This is really useful Mukul ""NKP"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Access the Windows Registry by following the steps below: > 7 Click of the Windows Start button. > 7 Select the option Run... > 7 Write REGEDIT.COM and click on OK. > Follow the steps below in order to locate a specific entry in the Registry: > o Click on the + sign next to the folder HKEY_CLASSES_MACHINE. > o Click on the + sign next to the subfolder Software. > o Click on the + sign next to the subfolder Microsoft. > o Click on the + sign next to the subfolder Windows. > o Click on the + sign next to the subfolder CurrentVersion. > o Click on the + sign next to the subfolder Network. > o Click on the + sign next to the subfolder LanMan. > o Select the subfolder of the drive that is not shared and delete it. > In order to completely eliminate the W32/Nimda virus from your computer, it > is > also necessary to follow the steps below. However, before doing so, make > sure > that your computer displays all hidden files. This means doing the > following: > > 7 In computers with the following operating system: Windows > 95/98/NT/2000Pro: > o Click on Start. > o Select Programs. > o Select Windows Explorer. > o Then select the View option. > o Click on Options. > o Finally check the option Show all files. > > 7 If you have Windows Me installed: > o Click on Start. > o Select Programs. > o Select Windows Explorer. > o Then select the Tools option. > o Click on Options. > o Finally check the option Show all files. > Once this has been done, your computer will show all files that could have > been hidden. This is important with respect to the file searches indicated > below. > > > 1. Firstly access the file System.ini. This file is located in the Windows > directory. You must run the file by double clicking on it. Once in this file > you should modify the following line: shell=explorer.exe > load.exe -dontrunold > by removing the following: load.exe -dontrunold. > 2. Next, it is necessary to delete the virus files. In this case, the file > LOAD.EXE should be deleted. Follow the steps below to delete this file: > > o Click on Start. > o Select Find - Files or Folders. > o Write the name of the file in the Name field . > o The Look in option allows you to select the drive in which to perform the > search. > o Finally click on Find now. > o Once you have found the files, you'll have to delete them. To do this, > click > on the file using the right mouse button and select the option Delete. > > 3. Then it would be interesting to delete all the temporary files that the > virus generates in the TEMP folder. Follow the steps below to do that: > > o Click on Start. > o Select Find - Files or Folders. > o Type the names of the temporary files with the following format: MEP*.TMP > and MEP*.EXE in the Name tab. > o The option Look in allows you to select the TEMP folder in the Windows > directory. > o Finally, press the button Find Now. > o Once the files have been found it will be necessary to delete them. To do > this right-click on the file and select the Delete option. > > Users are also advised to update the Internet Explorer 5.01 y 5.5 at the > following addresses: > Internet Explorer 5.01 > http://www.microsoft.com/windows/ie/download/critical/q295106/default.asp > > Internet Explorer 5.5 > http://www.microsoft.com/windows/ie/download/critical/q299618/default.asp > Servers with IIS installed should update at the following addresses: > IIS 4.0 > http://www.microsoft.com/Downloads/Release.asp?ReleaseID=32061 > > IIS 5.0 > http://www.microsoft.com/Downloads/Release.asp?ReleaseID=32011 > Once these steps have been carried out, the virus will be neutralized. > If you wish to disinfect the computer update your antivirus and carry out a > full scan of your system. > > -- > Navin Parwal > MCSE ,CIW , CCNP, CCDP , CCIE(written) > > /************ > We learn from experience that we never learn from experience. > George Bernard Shaw (1856 - 1950) > > ************ / Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=20647&t=20646 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
