|
REMOVAL TOOL:
W32.Blackmal.E@mm
removal tool is available to clean the infections. Use this removal
tool first, as it is the easiest way to remove this threat.
Download Here!
Note: The threat targets AV products, so if
any of the targeted files have been deleted, then the AV product may need
to be reinstalled after using the removal tool.
MANUAL REMOVAL:
1. Disable System Restore (Windows Me/XP).
2. Update the virus definitions.
3. Run a full system scan and delete all the files detected.
4. Delete any values added to the registry.
Navigate to the subkeys and delete
values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value: "ScanRegistry" = "scanregw.exe /scan"
Navigate to the subkey and reset the values to
the original values, if applicable:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
Values:
"WebView" = "0"
"ShowSuperHidden" = "0"
Navigate to the subkey and reset the values to
the original values, if applicable:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CabinetState
Value: "FullPath" = "0"
Navigate to the subkey, and reset any values
modified by the threat, if applicable:
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Licenses
5. Exit registry and
re-start the computer
***If it makes changes to Windows
registry that may prevent you from running executable files. A tool to
reset registry values to the default value is available for download.
Click Here.
6. In order to make sure that worm blackmal.e@mm is
completely eliminated from your computer, carry out a full scan of your
computer using
AntiVirus and
Antispyware Software. Another way to delete the virus using various
Antivirus Program without the need to install can be done with
Online Virus
Scanner.
 |
