QUICK H
Closed
anonymous
-
Mar 31, 2009 at 05:50 PM
gigafide Posts 5 Registration date Monday March 30, 2009 Status Member Last seen March 31, 2009 - Mar 31, 2009 at 05:56 PM
gigafide Posts 5 Registration date Monday March 30, 2009 Status Member Last seen March 31, 2009 - Mar 31, 2009 at 05:56 PM
Related:
- QUICK H
- Quick cpu - Download - Diagnosis and monitoring
- Quick book download free - Download - Billing and accounting
- Quick basic download - Download - IDE
- Pin to quick access - Guide
- Quick heal removal tool version 23 - Antivirus Forum
1 response
gigafide
Posts
5
Registration date
Monday March 30, 2009
Status
Member
Last seen
March 31, 2009
7
Mar 31, 2009 at 05:56 PM
Mar 31, 2009 at 05:56 PM
hello. this is a worm attached to a file that you downloaded here is the solution, also you may not have removed it correctly, go to control panel once more>add or remove programs>check if it is still there.
AUTOMATIC REMOVAL INSTRUCTIONS
To automatically remove this malware from your system, please refer to the Trend Micro Damage Cleanup Engine and Template.
MANUAL REMOVAL INSTRUCTIONS
Identifying the Malware Program
Before proceeding to remove this malware, first identify the malware program.
Scan your system with Trend Micro antivirus and NOTE all files detected as WORM_KLEZ.H. To do this, Trend Micro customers must download the latest pattern file and scan their system. Other Internet users can use HouseCall, Trend Micro's free online virus scanner.
Terminating the Malware Program
Due to the limitations of the Windows Task Manager, you will need a thrid-party process viewer to terminate this malware. You can download and use Sysinternal's free process viewer Process Explorer to terminate the malware programs detected earlier.
Removing Autostart Entries from the Registry
Removing autostart entries from registry prevents the malware from executing during startup. You will need the name(s) of the file(s) detected earlier.
Open Registry Editor. To do this, click Start>Run, type REGEDIT, then press Enter.
On machines running Windows 95, 98, and ME, in the left panel, double-click the following:
HKEY_LOCAL_MACHINE>Software>Microsoft>
Windows>CurrentVersion>Run
In the right panel, locate and delete the entry or entries whose data value (in the rightmost column) is the malware file(s) detected earlier. The entry usually begins with the string:
WINK
On machines running Windows 2000 and XP, in the left panel, double-click the following:
HKEY_LOCAL_MACHINE>SYSTEM>CurrentControlSet>Services
In the right panel, locate and delete the entry or entries whose data value (the rightmost column) is the malware file(s) detected earlier.The entry usually begins with the string:
WINK
Close Registry Editor.
Additional Windows ME/XP Cleaning Instructions
Users running Windows ME and XP must disable System Restore to allow full scanning of infected systems.
Users running other Windows versions can proceed with the succeeding procedure sets.
Running Trend Micro Antivirus
Scan your system with Trend Micro antivirus and delete all files detected as WORM_KLEZ.H. To do this, Trend Micro customers must download the latest pattern file and scan their system. Other Internet users can use HouseCall, Trend Micro's free online virus scanner.
Applying Patches
This worm uses a vulnerability in HTTP-based email clients, such as Microsoft Outlook and Outlook Express. Proceed to the Microsoft Internet Explorer page for the latest updates.
i hope that helped :)
AUTOMATIC REMOVAL INSTRUCTIONS
To automatically remove this malware from your system, please refer to the Trend Micro Damage Cleanup Engine and Template.
MANUAL REMOVAL INSTRUCTIONS
Identifying the Malware Program
Before proceeding to remove this malware, first identify the malware program.
Scan your system with Trend Micro antivirus and NOTE all files detected as WORM_KLEZ.H. To do this, Trend Micro customers must download the latest pattern file and scan their system. Other Internet users can use HouseCall, Trend Micro's free online virus scanner.
Terminating the Malware Program
Due to the limitations of the Windows Task Manager, you will need a thrid-party process viewer to terminate this malware. You can download and use Sysinternal's free process viewer Process Explorer to terminate the malware programs detected earlier.
Removing Autostart Entries from the Registry
Removing autostart entries from registry prevents the malware from executing during startup. You will need the name(s) of the file(s) detected earlier.
Open Registry Editor. To do this, click Start>Run, type REGEDIT, then press Enter.
On machines running Windows 95, 98, and ME, in the left panel, double-click the following:
HKEY_LOCAL_MACHINE>Software>Microsoft>
Windows>CurrentVersion>Run
In the right panel, locate and delete the entry or entries whose data value (in the rightmost column) is the malware file(s) detected earlier. The entry usually begins with the string:
WINK
On machines running Windows 2000 and XP, in the left panel, double-click the following:
HKEY_LOCAL_MACHINE>SYSTEM>CurrentControlSet>Services
In the right panel, locate and delete the entry or entries whose data value (the rightmost column) is the malware file(s) detected earlier.The entry usually begins with the string:
WINK
Close Registry Editor.
Additional Windows ME/XP Cleaning Instructions
Users running Windows ME and XP must disable System Restore to allow full scanning of infected systems.
Users running other Windows versions can proceed with the succeeding procedure sets.
Running Trend Micro Antivirus
Scan your system with Trend Micro antivirus and delete all files detected as WORM_KLEZ.H. To do this, Trend Micro customers must download the latest pattern file and scan their system. Other Internet users can use HouseCall, Trend Micro's free online virus scanner.
Applying Patches
This worm uses a vulnerability in HTTP-based email clients, such as Microsoft Outlook and Outlook Express. Proceed to the Microsoft Internet Explorer page for the latest updates.
i hope that helped :)
