[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Spam - Snow white
Since no one seems to have informned people of how to get rid of this
worm ,here is a simple procedure.
Snow White or HYBRIS B as its called infects the secur32.dll file in
the windows system directory.
The file size is increased from 40K to approx 65K.
Anti Virus softwae will usually detect the virus but wont clean it as
it cant be cleaned whilst windows is running as the file is locked.
To clean it do the following.
Boot your PC in DOS.
Delete the secur32.dll file from the windows system directory.
Look for a file called XXXXXX.dll in the same directory where the Xs
are random letters,and delete this file as well.
Open System.ini and look for a line load = XXXXXX.dll which the virus
inserts to ensure that it gets reloaded if someone simply replaces the
infected file with a good one.
Delete this line.
Replace secur32.dll with a clean copy from your windows install CDROM.
You can do this with Sfc.
here is no need to re install windows.
MD