UNKLAB FORUM

Forum Mahasiswa & Alumni Universitas Klabat
 
HomeFAQSearchMemberlistUsergroupsRegisterLog in
Bagi Guest atau user yang tidak terdaftar, mohon maaf karena ada beberapa thread tidak bisa diakses oleh guest, oleh karena itu, sebaiknya anda registrasi terlebih untuk bisa mengakses penuh forum ini. Baca dulu peraturan forum ini. Terima Kasih
Navigation
 Index
 Memberlist
 Profile
 FAQ
 Search
Search
 
 

Display results as :
 
Rechercher Advanced Search
Latest topics
» Lowongan Pekerjaan PT. PNM (Persero)
Wed Nov 08, 2017 7:01 pm by CLiFF

» .NET Programming
Tue Mar 15, 2011 6:49 pm by Marvin07

» Bagaimana Menginstal OS dari USB???
Thu Feb 10, 2011 9:55 pm by unaitech

» Automatic Installation BackTrack 3 Final | Dual Booting
Thu Feb 10, 2011 9:53 pm by unaitech

» simple hacking test
Thu Feb 10, 2011 7:38 pm by and213

» [tutor] How To Patch SQL Injection Bug
Thu Feb 10, 2011 9:52 am by unaitech

» what ur distro..?
Thu Feb 10, 2011 9:48 am by unaitech

» netcut source-code
Thu Feb 10, 2011 9:44 am by unaitech

» Ragnarok Online
Mon Jan 31, 2011 1:57 pm by Marvin07

FRIENDS
Ads

    No ads available.



    Share | 
     

     Hati-hati, Virus Huhuhaha Bikin Rentan Windows Vista

    Go down 
    AuthorMessage
    lovely
    Expert
    Expert
    avatar

    Female Number of posts : 772
    Age : 27
    Location : with you
    Points : 73
    Registration date : 2009-01-11

    PostSubject: Hati-hati, Virus Huhuhaha Bikin Rentan Windows Vista   Sat Jan 24, 2009 4:02 pm

    Hati-hati, Virus Huhuhaha Bikin Rentan Windows Vista

    Jumat, 23 Januari 2009 | 18:08 WIB

    JAKARTA, JUMAT - Windows Vista yang diklaim jauh lebih aman dari Windows XP ternyata menjadi tak berarti saat diserang virus ini. Virus Huhuhaha yang saat ini sedang marak menyebar di Indonesia berhasil menembus salah satu gerbang keamanan Windows Vista sehingga rentan serangan masuk.

    Target serangan virus ini adalah UAC (User Account Control), salah satu fitur yang digunakan untuk mencegah program tidak diinginkan berjalan secara otomatis tanpa persetujuan pengguna komputer. Dengan melumpuhkan fungsi ini, komputer tak lagi meminta persetujuan untuk melakukan perintah.

    Virus ini menyebar melalui USB (Flash maupun Drive) dan dilaporkan telah menyerang sejumlah instansi Pemerintah, BUMN, Perusahaan Swasta, Instansi Pendidikan, serta warnet-warnet di Indonesia.

    Pembuat virus VBS (visual basic script) ini menamainya virus "HUHUHAHA". Namun, Norman Security Suite mendeteksi varian virus tersebut sebagai VBS/Autorun.AO. (Lihat Gambar 1)

    Ciri File Virus

    Virus Huhuhaha dibuat dengan menggunakan bahasa pemrograman VBScript. File virus berukuran 6 kb, dan agar dapat menyebar secara otomatis ia akan membuat file pendamping yaitu "autorun.inf" yang berisi script untuk menjalankan file virus.

