Member
My computer system is behaving in an abrupt manner means it is not behaving properly. When I scanned my computer system, my antivirus software gave me an alert message that Win32.Zhelatin.anv is detected on my computer system. I have deleted this Win32.Zhelatin.anv virus from my computer system many times but it comes back repeatedly. Therefore, I need to know the perfect method to delete this Win32.Zhelatin.anv virus from my computer system.
Member
Win32.Zhelatin.anv is a worm that spreads through the internet, it camouflage as an attachment in the email. First this worm extract the email address from the victims computer and then send the infected message to all the email address. This worm is also a portable executable file. The size of this file is around 50,583 bytes
Member
The worm creates a file with a random name and an .exe extension in the current directory, and then launches it.
It then creates the following entries in the system registry:
[HKLM\Software\Microsoft\Windows\CurrentVersion\Run]
"Agent" = "%System%\alsys.exe"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Run]
"Agent" = "%System%\alsys.exe"
This ensures that the worm will be launched each time Windows is booted on the victim machine.
Member
For removing this Win32.Zhelatin.anv worm follow these steps.
1. Reboot the computer in Safe Mode (at the start of the boot sequence, press and hold F8, then choose Safe Mode from the Windows boot menu).
2. Delete the original worm file (the location will depend on how the program originally penetrated the victim machine).
3. Delete the following files:
%System%\alsys.exe
%System%\wincom32.ini
%System%\wincom32.sys
4. Delete the following system registry entries:
[HKLM\Software\Microsoft\Windows\CurrentVersion\Run]
"Agent" = "%System%\alsys.exe"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Run]
"Agent" = "%System%\alsys.exe"
Member
To avoid problems like virus, worms and other malware software you must follow some preventive software. These preventive measures are mentioned below.
1. Do not download pirated software, because they may contain the backdoor.
2. Update your antivirus software regularly
3. Scan your system on the regular basis
4. Enable your firewall setting and use strong passwords for preventing your system
Posting Permissions
Reply With Quote
Bookmarks