domingo, 17 de junio de 2007

Nuevo virus llamado Soundmix



Hay en nuevo virus llamado soundmix.exe, se instala en las memorias usb en un archivo llamado AUTORUN.INF que se encuentra oculto.... una forma de eliminarlo es con LINUX como siempre nuestro SALVADOR ya que te permite ver el ejecutable y el archivo mencionado anteriormente, pero si no lo tienes instalado te recomiendo seguir los siguientes pasos:



Si ya lo tienen en su PC
hacer esto desde modo seguro (modo prueba de fallos de windows)

1. clic Start>Run (Inicio>Ejecutar)
2. In the open input box, type: command /c copy %WinDir%\regedit.exe
regedit.com | regedit.com
3. press enter
4. en the left panel, double clic the following:
HKEY_CLASSES_ROOT>exefile>shell>open>command
5. in the right panel, locate the registry entry:Default
6. check whether its value is the path and file name of the malware file.
7. if the value is malware file, right_Clic default and select Modify to change
its value.
8. in the value data input box, delete the existing value type the default
value "%1% %*
9. close the registry editor.
10 clic Start>Run, then type: command /c del regedit.com
11. press enter

Editing the Registry

1.Open registry editor. clic start>run, type REGEDIT,then press enter.
2. in the left panel, double clic the following:
HKEY_LOCAL_MACHINE>SOFTWARE>Microsoft>Windows>CurrentVersion>Run
3. in the right panel, locate an delete the entry: Soundmix
="%System%\soundmix.exe"
(note: %System% is the windows sistem folder, whitch is usually
C:\Windows\System on Windows98 and ME,
C:\WINNTªSystem32 on Windows NT and 2000, etc.)

Restoring Modified Registry Entry

1. still in the Registtry Editor, in the left panel, double clic the
following:
HKEY_LOCAL_MACHINE>SOFTWARE>Microsoft>Windows>CurrentVersion>Explorer>Advanced>Folder>Hidden>SHOWALL
2. in the right panel, locate the entry: CheckedValue="0"
3. Right clic on the value name choose Modify. change the value data of this
entry to 1
4. close the registry editor


Para borrarlo de la memoria USB

Restoring AUTORUN.INF

1. Right clic Start thn clic search...or Find..., depending on the version of
windows you are runing
2. inthe named input box, type:
AUTORUN.INF
3. In the look in drop_down list, select a drive, then press enter
4. select the file, then open using notepad
5. check if the following lines are in the file:
[autorun]
open=
shell\open=(&O)
shell\open\command=RECYCLER\autorun.exe -OpenCurDir
shell\open\Default=1
shell\explore=(&X)
shell\explere\command=RECYCLER\autorun.exe ExploreCurDir
6. if the line are present, delete the file
7. Repeata step 3 to 6 for AUTORUN.INF files in the remaining removable
drivers.
8. close search results
Publicado por en

No hay comentarios:

Publicar un comentario

Suscribirse a: Enviar comentarios (Atom)