    Jika virus berhasil menginfeksi, ia akan membuat beberapa file virus diantaranya :

    autorun.inf (pada semua root drive)
    huhuhaha.vbs (pada semua root drive)
    C:-WINDOWS-system32-XpWin.vbs

    Virus juga akan mengcopy file "autorun.inf" dan "huhuhaha.vbs" pada setiap usb (flash/drive) yang ditancapkan/dicolokkan pada komputer yang terinfeksi. Semua file virus tersebut memiliki atribut file RHSA (Read, Hidden, System, Archive), sehingga tidak terlihat jika user tidak memunculkan menu hidden. (Lihat Gambar 2)

    Gejala/Efek Virus

    Jika sudah terinfeksi virus huhuhaha, akan menimbulkan gejala/efek berikut :

    Memunculkan text virus pada menu "Run". (Lihat Gambar 3)
    Menonaktifkan system restore. Hal ini dilakukan agar user tidak dapat mengembalikan setingan system windows kembali seperti sebelum terinfeksi virus ini.
    Menambah header text virus pada Internet Explorer. (Lihat Gambar 4)
    Disable fungsi UAC (User Account Control) Windows Vista. (Lihat Gambar 5)
    Merubah nama registrasi computer dengan text virus. (Lihat Gambar 6)
    Menonaktifkan fungsi "safe mode" dan membuat "blue screen" windows. Saat user berusaha masuk melalui fitur safe mode, maka akan muncul blue screen. (Lihat Gambar 7)
    Mematikan fungsi Security Center Windows. Fitur ini digunakan untuk memastikan kondisi komputer dari 3 aspek keamanan yaitu Automatic Updates, Firewall dan Software Antivirus.

    Metode Penyebaran

    Sama seperti virus lokal lainnya, virus huhuhaha masih menggunakan media USB (flash/drive) sebagai penyebarannya. Virus akan membuat file "autorun.inf" dan "huhuhaha.vbs" pada setiap usb (flash/drive) yang ditancapkan/dicolokkan pada komputer yang terinfeksi. Kedua file tersebut akan aktif secara otomatis dengan hanya mengkases usb (drive/flash) tersebut.

    Modifikasi Registry

    Agar dapat aktif saat komputer dijalankan, virus membuat string berikut :

    HKEY_LOCAL_MACHINE-SOFTWARE -Microsoft-Windows-CurrentVersion-Run
    Ageia = C:-WINDOWS-system32-XpWin.vbs
    HKEY_LOCAL_MACHINE-SOFTWARE-Microsoft-Windows-CurrentVersion-Run
    Systemdir = C:-WINDOWS-huhuhaha.vbs
    Agar dapat muncul pada menu Run, virus membuat string berikut :
    HKEY_CURRENT_USER-Software-Microsoft-Windows-CurrentVersion-RunMRU
    a = huhuhaha

    Walau tidak men-disable fungsi windows seperti task manager, folder options, regedit, dll, virus men-disable system restore dengan membuat string berikut :
    HKEY_LOCAL_MACHINE-SOFTWARE- Microsoft-Windows NT-CurrentVersion-SystemRestore
    DisableSR = 1
    Serta men-disable fungsi UAC (User Account Control) dengan membuat string berikut :
    HKEY_LOCAL_MACHINE-SOFTWARE- Microsoft-Windows-CurrentVersion-Policies-System
    EnableLUA = 0x00000000

    Selain itu, virus menambah caption text pada Internet Explorer dengan membuat string berikut :
    HKEY_CURRENT_USER-Software-Microsoft-Internet Explorer-Main
    Window Title = huhuhaha
    Kemudian, virus juga merubah registrasi komputerdengan membuat string berikut :
    HKEY_LOCAL_MACHINE-SOFTWARE- Microsoft-Windows NT-CurrentVersion
    RegisteredOrganization = huhuhaha
    RegisteredOwner = huhuhaha

    Agar dapat muncul text virus saat login windows, virus membuat string berikut :
    HKEY_LOCAL_MACHINE-SOFTWARE- Microsoft-Windows NT-CurrentVersion
    LegalNoticeCaption = huhuhaha virus
    LegalNoticeText = huhuhaha

    Untuk men-disable fungsi safe mode, virus men-"delete" string berikut :
    HKEY_LOCAL_MACHINE-SYSTEM-ControlSet001-Control-SafeBoot, AlternateShell
    HKEY_LOCAL_MACHINE-SYSTEM-ControlSet002-Control-SafeBoot, AlternateShell
    HKEY_LOCAL_MACHINE-SYSTEM-ControlSet003-Control-SafeBoot, AlternateShell
    HKEY_LOCAL_MACHINE-SYSTEM-CurrentControlSet-Control-SafeBoot, AlternateShell

