W32.Stekct is a malicious worm that spreads quickly via social network and fashionable communication programs. It even can disable antivirus process, such as antivirus service, windefend, and kavsvc. It can make remote hacker download some harmful files from remote domain with the backdoor on contracted system. Its transmitting trend often contains AIM, Google Talk, Skype, Facebook, MSN and ICQ.
How dangerous it is1. It can sneak into our system and add its own files to it, so as to interrupt our normal work.
2. It can bring other spyware or adware.
3. Our desktop background and browser homepage settings can be changed.
4. It can slow down our computer.
2 ways to remove it
1. Remove it manually
a. Stop its process in the Windows Task Manager
%Windir%\regsvr.exe
b. Uninstall it from Windows control panel>Add/Remove Programs.
%Windir%\MDM.EXE
c. Delete related files in registry with regedit.exe command.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\"Microsoft Firevall Engine" = "%Windir%\MDM.EXE"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\"Microsoft Firevall Engine" = "%Windir%\MDM.EXE"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Run\"Microsoft Firevall Engine" = "%Windir%\MDM.EXE"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\"%Windir%\mdm.exe" = "%Windir%\mdm.exe:*:Enabled:MSN Messenger"
2. Remove it with Anvi Smart Defendera.
a. Download Anvi Smart Defender
b. Update it (ASD can update itself automatically every day, but it is suggested that you update it manually at the first time.)
c. Full Scan our computer
d. Remove all malicious threats
e. Restart
No comments:
Post a Comment