Categories: Computer, Featured, Rambles, Tips & Tricks
Written By: Louis James Diaz Google+
Are you sure that your pc or lappy is virus free? Well Maybe it is, until you found out that there was something going on in your system without your knowledge. The very first usb worm that I have encountered. Way back 5 months or so ago, this usb worm tried to give me sleepless nights. Not even my Mcafee virus scanner can delete it. Yup I am a full pledged loyal Mcafee user since day 1, and yeah it can detect the nasty worm but it cant delete it nor quarantine it, leaving me clueless on what to do with this kind of virus.
At first I thought, “what was the last time that I did before I got this virus?” and my brain cells lit up and made me remember that I just plugged in my usb flash disk which I used on a computer shop. WTf!? Now my system is infected.
Fearing of the unknown, I tried to monitor what changes did that usb worm did to my system, until days after, I noticed that my hard drive, usb drive or any other storage drive that is plugged or have been plugged into my system have the “Autoplay” option as the default command for opening or running storage device. So I googled for the solution for this kind of virus, and there were many variations on how to remove the virus, but I have got one procedure to remove the file that do work. I also found out that the virus does not do any harm on the system, but as time goes by it will just be the most annoying thing you will have on your system. Here are some of the annoying thing that it does on your system.
- Change the title of the Internet Explorer browser (good thing Im an IE hater and Firefox Lover)
- Change the default command on opening storage devices, either plugged or removable storage devices. So whenever you will right click on a storage device, you will see “Autoplay” instead of the default Open. So whenever you double click the storage device you are opening, you will not see the storage open but a window with “open with” options.
You have to manually delete the files that has been installed in your system because anti-virus scanners back at that time cant detect it and sometime even up until now some anti virus programs still cant detect this virus even if you make a full scan of your system with the latest updates on your antivirus scanners. So here it goes.
- Disable the “Hide Protected Operating System Files” in your Windows Explorer folder options (TOOLS > FOLDER OPTIONS > VIEW)
- Search the file name FS6519.dll.vbs (THE VIRUS) in your hard drive or just to make sure in your My Computer then delete the file.
- Note: On searching make sure you activated”Search Hidden Files and Folders” on more advance options. If one of “FS6519.dll.vbs” failed to delete run the Task Manager by holding CTRL+ALT+DELETE then on the process area find “WSCRIPT” then end this process, you can now delete the file “FS6519.dll.vbs” and “Autorun.inf” contaning text (shellexecute=wscript.exe FS6519.dll.vbs).
- Then to get rid of the word “TAGA LIPA ARE!” on your internet Explorer go to your windows registry (START > RUN – then type regedit)Search the word “TAGA LIPA ARE!” and “FS6519″ in the
- following registry location:
right click and delete, never try to rename the window title just delete
it.. Your done.!
Your option windows should look like this. without the Autoplay function. Make sure that you scan everything, not just the drive c:, more oftern than not any usb storage device that have been plugged in your system is also infected. When in doubt, scan it!