Manual Removal of Backdoor.Mulkerv
1. Temporarily Disable System Restore (Windows Me/XP). [how to]2. Update the virus definitions.
3. Reboot computer in SafeMode [how to]
4. Run a full system scan and clean/delete all infected file(s)
5. Delete/Modify any values added to the registry. [how to edit registry] Restore the following registry entries to their previous values, if required:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\Tcpip \Parameters\”MaxHashTableSize” = “800″
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\Tcpip \Parameters\”MaxUserPort” = “FFFE”
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\Tcpip \Parameters\”TcpMax ConnectResponseRetransmissions” = “2″
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\Tcpip \Parameters\”TcpTimedWaitDelay” = “1E”
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\Tcpip \Parameters\”TCPFinWait2Delay” = “1E”
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\Tcpip \Parameters\”TcpMaxPortsExhausted” = “5″
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\Tcpip \Parameters\”TcpMaxHalfOpen” = “500″
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\Tcpip \Parameters\”TcpMaxHalfOpenRetried” = “400″
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\Tcpip \Parameters\”TcpMaxDataRetransmissions” = “A”
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\Tcpip \Parameters\”KeepAliveTime” = “493E0″
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\Tcpip \Parameters\”KeepAliveInterval” = “3E8″
HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre nt Version\Internet Settings\”MaxConnectionsPer1_0Server” = “2″
HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre nt Version\Internet Settings\”MaxConnectionsPerServer” = “2″
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr ent Version\Internet Settings\”MaxConnectionsPer1_0Server” = “2″
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr ent Version\Internet Settings\”MaxConnectionsPerServer” = “2″ 6. Exit registry editor and restart the computer.
Credit: precisesecurity
