AntiVirus ch4r15.sys.vbs

6 06 2008

Klo klian kna virus ch4r15.sys.vbs, copy aj script dibawah ini, tpi sblumnya aktifkan dulu file yang terhiden dengan cara pilih menu Tools > Folder Options, pilih tab View centang Show hidden Files and Folders, Hide extensions for known file types, dan Hide protect operating system files.

kemudian copy script dibawah ini di notepad, dan save dengan nama anvir.inf , extensi dari filenya jangan sampai salah harus .inf , setelah itu klik kanan pada file yang telah di save dan pilih install

CODE :

[Version]
Signature=”$Chicago$”
Provider=Fariskhi

[DefaultInstall]
AddReg=UnhookRegKey
DelReg=del

[UnhookRegKey]
HKCU,Software\Microsoft\Internet Explorer\Main, Window Title,0, “INTERNET EXPLORER”

[del]
HKLM, Software\Microsoft\Windows\CurrentVersion\Run\Ageia”,””
HKLM, Software\Microsoft\Windows\CurrentVersion\Run\Systemdir”, windowpath & “”
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\Explorer, NoFind
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\Explorer, NoFolderOptions
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\Explorer, NoRun
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegistryTools
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableTaskMgr
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\Explorer, NoViewContextMenu
HKLM, Software\Microsoft\Windows\CurrentVersion\Winlogon, LegalNoticeCaption
HKLM, Software\Microsoft\Windows\CurrentVersion\Winlogon, LegalNoticeText
HKLM, Software\Microsoft\Windows\CurrentVersion\Run, Systemdir
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cmd.exe, Debugger
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\install.exe, Debugger
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msconfig.exe, Debugger
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedit.exe, Debugger
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\gpedit.msc, Debugger
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedt32.exe, Debugger
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RegistryEditor.exe, Debugger
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setup.exe, Debugger
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PCMAV.exe, Debugger
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PCMAV-CLN.exe, Debugger
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PCMAV-RTP.exe, Debugger

Jika virus yang ada dikomputer masih tetap jalan maka download aja antivirus avast, karena antivirus ini setahu aku bisa mendeteck script pada suatu file, jadi meskipun itu virus lokal masih dapat terdeteksi dengan anti virus ini.

Semoga berhasil . . . .

Iklan

Aksi

Information

One response

9 01 2009
dee

saya kena virus ini, uda coba cari pertama tapi gak fungsi. cara kedua juga kayanya gagal. ada cara lain. virus ini bekerja nyerang apa?

Tinggalkan Balasan

Isikan data di bawah atau klik salah satu ikon untuk log in:

Logo WordPress.com

You are commenting using your WordPress.com account. Logout / Ubah )

Gambar Twitter

You are commenting using your Twitter account. Logout / Ubah )

Foto Facebook

You are commenting using your Facebook account. Logout / Ubah )

Foto Google+

You are commenting using your Google+ account. Logout / Ubah )

Connecting to %s




%d blogger menyukai ini: