Threat name: Vbs.Autorun.FM
Threat : Whenever a removable drive is inserted, the following files are copied over:
Here is the manual solution:
- Reboot System into safemode
- Go to C:\Windows and look for Sysres.vbs and delete.
- Go to regedit and search for Sysres.vbs and delete all of its values.
- Also in regedit, search for ntdir.vbs and radz_services.vbs and delete all values.
- Reboot your pc.