    Serta men-"delete" key berikut :
    HKEY_LOCAL_MACHINE-SYSTEM- CurrentControlSet-Control-SafeBoot-Minimal
    HKEY_LOCAL_MACHINE-SYSTEM-CurrentControlSet-Control-SafeBoot-Network
    Terakhir, virus berusaha mematikan fungsi Security Center dengan membuat string berikut :
    HKEY_LOCAL_MACHINE-SOFTWARE-Microsoft-Security Center
    AntivirusDisableNotify = 1
    FirewallDisableNotify = 1
    UpdatesDisableNotify = 1

    Sumber: Vaksincom

    hanya ingin berbagi informasi (walupun agak nggak ngerti) Senyum
    Back to top Go down
    View user profile
    lovely
    Expert
    Expert
    avatar

    Female Number of posts : 772
    Age : 27
    Location : with you
    Points : 73
    Registration date : 2009-01-11

    PostSubject: Re: Hati-hati, Virus Huhuhaha Bikin Rentan Windows Vista   Sat Jan 24, 2009 4:15 pm

    Tips: 5 Langkah Bersihkan Virus Huhuhaha


    Matikan proses virus dengan Windows Task Manager.
    Artikel Terkait:

    * Hati-hati, Virus Huhuhaha Bikin Rentan Windows Vista


    Jumat, 23 Januari 2009 | 18:20 WIB

    1. Putuskan komputer yang akan dibersihkan dari jaringan/internet.
    2. Matikan proses virus yang aktif pada memori.

    Gunakan Windows Task Manager untuk mematikan proses virus, yaitu dengan nama "wscript.exe". (wscript.exe merupakan file windows yang digunakan untuk menjalankan file vbscript). (Lihat Gambar)

    3. Hapus file virus berikut:
    autorun.inf (pada semua root drive)
    huhuhaha.vbs (pada semua root drive)
    C:-WINDOWS-system32-XpWin.vbs

    Catatan:
    Sebaiknya tampilkan file yang tersembunyi agar mempermudah dalam proses pencarian file virus. (virus memiliki atribut file Hidden, Archive, System, dan Read-Only). Caranya pada Windows Explorer pilih Tools>>Folder Options>>View>>Show hidden files and folders
    Untuk mempermudah proses pencarian sebaiknya gunakan fasilitas "Search" Windows dengan filter file autorun.inf dan *.vbs yang mempunyai ukuran 6 KB.

