Search Solo Products, Services and others Overview of the Site Design and Build a Career Contact us for customer service and other feedback info SRN Micro Privacy Statement

 


REGSVR PROCESS INFORMATION

Process Name  : Regsvr.exe

Process Path : %WINDOWS%\Regsvr.exe [ C:\Windows\Regsvr.exe ]

Process type    : Worm

Malware Name : Worm.Win32.AutoIt

Alias             : Trojan.Win32.Autoit.ci, W32/Sohana-AZ, W32/YahLover.worm, W32.Imaut, TR/Autoit.CI.14 W32/Autorun-GG, WORM_DELF.FKZ

Threat level : Medium

Process Details :

                     Regsvr.exe is dropped by AutoIt worm. It spreads by copying itself to removable storage devices like pen drives. It also drops several copies of itself in the infected system and network drives. Additionally it attempts to place autorun.inf in the root directory. So that infected file will be executed next time when the drive is accessed.

                     When the worm file is executed, copies itself to Windows folder with a random file name in the background. Most of the AutoIt variants drops regsvr.exe as main file. Then it modifies registry to load automatically on the next startup. AutoIt worm creates following file in the removable drive like pen drive

<Pen Drive Root>\autorun.inf

                     Several variants of AutoIt worm reported in the wild. It is also known as Trojan.Win32.Autoit.ci, W32/Sohana-AZ, W32/YahLover.worm, W32.Imaut, TR/Autoit.CI.14 W32/Autorun-GG, WORM_DELF.FKZ.

How can I protect my system?

                   Solo has incorporated detection for regsvr.exe in its signature file to protect users from this worm attack. Solo antivirus registered users are already protected from this worm. Make sure that you have installed registered version of Solo Antivirus to protect your system from all virus threats.

How to remove this worm?

                   If you are already infected with regsvr process, you can remove it from your computer using Solo Antivirus software. Solo antivirus can detect and remove W32.Apost@mm safely. Use the following link to Download 30 day trial version of Solo antivirus to remove viruses from your computer.

                   Solo anti-virus not only scans for all viruses, it contains a unique System Integrity Checker to protect you from New Internet Worms, Backdoors and malicious VB, Java Scripts. It also effectively removes all existing Internet Worms, File viruses, malicious VB, Java scripts, Trojans, Backdoors, boot sector, partition table and macro viruses.

You can purchase Solo antivirus using the link