
This utility will do a couple of things. First it will remove any autorun.inf it finds. It will create a SYSTEM protected, read-only, and perfectly harmless Autorun.inf file on any hard drive or removable storage device it finds when run. This file will not only help prevent future autorun infections, it will disable any current Autorun infection its ability to restart.
Please attach the results to your next reply. Use the additional option button on the reply page.
Thanks
