Friday, November 21, 2008

Buang Virus Best!!!.exe

1. Masuk SAFE MODE. Semasa ON computer, terus tekan F8 berulang kali. Akan muncul screen hitam dgn option2 baru. Pilih SAFE MODE.

2. Lepas dah masuk SAFE MODE. Buka TaskManager(Alt+Ctrl+Del). Kalau tidak dpt, guna ProcessExplorer. Cari process ‘BEST!!.exe’ atau ‘window.exe’ yg menggunakan username computer kamu(contohnya ‘AmboX’). Endkan process2 tersebut. Pastikan dia tidak start balik.

3. Install Autorun Eater. Jika ada file ‘autorun.inf’ yg bahaya, ia akan auto detect dan remove di setiap drive termasuk pendrive anda(jika anda cucuk masuk). Pastikan warning tidak berulang utk drive sama, ini menandakan virus masih berjalan. Tunggu sehingga tiada warning dari Autorun Eater sebelum bergerak ke step 4.

4. Lepas tu, buka My Computer.

5. Apabila dah masuk C: drive, pergi ‘Tools > Folder Options’. Masuk tab ‘View’. Pilih ‘Show Hidden Files & Folders’. Untick ‘Hide Protected Operating System Files’(kalau ada warning tekan OK jer). Juga untick ‘Hide Extensions for Known File Types’. Tekan APPLY dan OK.

6. Kalau anda nampak file2 seakan2 lutsinar di C: drive, maka step 4 berjaya.

7. Delete file2 bernama ‘BEST!!.exe’ atau ‘FUNNY.exe’ yg dijumpai di setiap drive(terutamanya pendrive).

8. Lepas tu masuk WINDOWS > System32. Cari folder seakan2 lutsinar bernama ‘mizi’. Delete folder ‘mizi’ tersebut.

9. Pergi ‘My Documents > My Videos’. Delete file ‘BEST!!.exe.’

10. Buka Autoruns. Delete startup entry : REG_SZ, HKEY_CURRENT_USER,SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
windows\system32\mizi\window.exe.

11. Kemudian pergi start menu run kemudian taip regedit cari key dan ubah seperti di bawah

REG_DWORD, HKEY_CURRENT_USER, Software\Microsoft\Windows\CurrentVersion\Policies\Explorer,NoRun,1

REG_DWORD, HKEY_CURRENT_USER, Software\Microsoft\Windows\CurrentVersion\Policies\Explorer,NoClose,1

REG_SZ,HKEY_LOCAL_MACHINE,SOFTWARE\Microsoft\Windows NT\CurrentVersion,RegisteredOrganization,170188

12. Restart.

Downloads autorun eater 2.2

1 comment:

IT Solutions said...

After study a number of the weblog posts in your web site now, and I actually like your means of blogging. I bookmarked it to my bookmark web site record and will be checking back soon. Pls check out my website online as properly and let me know what you think.