AntiSirc Permanently remove the Sircam worm from your computer
Download

AntiSirc Ranking & Summary

AntiSirc Tags

Virus Removal Tool Remove Kido Worm Sircam remover Sircam Sircam.A Remover erase Sircam.A Sircam.A antivirus Sircam.A remove I-Worm/Navidad Sircam worm remove Sircam AntiSirc remove worm remove I-Worm.Zafi.b remove i-worm permanently SirCam antivirus

AntiSirc Description

The purpose of the AntiSirc utility is to help users easily remove the Sircam worm from their computers. The removal process is rather complex since the worm places multiple copies of itself to the system and modifies several registry keys. The following steps are done to remove the worm completely: 1. All the possible copies of the worm are deleted: ':|recycled|SirC32.exe' '|SCam32.exe' '|ScMx32.exe' 'Microsoft Internet Office.exe' from all user's |Start Menu|Programs|Startup| folder 2. '|rundll32.exe' is restored if it was overwritten by the worm. When infecting trough network shares it renames 'rundll32.exe' to 'run32.exe' and places itself to 'rundll32.exe'. This copy of the worm is removed and 'run32.exe' is renamed back to 'rundll32.exe'. 3. '|recycled|SirCam.sys' is removed. This file is filled with a text string with the purpose of exhausting the disk space. It is part of the worm's payload. 4. Registry is restored '' key is restored to ""%1" %*" '' sub-key is zeroed - set to "" '' is removed with all the sub-keys it has 5. Protection against further infection trough network shares is installed The system can be protected against (re)infection through the network if there is a dummy '|recycled|SirC32.exe' file with read-only attributes. After these a reboot might be required to ensure that all the settings get updated and the possibly locked infected files are deleted.

AntiSirc Related Software