Joke:Win32/TheFinger

It is likely that you will not feel like laughing once you understand that your operating Windows system, starting from the Windows 95 version, is infected with the cunning Joke:Win32/TheFinger, an application which has been tormenting Windows users since late 2006. Even thought the malicious program is tremendously old, it does not have any effect on its ability to regenerate and start infecting computer over and over again. The surreptitious program can be spread through the infected removable devices, so it is recommended to limit the usability of suspicious computers and to always inspect USB flash drives and memory sticks with a reliable security application. The danger behind this surreptitious propagation channel hides behind the AutoRun feature which is enabled is many operating systems. This allows cyber criminals to initiate the installation of the devious application the second you insert a CD or a memory stick into your computer. So, our first advice for you is to disable the AutoRun feature, which you can do with a few simple steps below. Note that this guide applies to the Windows XP version, and if you have troubles fulfilling the task within other versions, post a comment below and we will help you immediately.

1. Go to the Start Menu and locate the Run engine.
2. Enter “gpedit.msc” and Group Policy window will pop up at once.
3. Click Administrative Templates under Computer Configuration (left hand-side).
4. Now, go to System, locate Turn off Autoplay and right-click for Properties.
5. Choose the Enabled option.
6. Now select All drives from the “Turn off Autoplay on” drop-down menu.
7. Click OK and restart your personal computer.

This is something that should be enabled in all computers; however, once the malicious program is already running, you firstly need to take care of its immediate removal. It might be more difficult to remove Joke:Win32/TheFinger, also known as Win32/BadJoke.Finger.B, because of the configurations enabled by the surreptitious component finger.exe, which can be found under the Documents and Settings. This file can hijack the registry, add processes, circumvent security products and protect the entire infection from removal. This executable is also known by such alias name as print.exe, but it can also run inside your PC with a randomly generated name. Other malicious components you should beware of are moneos.exe, hovoof.exe, finger.zip, dito.exe and info.exe, which could remove administrative privileges, tamper with the Start Menu items, system’s startup programs, steal personal information, connect to personal accounts and implement Instant Messaging for further Joke:Win32/TheFinger distribution.

If you want to remove Joke:Win32/TheFinger, your best bet is to trust automatic removal tools, because only they could detect all polymorphic, or even rootkit, components within your operating Windows system. We do not support inexperienced users who will attempt to delete the virus manually; however, experts are welcome to use our guidance below.