QUICK H [Closed]

Report
-
Posts
5
Registration date
Monday March 30, 2009
Status
Member
Last seen
March 31, 2009
-
Hello, I downloaded a program called Quick H. I then went to my control panel and removed it. However it keeps popping up at start and just would not go away. The message says can find Quick H. I would think it should recognize that it has been removed. How do I stop that message from popping up?

1 reply

Posts
5
Registration date
Monday March 30, 2009
Status
Member
Last seen
March 31, 2009
7
hello. this is a worm attached to a file that you downloaded here is the solution, also you may not have removed it correctly, go to control panel once more>add or remove programs>check if it is still there.




AUTOMATIC REMOVAL INSTRUCTIONS

To automatically remove this malware from your system, please refer to the Trend Micro Damage Cleanup Engine and Template.

MANUAL REMOVAL INSTRUCTIONS

Identifying the Malware Program

Before proceeding to remove this malware, first identify the malware program.

Scan your system with Trend Micro antivirus and NOTE all files detected as WORM_KLEZ.H. To do this, Trend Micro customers must download the latest pattern file and scan their system. Other Internet users can use HouseCall, Trend Micro's free online virus scanner.

Terminating the Malware Program

Due to the limitations of the Windows Task Manager, you will need a thrid-party process viewer to terminate this malware. You can download and use Sysinternal's free process viewer Process Explorer to terminate the malware programs detected earlier.

Removing Autostart Entries from the Registry

Removing autostart entries from registry prevents the malware from executing during startup. You will need the name(s) of the file(s) detected earlier.

Open Registry Editor. To do this, click Start>Run, type REGEDIT, then press Enter.
On machines running Windows 95, 98, and ME, in the left panel, double-click the following:
HKEY_LOCAL_MACHINE>Software>Microsoft>
Windows>CurrentVersion>Run
In the right panel, locate and delete the entry or entries whose data value (in the rightmost column) is the malware file(s) detected earlier. The entry usually begins with the string:
WINK
On machines running Windows 2000 and XP, in the left panel, double-click the following:
HKEY_LOCAL_MACHINE>SYSTEM>CurrentControlSet>Services
In the right panel, locate and delete the entry or entries whose data value (the rightmost column) is the malware file(s) detected earlier.The entry usually begins with the string:
WINK
Close Registry Editor.
Additional Windows ME/XP Cleaning Instructions

Users running Windows ME and XP must disable System Restore to allow full scanning of infected systems.

Users running other Windows versions can proceed with the succeeding procedure sets.

Running Trend Micro Antivirus

Scan your system with Trend Micro antivirus and delete all files detected as WORM_KLEZ.H. To do this, Trend Micro customers must download the latest pattern file and scan their system. Other Internet users can use HouseCall, Trend Micro's free online virus scanner.

Applying Patches

This worm uses a vulnerability in HTTP-based email clients, such as Microsoft Outlook and Outlook Express. Proceed to the Microsoft Internet Explorer page for the latest updates.


i hope that helped :)