This is actually part of my post on how to remove the Worm@W32.Resik worm from your PC or Flash Drive. Our visitor who send us an email yesterday, sent us again an email asking me the instructions on how to delete manually the hidden files of the Resik worm.

Yesterday, I posted the instruction on how to view the hidden files created by this worm because they couldn’t be viewed by simply changing the VIEW option of the Windows explorer.

So, since these files can only be viewed in DOS, we can also delete this files at DOS.

However, these files can’t be deleted by immediately deleting them using the DEL command because their attributes are set to hidden and read only. In other words, we should change their attribute first before we can delete them. And here’s how:

1. Assuming that you already had opened the DOS interface (see our previous post how… step 1)
2. Change the directory to the Windows system directory by typing at the DOS prompt, “cd c:\windows\system32\” without quote and press ENTER.
3. Type “attrib inetsrv* -r -s -h” without quote and press ENTER. This DOS command changes the attribute of the files in which their filenames begin with “inetsrv” into minus readonly (-r), minus system (-s), and minus hidden (-h). In other words, these files will be made as not read-only, not system and not hidden files.
4. To verify if their attributes have been changed already, type at the DOS prompt “attrib inetsrv*” without quote and press ENTER. The DOS will tell you the files’ corresponding attributes whether A for Archive, H for Hidden, R for Read-Only and S for System.
5. Now, if these files are already with minus hidden attribute and minus read-only attribute, then you can now delete them by typing “del inetsrv*” without quote and press ENTER. If the DOS will ask you whether to delete them all just press Y to confirm the deletion command.
6. The steps 3, 4 and 5 should be done also when deleting the autorun.inf at the root directory of your Flash Drive, and Voinfo* and Driveinfo* at the directory “Recycled” of your Flash drive. Just replace the INETSRV with VOINFO or DRIVEINFO.

If you still meet problems in deleting them, email me again or just drop your message at our comment section.

• Sign up for PayPal and start accepting credit card payments instantly.
  As the world's number one online payment service, PayPal is the fastest way to open your doors to over 150 million member accounts worldwide.
• Promote your product to high quality, targeted websites and blogs.
  Find effective, influential blogs and highly targeted audiences to advertise.Choose to display your ad across entire blog networks to maximize your exposure to a wide audience.