I’ve just picked up SPOCLSV.EXE, which I understand is a worm. It was in a friend’s thumb disk. I scanned using COMODO Antivirus on the thumb disk before using it. What exactly happened? And how can I get rid of it? It’s messing up my security system (:AGY) (:AGY)
FILE LOCATIONS :
desktop_.ini - most local folders
spoclsv.exe - C:\WINDOWS\System32\drivers or C:\WINNT\System32\drivers
gamesetup.exe, setup.exe - the root of local and mapped network drives
REBOOT IN NORMAL MODE.
Manually check for the re-appearance of any of the abovenamed files.
REBOOT IN SAFE MODE
Assuming you are starting from scratch and your PC is turned off;
Turn PC on
When you have the usual startup display on screen (memory count or manufacturers “splash” screen), start ing tapping the F8 key at a rate of about once per second.
Eventually you will see the text based Windows startup menu
Select SAFE MODE
SAFE MODE will start Windows with the bare minimum it needs to operate, but no network and no internet
DELETE REGISTRY VALUES
Before I start on this, please be aware of the following - the reigstry is a CRITICAL database of Windows settings and application settings. If you stuff up the registry, you have effectively stuffed up Windows.
Follow the steps below ONLY IF YOU ARE AWARE OF THE RISKS AND ARE PREPARED TO TAKE RESPONSIBILITY FOR ANY AND ALL CONSEQUENCES.
Click START - RUN
In the RUN dialogue box, type REGEDIT and press ENTER. This will start the Registry Editor
Once the Registry Editor has started,press and hold teh CTRL key. While holding this key, press the “f” key. This will open the FIND dialogue box.
In the FIND box, type SVCSHARE and press ENTER
The registry key holding the value SVCSHARE will be highlighted
Delete only the highlighted key
I repeat, ONLY EDIT YOUR REGISTRY IF YOU ARE BOTH COMFORTABLE AND CONFIDENT IN DOING SO. IF YOU ARE NOT CONFIDENT AND COMFORTABLE - STOP.