This is quite a lame virus but anyway still many computers still infected with this virus. So I will write a tutorial to help people to remove this pest.
Characteristics
As usual, this virus will disable your Registry editor, search and folder option because to keep it hidden. But, this virus will not disable your task manager. Why? Because this is a trap. When you open your task manager and found flash10.exe in the process list, dont end the process yet because by doing it, your computer will shutdown.So what we need to do is just following this step.
Step 1 - Enable Registry Editor and folder option
Download Washer here. Enable back your registry editor and folder options by using washer.
- If the virus attacked your computer, there will be a check at the Disable Regedit, Hide Find and Hide Folder Option check button.
- Leave the check button and straightaway click the repair registry button and in just a few second, you can access back your registry, search and folder options.
- If this doesn't work, try it again or ask someone to help you.
Step 2 - Remove the virus link in registry
First open the registry editor by
Start > Run and type
regedit and press enter.
Go to
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentUser\Run and delete the
WindowsMSN key at the right hand-side.
Then go to HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache\ and delete the C:\WINDOWS\system32\Flash.10.exe key at right hand side.
Then go to HKEY_CURRENT_USER\Software\Microsoft\WindowsNT\
CurrentVersion\Windows\ and delete the load key at the right.
Then, go to HKEY_USERS\S-1-5-21-2000478354-2025429265-839522115-1003\
Software\Microsoft\Windows\ShellNoRoam\MUICache
and last go to HKEY_USERS\S-1-5-21-2000478354-2025429265-839522115-1003\
Software\Microsoft\WindowsNT\CurrentVersion\Windows\
and delete load key.
If your are tired to find the key, just press F3 and typed flash.10 and press again F3 to keep search.
After that, restart your computer.
Step 3 - delete the virus file
After restart your computer, make sure the virus is not run anymore. Open your task manager and if Flash.10 and Macromedia.10 is not in the process list, it is safe for you to delete the virus file. If not, repeat step 2.
Before delete the virus, you need to configure your Folder Options first. Open My Computer, click Tools menu and choose Folder Options. If Folder Options did not appear, repeat step 1.
Now Change the setting as my folder options on the picture below. Changes are on Show hidden file, Hide protected operating system file and Hide extension for known files. Click Ok.
Go to
C:\Program Files\Common Files\Microsoft Shared\ and delete
Macromedia.10.exeNow, open
C:\Program Files\Common Files\Microsoft Shared\DAO\ and delete file
MSN.msn. The virus try to spoof by using MSN logo and name.
Then, go to
C:\WINDOWS\System32\ . Right Click, choose
Arrange Icon By > Modified. Then scroll to the last row and try to find
Flash.10.exe, cmd.com, dxdiag.com, JambanMu.com, msconfig.com, ping.com and regedit.com. Delete the file. Remember, just delete the listed file only!!
Then, delete the virus in your USB drive. Delete only
Flash Jokes.exe, Autorun.inf, Flash.10.Setup.exe and Scanner.exeNow restart your computer. Hopefully your computer will be okay.
for more information, please click
here
