1. Delete the infected file
At the time of writing, the file infected by this worm has the following file name:
Delete this file. If this file has not been executed, no further action should be necessary.
2. Delete any associated files and restart the compromised computer
If the infected file has been executed, delete the following file:
The compromised computer must then be restarted to remove the infection from memory.
- [CURRENT USER] is the name of the user who was logged in when the infected file was executed.
- The worm may infect other applications. If you suspect that an application has been compromised, it should be replaced from a clean backup copy.