Username: Save?
Password:
Home Forum Links Search Login Register*
    News: Welcome to the TechnoWorldInc! Community!
Recent Updates
Three-year-olds groomed o...
by Saniya Abraham
[April 24, 2024, 11:48:22 AM]
How robots are taking ove...
by Saniya Abraham
[April 24, 2024, 11:48:22 AM]
Australia PM calls Elon M...
by Saniya Abraham
[April 24, 2024, 11:48:22 AM]
US Senate passes bill tha...
by Saniya Abraham
[April 24, 2024, 11:48:22 AM]
Google to delete records ...
by Saniya Abraham
[April 03, 2024, 06:11:00 PM]
UK and US sign landmark d...
by Saniya Abraham
[April 03, 2024, 06:11:00 PM]
Will Truth Social solve T...
by Saniya Abraham
[April 03, 2024, 06:11:00 PM]
Billie Eilish and Nicki M...
by Saniya Abraham
[April 03, 2024, 06:11:00 PM]
Musk attacks 'dumb eco-te...
by Saniya Abraham
[March 06, 2024, 02:45:27 PM]
Bitcoin price briefly top...
by Saniya Abraham
[March 06, 2024, 02:45:27 PM]
Facebook and Instagram re...
by Saniya Abraham
[March 06, 2024, 02:45:27 PM]
iPhone China sales slide ...
by Saniya Abraham
[March 06, 2024, 02:45:27 PM]
Three apologises again as...
by Saniya Abraham
[February 14, 2024, 02:00:39 PM]
Subscriptions
Get Latest Tech Updates For Free!
Resources
   Travelikers
   Funistan
   PrettyGalz
   Techlap
   FreeThemes
   Videsta
   Glamistan
   BachatMela
   GlamGalz
   Techzug
   Vidsage
   Funzug
   WorldHostInc
   Funfani
   FilmyMama
   Uploaded.Tech
   MegaPixelShop
   Netens
   Funotic
   FreeJobsInc
   FilesPark
Participate in the fastest growing Technical Encyclopedia! This website is 100% Free. Please register or login using the login box above if you have already registered. You will need to be logged in to reply, make new topics and to access all the areas. Registration is free! Click Here To Register.
+ Techno World Inc - The Best Technical Encyclopedia Online! » Forum » THE TECHNO CLUB [ TECHNOWORLDINC.COM ] » Ethical Hacking / Security / Viruses » Viruses
 How to remove W32/Small.KI
Pages: [1]   Go Down
  Print  
Author Topic: How to remove W32/Small.KI  (Read 955 times)
Daniel Franklin
TWI Hero
**********


Karma: 3
Offline Offline

Posts: 16647


View Profile Email
How to remove W32/Small.KI
« Posted: September 29, 2007, 12:34:08 PM »



Method how to remove W32/Small.KI.: 1.Disconnect the computer from the network (better in "safe mode").

2.If used windows ME/XP, turn off (system restore) in the process of the cleaning.

3.Turn off the process from this virus. You could use Task Manager, turn off 2 processes from this virus that is: update.Exe and winzip.Exe.

4.Removed regsitry key that was changed by the virus. a. ScanRegistry = "scanregw.exe /scan" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run b. change string ShowSuperHidden dengan value 1 HKEY_CURRENT_USER\Software\Microsoft\Windows\Currentversion\Explorer\Advanced c. change string WebView with value 1 HKEY_CURRENT_USER\Software\Microsoft\Windows\Currentversion\Explorer\Advanced d. change string FullPatch with value 1 HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Cabinet State e.change string UNCAsIntranet with value 0 HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\InternetSettings\ZoneMap

5.Remove File who made by the virus. * WINZIP_TMP.exe * C: * Rundll16.exe [hidden file] dan WINZIP_TMP.exe * C:\Windows * scanregw.exe [hidden file], update.exe [hidden file], winzip.exe [hidden file] dan sample.Zip * C:\Windows\System32 * Temp.htt [hidden file] dan WinZip_Tmp.exe [hidden file] * C:\Document and settings * C:\Documents and Settings\Administrator * C:\Documents and Settings\Administrator\Start Menu * C:\Documents and Settings\Administrator\Start Menu\Programs\, * C:\Documents and Settings\Administrator\Start Menu\Programs\Startup * C:\Documents and Settings\All Users\Start Menu * C:\Documents and Settings\All Users\Start Menu\Programs * C:\Documents and Settings\All Users\Start Menu\Programs\Startup

6.Removed also file that was made to each folder that in-share with the characteristics: * Icon Concealed [icon Winzip] * fils size 94 KB * Ekstension EXE * Type file "Application"

7.For the cleaning more optimal useantivirus with latest update. 8.Really was suggested to install "antivirus for mail server" (if you had mail server).

Articles Source - Free Articles
Logged
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Copyright © 2006-2023 TechnoWorldInc.com. All Rights Reserved. Privacy Policy | Disclaimer
Powered by SMF 1.1.4 | SMF © 2006-2007, Simple Machines LLC
Seo4Smf v0.2 © Webmaster's Talks
Page created in 0.164 seconds with 24 queries.