News How-To Guide: Tips to Delete Win32.Warezov Worm and More

How-To Guide: Tips to Delete Win32.Warezov Worm and More


Sometimes you may face certain PC problems like screen hangs, application freezes, and even system shutdowns. One of the possible reasons for that can be a computer virus, malware, adware, or Warezov Worm and more. Read below to know how to delete a virus and set up a threat-free computing environment.

Since the cyber world is full of malicious threats, managing system security and privacy is becoming a bit difficult. Average users may trust an online virus scanner and rely on its projected reports, but it is important to consider that not all of them are 100% accurate. Many a times, malicious codes, spyware, adware, and other computer viruses may hide themselves from such online scans. Hence, they continue to execute malicious operations on your device. You may think that worm removal programs are capable of deleting such viruses and can remove every trace of it, but it is not true. A lot of virus removal software fails to remove Win32.Warezov Worm and more. If you think that you’ve read plenty of how to delete a virus guides, then read the article to know how to get rid of this worm.

Some General Details

The Win32.Warezov Worm, also known as Warezov, WORM_STRATION.BB, or W32/Stration-X, is a stubborn infection that can damage your computer hardware and software components to an irreparable extent. The malicious file is approximately 117KB in size, and it grows till 470KB in size when unpacked. The malicious code got first discovered on February 14, 2006, and it carries medium threat percentage. The infection is a mass-mailing worm, which is capable of sending itself as e-mail attachments to the contacts found on infected computers. Sometimes, the worm may also try to connect to the Internet to download updated variants from specified website(s). If your device gets infected, it will show the “Update successfully installed” message when the virus gets launched.

Technical Description of the Worm

When the virus will get installed on your system, it copies itself to the Windows root directory with the ‘serv.exe’ file name. The worm will also create the files mentioned below in the Windows root directory:

%System%cssewmpd (16384 bytes)
%System%wupstlnt.dll (28672 bytes)
%System%e1.dll (8192 bytes)
%System%regaufat.dll (24576 bytes)
%Windir%serv.dll (7680 bytes)

Some advanced variants of Warezov can create the following files:


In addition to the files mentioned above, the worm will also create some entries in the system registry. These Windows Registry entries get created to ensure that the worm file gets loaded into the system memory, whenever Windows is rebooted on the victim machine. The Windows Registry entries are as follows:

[HKLMSoftwareMicrosoftWindowsCurrentVersionRun] ‘serv’=’%Windir%serv.exe s’
[HKLMSoftwareMicrosoftWindows NTCurrentVersionWindows] ‘AppInit_DLLs’=’wupstlnt.dll e1.dll’

The Warezov Worm and more can be highly dangerous for your system’s safety because it is capable of collecting email addresses by scanning files with the following extensions:

.xml and many others.

How to Remove the Win32.Warezov Worm and More?

Reboot your Windows computer in ‘Safe Mode’ by pressing and holding the ‘F8’ key. Choose ‘Safe Mode’ option using the arrow keys in the Windows boot menu
Open ‘Task Manager’ to search for the “serv.ex” process
If you’ve found the process, terminate it
After that, try to delete the following files manually from the Windows root and system directories:









If you know that your device is infected with an advanced Warezov version, delete the following files:








Additionally, you will also need to delete the following registry values:

“[HKLMSoftwareMicrosoftWindowsCurrentVersionRun] ‘serv’=’%Windir%serv.exe s’

“[HKLMSoftwareMicrosoftWindows NTCurrentVersionWindows] ‘AppInit_DLLs’=’wupstlnt.dll e1.dll’

Now, reboot the computer as normal to bring the changes into effect
Check that you have successfully deleted all infected emails from all mail folders and you’re done.


Since the worm is one of the strongest malware existing over the web, it can terminate a range of antivirus and firewall applications. The worm is capable of tracking every keystroke your PC inputs and can send the details to malicious authors. It also contains a list of URLs for checking the advanced versions of Warezov Worm and more. If you think that the steps cannot complete the worm removal process, then look for some other how to delete a virus guides over the web.

How-To Guide: Tips to Delete Win32.Warezov Worm and More
General Contributor
Janice is a writer from Chicago, IL. She created the "simple living as told by me" newsletter with more than 12,000 subscribers about Living Better and is a founder of Seekyt.

Latest news

Japanese Owl Meaning and Symbolism

If you're wondering about the Japanese owl meaning and symbolism in Asian cultures, the Owl, along with Maneki Neko...

What Are the Signs of Depression in Women

Gender and depression have long been the scope of research in the field of emotional disorders; most authors believe...

Top 7 Superfoods for Men to Stay Young

Superfoods are generally regarded as targeted foods that provide the maximum nutritional benefit - thus these foods are nutritionally-dense...

Best Brain foods for Kids – Boost Brain Power and Keep Sharp

A child's brain is developing rapidly and if you want them to improve their performance in school and their...

7 of the Best Brain Foods for Studying

The foods that you eat can improve the functioning of your brain. Just like drugs, foods have amino acids,...

B12 Shots for Dogs – 10 Key Benefits

The end of 2010, my little dog -- a 7-pound Papillon -- became very stressed after a flood in...

Must read

When to Use Clarifying Shampoo

When to use clarifying shampoo is a question...

How to Succeed as a Screenwriter and See Your Story Hit The Big Screen

To be a successful screenwriter one must possess...
- Advertisement -

You might also likeRELATED
Recommended to you