Support1000

What is w32.sillyFDC virus?

W32.SillyFDC is a common detection process for files that are infected with W32.Silly. This virus copies and renames itself on removable devices and root of

local and remote drives.

Removal Procedure For W32.SillyFDC Virus:

*
Disable System Restore temporarily (Windows Me/XP).
*
Restart the system in safe mode.
*
End malicious Process

1.
Press Ctlr+Alt+Del.
2.
Click Process tab.
3.
End the process if present: password_viewer.exe, CALC, calc, mscalc.exe, startupfolder, config_startupfolder.com, config_.com.

2. Delete the auto run files.

* Go to Start > Run, type “cmd.”
* At the command prompt, type “cd\”, this will bring you to C:\
* Type “attrib” (C:\>attrib), it will display files with attributes. Take note on attribute of autorun.inf. Usually, it has SHR.
* Type “attrib -s -h -r C:\autorun.inf”, it will remove System, Hidden and Read-Only attribute.
* Type “edit autorun.inf” it will open DOS Editor and display contents as follows,

*********************************

[autorun]

open=file.exe

shell\Open\Command=file.exe

shell\open\Default=1

shell\Explore\Command=file.exe

shell\Autoplay\command=file.exe

********************************

Take note of the file/path.

Ex: Open=file.exe where file.exe is the filename of the file that autoruns.

*
Exit DOS Editor.
*
Back at the command prompt, type “attrib -s -h -r file.exe”, where file.exe is the file that was called on DOS editor to autorun. Ex: C:\>attrib -s -h -r

file.exe. If it is located on different directory include the path. Ex: C:\>attrib -s -h -r c:\Windows\file.exe.
*
Type “del file.exe”. If it is located on different directory include the path.
*
Ex: C:\>del c:\Windows\file.exe.
*
Type “del autorun.inf”
*
Type “del c:\Windows\autorun.inf.
*
Type “del c:\Windows\password_viewer.exe.
*
Type “del c:\Douments and Settings\(Your User Name)\Local Settings\Application Data\Microsoft\CD Burning\autorun.inf.
*
Exit command prompt by typing “exit.”

3. Perform Disc Cleanup.

* Go to Start > All Programs > Accessories >System Tools, click Disc Cleanup.
* Check the following: Downloaded Program Files, Temporary Internet Files, Offline Webpage, Recycle Bin and Temporary Files.

4. View hidden files and folders.

*
Open Windows Explorer.
*
Go to Tools > Folder Options.
*
Go to View Tab.
*
Mark “Show hidden files and folders.”
*
Click Apply, then OK.

Update and scan with antivirus installed in your system. Then, quarantine or delete all the infected files immediately.

5. Search for other files and delete them.

*
Go to Start > Search.
*
Find and delete files: password_viewer.exe, calc.exe (not the one located on \system32\calc.exe), mscalc.exe, startupfolder.exe, config_.exe,

startupfolder.com and config_.com.

6. To make sure that the virus is completely removed from your computer, perform a full scan of your computer using antivirus and antispyware software in your PC.