Cara menghilangkan Virus Hokage
Hokage ketua kepada Konoha ninja pada cerita kartun Naruto. Mungkin pembuat virus ini meminati cerita naruto. Ciri-ciri yang paling mudah untuk dikenalpasti adalah menukarkan ikon flash dan fail winamp dengan .exe. Virus ini membuat fail utama adalah:
* C:\Documents and Settings\%user%\My Documents\KakashiHatake
* Menghasilkan fail "Hokagefile.exe" pada setiap folder/subfolder
Ia juga menukar nilai registry:
* HKCU\Software\Microsoft\WIndows\CurrenVersion\Explorer\Advanced\Hidden = 2 * HKCU\Software\Microsoft\WIndows\CurrenVersion\Explorer\Advanced\HideFileExt = 1 * HKCU\Software\Microsoft\WIndows\CurrenVersion\Explorer\Advanced\ShowSuperHidden = 0 * HKCU\Software\Microsoft\WIndows\CurrenVersion\Explorer\Advanced\superhidden =1 * HKLM\Software\Microsoft\Windows\CurrentVersion\run\Hokage4 = C:\Documents and settings\%user%\MY Documents\KakashiHatake\Hokage4.exe * HKLM\Software\Microsoft\Windows\CurrentVersion\run\Kakashi Hatake = C:\Documents and settings\%user%\MY Documents\KakashiHatake\KakashiHatake.exe * HKLM\Software\Microsoft\Windows\CurrentVersion\run\Obito Uchiha = C:\DOcuments and settings\%user%\My Documents\KakashiHatake\Obito.exe * HKLM\Software\Microsoft\Windows\CurrentVersion\run\Rin = C”\Documents and settings\%user%\My Documents\KakashiHatake\Rin.exeVirus ini tersebar melalui flash media melalui fail:
Cara menghilangkan virus ini:
1. Tutup proses yang sedang dijalankan menggunakan Process Explorer dari sysinternal atau sebagainya terutama kepada yang menggunakan winamp icon (Rin.exe, obito.exe, kakashihatake.exe, and hokage4.exe)
2. Buang registry-registry yang dibuat oleh virus (boleh dilihat diatas)
3. Buang fail yang dibuat oleh virus.
4. Copy skrip dibawah pada notepad, dan save kepada repair.inf
5. Klik kanan dan install
[Version]
Signature=”$Chicago$”
Provider=Nightmare-066kgi [DefaultInstall]
AddReg=UnhookRegKey
DelReg=del [UnhookRegKey]
HKLM, Software\CLASSES\batfile\shell\open\command,,,”"”%1″” %*”
HKLM, Software\CLASSES\comfile\shell\open\command,,,”"”%1″” %*”
HKLM, Software\CLASSES\exefile\shell\open\command,,,”"”%1″” %*”
HKLM, Software\CLASSES\piffile\shell\open\command,,,”"”%1″” %*”
HKLM, Software\CLASSES\regfile\shell\open\command,,,”regedit.exe “%1″”
HKLM, Software\CLASSES\scrfile\shell\open\command,,,”"”%1″” %*”
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, Shell,0, “Explorer.exe” [del]
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegistryTools
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableTaskMgr
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\Explorer, NoFolderOptions
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\Explorer, NOFind
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\Explorer, NORun
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\WinOldApp
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Hokage 4
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Kakashi Hatake
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Obito Uchiha
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Rin
* C:\Documents and Settings\%user%\My Documents\KakashiHatake
- HOKAGE4.EXE
- Hokagefile.exe
- KakashiHatake.exe
- Obito.exe
- Rin.exe
* Menghasilkan fail "Hokagefile.exe" pada setiap folder/subfolder
Ia juga menukar nilai registry:
* HKCU\Software\Microsoft\WIndows\CurrenVersion\Explorer\Advanced\Hidden = 2 * HKCU\Software\Microsoft\WIndows\CurrenVersion\Explorer\Advanced\HideFileExt = 1 * HKCU\Software\Microsoft\WIndows\CurrenVersion\Explorer\Advanced\ShowSuperHidden = 0 * HKCU\Software\Microsoft\WIndows\CurrenVersion\Explorer\Advanced\superhidden =1 * HKLM\Software\Microsoft\Windows\CurrentVersion\run\Hokage4 = C:\Documents and settings\%user%\MY Documents\KakashiHatake\Hokage4.exe * HKLM\Software\Microsoft\Windows\CurrentVersion\run\Kakashi Hatake = C:\Documents and settings\%user%\MY Documents\KakashiHatake\KakashiHatake.exe * HKLM\Software\Microsoft\Windows\CurrentVersion\run\Obito Uchiha = C:\DOcuments and settings\%user%\My Documents\KakashiHatake\Obito.exe * HKLM\Software\Microsoft\Windows\CurrentVersion\run\Rin = C”\Documents and settings\%user%\My Documents\KakashiHatake\Rin.exeVirus ini tersebar melalui flash media melalui fail:
* Hokagefile.exe
* Autorun.inf
* Desktop.ini
* Folder.htt
* Anbu.txt
Cara menghilangkan virus ini:
1. Tutup proses yang sedang dijalankan menggunakan Process Explorer dari sysinternal atau sebagainya terutama kepada yang menggunakan winamp icon (Rin.exe, obito.exe, kakashihatake.exe, and hokage4.exe)
2. Buang registry-registry yang dibuat oleh virus (boleh dilihat diatas)
3. Buang fail yang dibuat oleh virus.
4. Copy skrip dibawah pada notepad, dan save kepada repair.inf
5. Klik kanan dan install
[Version]
Signature=”$Chicago$”
Provider=Nightmare-066kgi [DefaultInstall]
AddReg=UnhookRegKey
DelReg=del [UnhookRegKey]
HKLM, Software\CLASSES\batfile\shell\open\command,,,”"”%1″” %*”
HKLM, Software\CLASSES\comfile\shell\open\command,,,”"”%1″” %*”
HKLM, Software\CLASSES\exefile\shell\open\command,,,”"”%1″” %*”
HKLM, Software\CLASSES\piffile\shell\open\command,,,”"”%1″” %*”
HKLM, Software\CLASSES\regfile\shell\open\command,,,”regedit.exe “%1″”
HKLM, Software\CLASSES\scrfile\shell\open\command,,,”"”%1″” %*”
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, Shell,0, “Explorer.exe” [del]
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegistryTools
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableTaskMgr
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\Explorer, NoFolderOptions
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\Explorer, NOFind
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\Explorer, NORun
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\WinOldApp
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Hokage 4
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Kakashi Hatake
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Obito Uchiha
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Rin
Well, it’s not that easy. We get software version updates almost every month or so. These apply to different years of production and models. Usually BMW will mail you a notification of an emission related update or if the vehicle is in the shop for a repair that needs coding or programming the shops computer then will check if any other control unit needs updating. A 745 can have up to 80+ control units. Only the dealer can do this type of work. But there has to be some type of problem before we will update the software on any given control module. It is not recommended by BMW to upgrade the software if there are no problems concerning that control module. These systems are pretty fragile and updating can sometimes cause other problems or kill a module.http://www.airia.co.in/
ReplyDeletelouis vuitton factory outlet
ReplyDeletecheap jordan shoes
red bottoms
coach outlet online
pandora jewelry
burberry outlet store
polo ralph lauren outlet
philipp plein
coach outlet online
cheap ray ban sunglasses
clb20180731
goyard handbags
ReplyDeleteadidas yeezy
supreme hoodie
golden goose
supreme t shirt
yeezy shoes
supreme outlet
golden goose
yeezy
goyard