How to Defeat a weaker version of Long Live Sowar Virus

A weaker version of Long Live Sowar Virus has infected millions of universal serial bus (USB) flash drives worldwide. It continues to spread on computers through flash drives.

The weaker version of Long Live Sowar Virus still has the same exploits made to infected computer except that it does not change the home page of Internet Explorer to Redtube. However, it still does disable access to Windows Task Manager, Registry Editor and Folder Options among others.

My computer has been infected by this virus just recently. A friend wanted me to copy files from his flash drive. Because we were in a hurry, I accidentally hit "Open files" upon insertion and the virus was automatically installed using its autorun capability. I learned that my computer was already infected upon hitting Ctrl-Alt-Del. As expected, it showed the "Task Manager has been disabled by Administrator" notification.

Do you have a similar experience?

Using the following method, you will be able to defeat this version of the Long Live Sowar Virus.

1. Disable Windows 'System Restore" Service. To do it, go to My Computer\Properties\System Restore, check Turn off System Restore on all drives, click Apply and OK.

2. If you still don't have it, download Trend Micro HijackThis.

HijackThis™ is a free utility which quickly scans your Windows computer to find settings that may have been changed by spyware, malware or other unwanted programs. HijackThis creates a report, or log file, with the results of the scan. Advanced users can use HijackThis to remove unwanted settings or files.

3. Install HijackThis. The installation will just take a few seconds to complete.

4. In the main window, click 'Scan'. It will show you the results of the scan.

5. Look for the following entries in the results:

6. Check the corresponding box and then hit the 'Fixed checked' button. IMPORTANT: Do not check other boxes so you will not mess up system files and settings. Close the HijackThis window.

7. Now, we are going use the latest version of Remove Restriction Tools.

RRT (Remove Restrictions Tool)with Removable Media Malware Defender is a tool that does the work for AVs, it re-Enables all what the virus had disabled, and brings every thing back. RRT (Remove Restrictions Tool) was designed & published for free, if you found it useful please let me know. No AutoVaultNo removable media malware defender. Trial version doesn't have AutoRemove feature and no Removable Media Malware Defender.
8. In the main RRT window, click 'CHECK ALL' and then click "REMOVE". Close the window.

9. Restart your computer.

10. When you open it back, you will have access to all files and settings formerly restricted by the virus. To check press Ctrl-Alt-Del keys.