SMK YPPT GARUT
Bagi Siswa SMK YPPT GARUT Harap Log In Atau Mendaftar Dahulu.
Terimakasih ^_^
Pencarian
 
 

Display results as :
 


Rechercher Advanced Search

Gallery


TIME
December 2016
MonTueWedThuFriSatSun
   1234
567891011
12131415161718
19202122232425
262728293031 

Calendar Calendar

User Yang Sedang Online
Total 1 user online :: 0 Terdaftar, 0 Tersembunyi dan 1 Tamu :: 1 Bot

Tidak ada

[ View the whole list ]


User online terbanyak adalah 27 pada Tue Jul 26, 2011 7:50 pm
Live Traffic Feed
Live Traffic Feed
Recommended Reading
Live Traffic Map

Cara Mengusir Virus Amburadul

Topik sebelumnya Topik selanjutnya Go down

Cara Mengusir Virus Amburadul

Post by asep rizqi rifangga on Fri Jul 10, 2009 3:49 pm

- Disconnect komputer yang akan dibersihkan dari jaringan
- Disable “system restore” selama proses pembersihan (Windows ME/XP)
- Matikan proses virus yang aktif di memory resdent. Untuk mematikan proses tersebut gunakan tools “currprocess”. Kemudian matikan proses virus yang mempunyai icon JPG.
- Repair registry yang sudah di ubah oleh . Untuk mempercepat proses perbaikan silahkan salin script dibawah ini pada program notepad kemudian simpan dengan nama repair.inf.

- Jalankan file tersebut dengan cara:
- Klik kanan repair.inf
- Klik Install

[Version]
Signature=”$Chicago$”
Provider=Vaksincom

[DefaultInstall]
AddReg=UnhookRegKey
DelReg=del

[UnhookRegKey]
HKLM, Software\CLASSES\batfile\shell\open\comm… %*”
HKLM, Software\CLASSES\comfile\shell\open\comm… %*”
HKLM, Software\CLASSES\exefile\shell\open\comm… %*”
HKLM, Software\CLASSES\piffile\shell\open\comm… %*”
HKLM, Software\CLASSES\regfile\shell\open\comm… “%1?”
HKLM, Software\CLASSES\scrfile\shell\open\comm… %*”
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, Shell,0, “Explorer.exe”
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersio… UncheckedValue,0×00010001,0
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersio…
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersio…
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersio… UncheckedValue,0×00010001,1
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersio… CheckedValue,0×00010001,0
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersio… DefaultValue,0×00010001,0
HKCU, Software\Microsoft\Internet Explorer\Main, Start Page,0, “about:blank”
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersio… type,0, “checkbox”
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersio… type,0, “checkbox”
HKCU, Control Panel\International, s1159,0, “AM”
HKCU, Control Panel\International, s2359,0, “PM”
HKLM, SYSTEM\ControlSet001\Control\SafeBoot, AlternateShell,0, “cmd.exe”
HKLM, SYSTEM\CurrentControlSet\Control\SafeBoo… AlternateShell,0, “cmd.exe”
HKCU, Software\Microsoft\Windows\CurrentVersio… ShowSuperHidden,0×00010001,1
HKCU, Software\Microsoft\Windows\CurrentVersio… SuperHidden,0×00010001,1
HKCU, Software\Microsoft\Windows\CurrentVersio… HideFileExt,0×00010001,0

[del]
HKCU, Software\Microsoft\Internet Explorer\Main, Window Title,
HKLM, SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore, DisableConfig
HKLM, SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore, DisableSR
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kspoold.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kspool.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msconfig.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rstrui.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wscript.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mmc.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\HokageFile.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Rin.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Obito.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cmd.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SMP.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskkill.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tasklist.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KakashiHatake.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\http://www.vaksin.com/hall_of_fame.htm-C…
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\http://www.vaksin.com/hall_of_fame.htm-R…
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\boot.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\HOKAGE4.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\http://www.vaksin.com/hall_of_fame.htm
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\http://www.vaksin.com/hall_of_fame.htm
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Ansav.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe,debugger
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Instal.exe, debugger
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Install.exe,debugger
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\procexp.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msiexec.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Ansavgd.exe
HKCU, Software\Microsoft\Windows\CurrentVersio… DisableRegistryTools
HKCU, Software\Microsoft\Windows\CurrentVersio… NoFind
HKLM, SOFTWARE\Policies\Microsoft\Windows\Inst… DisableMSI
HKLM, SOFTWARE\Policies\Microsoft\Windows\Inst… LimitSystemRestoreCheckpointing
HKCR, exefile, NeverShowExt
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersio… PaRaY_VM
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersio… ConfigVir
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersio… NviDiaGT
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersio… NarmonVirusAnti
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersio… AVManager
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersio… EnableLUA

- Hapus file induk virus . Sebelum menghapus file tersebut sebaiknya tampilkan file yang tersembunyi caranya :
- Buka Windows Explorer
- Klik menu “Tools”
- Klik “Folder Options”
- Klik Tabulasi View
- Pada kolom “Advanced settings”
- Pilih opsi “Show hidden files and folders”
- Unchek “Hide extensions for known file types”
- Uncheck “Hide protected operating system files (Recommended)

Kemudian hapus file berikut:

• C:\Windows\system32\~A~m~B~u~R~a~D~u~L~
• csrcc.exe
• smss.exe
• lsass.exe
• services.exe
• winlogon.exe
• Paraysutki_VM_Community.sys
• msvbvm60.dll
• C:\Autorun.inf
• C:\FoToKu xx-x-xxx.exe, dimana x menunjukan tanggal virus tesebut di aktifkan (contohnya: FoToKu 14-3-2008.exe)
• C:\Friendster Community.exe
• C:\J3MbataN K4HaYan.exe
• C:\MyImages.exe
• C:\PaLMa.exe
• C:\Images

- Hapus juga file induk virus di flash disk /disket

- C:\Autorun.inf
- C:\FoToKu xx-x-xxx.exe, dimana x menunjukan tanggal virus
tesebut di aktifkan (contohnya: FoToKu 14-3-2008.exe)
- C:\Friendster Community.exe
- C:\J3MbataN K4HaYan.exe
- C:\MyImages.exe
- C:\PaLMa.exe
- C:\Images

- Tampilkan file gambar yang telah disembbunyikan di Flash Disk dengan cara:
- Klik “Start” menu
- Klik “Run”
- Ketik “CMD”
- Pada Dos Prompt, pindahkan posisi kursor ke lokasi Flash Disk
kemudian ketik perintah berikut ATTRIB –s –h /s /d

- Untuk pembersihan optimal dan mencegah infeksi ulang scan dengan
antivirus yang up-to-date dan sudah dapat mengenali virus ini dengan
baik.

asep rizqi rifangga
Admins
Admins

Jumlah posting : 238
Points : 708
Reputation : -2
Join date : 29.06.09
Age : 22
Lokasi : Garut

Character sheet
Points:
500/500  (500/500)

Lihat profil user http://smk-yppt-garut.top-forum.net

Kembali Ke Atas Go down

Topik sebelumnya Topik selanjutnya Kembali Ke Atas


 
Permissions in this forum:
Anda tidak dapat menjawab topik