This is an story of my laptop being attacked by a virus and overcoming from it. Two days ago, I connected a friend’s memory card (from nokia mobile) to my laptop to transfer some pictures and the silly mistake I did was skipping the virus scan.
I thought his memory card should be safe as he hardly knows how to operate the mobile. But I was wrong, and in a hurry to transfer the files I skipped the virus scan and opened the drive. As soon as I opened the drive, I realized that it’s stuffed with viruses as their were may “unknown” and “unwanted” .exe and .ini files.
But still I took the risk and copied the files to desktop. I usually don’t connect anyone’s external device to my laptop but this was an exception and will NEVER ever connect anyone’s external data storage device for the sake of my laptop’s safety. Pity on windows’ virus protection and bitdefender’s.
So let’s start with the symptoms and how to cure(not yet sure about 100% until I get positive response from you) and delete the desktop.ini trojan virus from the windows vista/ windows 7 PC.
- It creates number of “desktop.ini” files on your desktop and in many other folders.
- When you reboot the PC/Laptop, notepad pops up and displays this message “[.ShellClassInfo] LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21787“
- If you have an anti-virus program installed on your PC, It will show up the virus. Bitdefender showed it as “Win32.Tyhos.B”
- Your PC may crash with a blue screen on display. In my case, it happened 3 times in a row.
How to remove the virus:
- Delete those dekstop.ini files from desktop.
- Clean up your PC using CCleaner(or any other program of your choice). Clean registry too. See tutorial here.
- Scan your computer for viruses.
- Start De-fragment process.
By doing the above tasks, you won’t completely remove the virus but improve the stability of your PC. I googled about the desktop.ini virus which opens the notepad every time I boot and got the solution exactly from Microsoft Answers. Follow their guidelines(below) to remove the virus.
- Open Start menu > type CMD.
- Right-click on cmd.exe and select “run as administrator”.
- Copy the commands and hit enter.
- attrib +s +h “%appdata%\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini”
- attrib +s +h “%programdata%\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini”