Removal Of WORM_STRATION.FA

As this comes in the form of an attachment it is easy to identify. All we have to do is to scan the attachment with a good anti-virus product. However the manual removal involves the following things when PC is already infected.



Step 1: We need to go to Recovery Console by using Bootable Disk.
Step 2: Navigate to Windows folder using Cd command
Step 3: Type  the following files and restart the computer

• del %System%\ifcmgr32.dll
• del %System%\ifcconf.exe
• del %System%\infowshb.dll
• del %System%\rtutvb5d.dll

Step 4: You should go to task manager and  processes  and remove the processes that you see with the same name as the above files and any other files with unknown manufacturer.

Step 5: Goto registry editor remove the auto start registry key

• HKEY_LOCAL_MACHINE>SOFTWARE>Microsoft>Windows>CurrentVersion>Run

                ifcdiag = "%System%\ifcconf.exe"

and all the files stated above

• HKEY_LOCAL_MACHINE>SOFTWARE>Microsoft>WindowsNT>CurrentVersion>Winlogon>Notify dbgmgr
• HKEY_LOCAL_MACHINE>SOFTWARE>Microsoft shdosbei 

Step 6: Restore the registry keys

• HKEY_LOCAL_MACHINE>SOFTWARE>Microsoft>Windows NT>CurrentVersion>Windows 

             AppInit_DLLs = "infowshb.dll confifc.dll ifcstat.dll" delete the value after = and leave it blank

Step 7: delete the shdosbei.dat files from the the system using search feature

 

Posted in: PC Support,Removal of WORM_STRATION.FA,Technical Support,TechSupp 247,Virus Removal,Worm