If your computer does not have an up-to-date antivirus solution, or does not have an antivirus solution at all, you can either use a special removal tool (which can be found here or follow the instructions below:
More details about the vulnerability can be found here:
http://www.kaspersky.ru/support/wks6mp3/error?qid=208636215
Or follow the instructions below:
1. Delete the following system registrykey:
[HKLM\SYSTEM\CurrentControlSet\Services\netsvcs]
2. Delete “%System%\<rnd>.dll” from the system registry key value shown below:
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost]
"netsvcs"
3. Revert the following registry key values:
[HKCR\ Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"Hidden" = "dword: 0x00000002"
"SuperHidden" = "dword: 0x00000000"
to
[HKCR\ Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"Hidden" = "dword: 0x00000001"
"SuperHidden" = "dword: 0x00000001"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]
"CheckedValue" = "dword: 0x00000000"
to
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]
"CheckedValue" = "dword: 0x00000001"
4. Reboot the computer.
5. Delete the original worm file (the location will depend on how the program originally penetrated the victim machine).
6. Delete copies of the worm:
%System%\<rnd>dir.dll
%Program Files%\Internet Explorer\<rnd>.dll
%Program Files%\Movie Maker\<rnd>.dll
%All Users Application Data%\<rnd>.dll
%Temp%\<rnd>.dll
%System%\<rnd>tmp
%Temp%\<rnd>.tmp
<rnd> is a random string of symbols.
7. Delete the files shown below from all removable storage media:
<X>:\autorun.inf
<X>:\RECYCLER\S-<%d%>-<%d%>-%d%>-%d%>-%d%>-%d%>-
%d%>\<rnd>.vmx,
8. Download and install updates for the operating system:
http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx
9. Update your antivirus databases and perform a full scan of the computer (download a trial version of Kaspersky Anti-Virus).
