NetWorm Win32.Kido.ih Removing Procedures


On my previous post here, I've told you the characteristic of Win32.Kido.ih. Now, I'll share you how to remove it.
Step by step to remove Win32.Kido.ih manually. Follow the instructions bellow:
  1. Delete the registry key from [HKLM\SYSTEM\CurrentControlSet\Services\netsvcs].
  2. Delete “%System%\<rnd>.dll” from system registry key value shown below:
    [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost] "netsvcs".
  3. Reboot the system.
  4. Delete the original worm file and it’s copies from the windows location show before.
  5. Delete autorun files and .exe files located in removable storage [usb flash/pen drives].
    e.g.
    <f>:\autorun.inf
    <f>:\RECYCLER\S-<%d%>-<%d%>-<%d%>-<%d%>-<%d%>-<%d%>-<%d%>\<rnd>.vmx
  6. Update your current antivirus databases and perform a full scan of the computer to remove NetWorm Win32.Kido.ih
Some of preventive ways:
  1. Try under Linux Operating System...
  2. Get the latest update of your antivirus
  3. Update your Windows regularly (just for original version)
That's all, I hope useful for you...
Please say thanks to renjusblog

4 comments:

  1. pertama sib!!lanjutkan post yg bgs' yah

    ReplyDelete
  2. Virus has now become more unpredictible for computers and NetWorm Win32.Kido.ih is one them. Thanks for the great tutorial you have here Mr. Galih it's really helpfull.

    ReplyDelete