VBS.Solow.B - Need help to remove

Posted on 2007-09-29
Last Modified: 2013-12-09
Operating System : Window XP SP2
Infected with Virus : VBS.Solow.B

- Performed Full System scan but cannot detected by symantec anti-virus.
- Run had been disable
- Cannot view hidden file at folder option
- Tried to Fix with hikackthis - No GO

Navigate to and delete the following registry entries by Symantec website but how to run the regedit as the run button is disable?

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\"FS6519" = "%Windir%\FS6519.dll.vbs"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\"Window Title" = "TAGA LIPA ARE!"

Kindly advise how to remove this virus. Thanks so much in advance.

Question by:newbies1512
    LVL 33

    Expert Comment

    LVL 22

    Expert Comment

    LVL 69

    Expert Comment

    Name VBS/Solow-B  Low threat..
    Type Worm
     How it spreads>>> Removable storage devices << do you have any storage devices plugged in? Remove all external usb devices and hardware where possible, any slaved hdd?

     Affected operating systems Windows
     Side effects Installs itself in the Registry.
     Protection available since 14 February 2007 08:05:47 (GMT)  

    that said and done try scanning in safemode, check the regestry keys in safe mode also,
    often times success is higher when windows is not using anything.
    if all fails slaving the hdd can also work wonders but you woudl need a second desktop.
    LVL 47

    Accepted Solution


    That's a Flash drive infection!
    Flash_Disinfector will take care of it.

    This infection will also impose the following Group policy restrictions:
    - NoFind
    - NoRun
    - DisableRegistryTools
    - DisableTaskMgr
    - NoFolderOptions
    - SystemRestore - DisableConfig
    - SystemRestore - DisableSR
    LVL 47

    Expert Comment

    The tool will also create a bogus folder, autorun.inf in every partition to stop the spread of infection.
    It wont stop the infected file from getting in, but it does prevent the loading point from getting created.
    LVL 69

    Expert Comment

    Do you still require assistance,
    Your question is still open?
    Is your account still active
    You can now close your own question use the delete link

    Featured Post

    Maximize Your Threat Intelligence Reporting

    Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

    Join & Write a Comment

    It is only natural that we all want our PCs to be in good working order, improved system performance, so that is exactly how programs are advertised to entice. They say things like:            •      PC crashes? Get registry cleaner to repair it!    …
    Issue: Unstable cursor in Windows XP and Windows runs extremely slow in that any click will bring up the Hour glass (sometimes for several seconds before giving you what you want) . Troubleshooting Process and the FINAL FIX: This issue see…
    This video is in connection to the article "The case of a missing mobile phone (". It will help one to understand clearly the steps to track a lost android phone.
    Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

    754 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    24 Experts available now in Live!

    Get 1:1 Help Now