    4. Hapus string registry yang dibuat oleh virus. Untuk mempermudah dapat menggunakan script registry di bawah ini :

    [Version]
    Signature="$Chicago$"
    Provider=Vaksincom Oyee

    [UnhookRegKey]
    HKLM, SOFTWARE-Microsoft-Security Center, AntiVirusDisableNotify, 0x00000000,0
    HKLM, SOFTWARE-Microsoft-Security Center, FirewallDisableNotify, 0x00000000,0
    HKLM, SOFTWARE-Microsoft-Security Center, UpdatesDisableNotify, 0x00000000,0
    HKLM, SOFTWARE-Microsoft-Windows NT-CurrentVersion, RegisteredOrganization, 0, "Organization"
    HKLM, SOFTWARE-Microsoft-Windows NT-CurrentVersion, RegisteredOwner, 0, "Owner"
    HKLM, SOFTWARE-Microsoft-Windows NT-CurrentVersion-SystemRestore, DisableSR, 0x00000000,0
    HKLM, SYSTEM-ControlSet001-Control-SafeBoot, AlternateShell, 0, "cmd.exe"
    HKLM, SYSTEM-ControlSet002-Control-SafeBoot, AlternateShell, 0, "cmd.exe"
    HKLM, SYSTEM-ControlSet003-Control-SafeBoot, AlternateShell, 0, "cmd.exe"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot, AlternateShell, 0, "cmd.exe"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-{36FC9E60-C465-11CF-8056-444553540000}, (default), "Universal Serial Bus controller"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-{4D36E965-E325-11CE-BFC1-08002BE10318}, (default), "CD-ROM Drive"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-{4D36E967-E325-11CE-BFC1-08002BE10318}, (default), "DiskDrive"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-{4D36E969-E325-11CE-BFC1-08002BE10318}, (default), "Standar floppy disk controller"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-{4D36E96A-E325-11CE-BFC1-08002BE10318}, (default), "Hdc"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-{4D36E96B-E325-11CE-BFC1-08002BE10318}, (default), "Keyboard"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-{4D36E96F-E325-11CE-BFC1-08002BE10318}, (default), "Mouse"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-{4D36E977-E325-11CE-BFC1-08002BE10318}, (default), "PCMCIA Adapters"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-{4D36E97B-E325-11CE-BFC1-08002BE10318}, (default), "SCSIAdapters"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-{4D36E97D-E325-11CE-BFC1-08002BE10318}, (default), "System"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-{4D36E980-E325-11CE-BFC1-08002BE10318}, (default), "Floppy disk drive"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-{71A27CDD-812A-11D0-BEC7-08002BE2092F}, (default), "Volume"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}, (default), "Human Interfaces Devices"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-AppMgmt, (default), "Service"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-Base, (default), "Driver Group"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-Boot Bus Extender, (default), "Driver Group"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-Boot file system, (default), "Driver Group"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-CryptSvc, (default), "Service"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-DcomLaunch, (default), "Service"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-dmadmin, (default), "Service"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-dmboot.sys, (default), "Driver"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-dmio.sys, (default), "Driver"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-dmload.sys, (default), "Driver"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-dmserver, (default), "Service"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-EventLog, (default), "Service"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-File system, (default), "Driver Group"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-Filter, (default), "Driver Group"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-HelpSvc, (default), "Service"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-Netlogon, (default), "Service"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-PCI Configuration, (default), "Driver Group"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-PlugPlay, (default), "Service"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-PNP Filter, (default), "Driver Group"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-Primary disk, (default), "Driver Group"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-RpcSs, (default), "Service"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-SCSI Class, (default), "Driver Group"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-sermouse.sys, (default), "Driver"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-sr.sys, (default), "FSFilter System Recovery"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-SRService, (default), "Service"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-System Bus Extender, (default), "Driver Group"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-vga.sys, (default), "Driver"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-vgasave.sys, (default), "Driver"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-WinMgmt, (default), "Service"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-{36FC9E60-C465-11CF-8056-444553540000}, (default), "Universal Serial Bus controller"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-{4D36E965-E325-11CE-BFC1-08002BE10318}, (default), "CD-ROM Drive"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-{4D36E967-E325-11CE-BFC1-08002BE10318}, (default), "DiskDrive"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-{4D36E969-E325-11CE-BFC1-08002BE10318}, (default), "Standar floppy disk controller"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-{4D36E96A-E325-11CE-BFC1-08002BE10318}, (default), "Hdc"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-{4D36E96B-E325-11CE-BFC1-08002BE10318}, (default), "Keyboard"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-{4D36E96F-E325-11CE-BFC1-08002BE10318}, (default), "Mouse"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-{4D36E972-E325-11CE-BFC1-08002BE10318}, (default), "Net"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-{4D36E973-E325-11CE-BFC1-08002BE10318}, (default), "NetClient"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-{4D36E974-E325-11CE-BFC1-08002BE10318}, (default), "NetService"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-{4D36E975-E325-11CE-BFC1-08002BE10318}, (default), "NetTrans"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-{4D36E977-E325-11CE-BFC1-08002BE10318}, (default), "PCMCIA Adapters"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-{4D36E97B-E325-11CE-BFC1-08002BE10318}, (default), "SCSIAdapters"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-{4D36E97D-E325-11CE-BFC1-08002BE10318}, (default), "System"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-{4D36E980-E325-11CE-BFC1-08002BE10318}, (default), "Floppy disk drive"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-{71A27CDD-812A-11D0-BEC7-08002BE2092F}, (default), "Volume"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}, (default), "Human Interfaces Devices"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-AFD, (default), "Service"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-AppMgmt, (default), "Service"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-Base, (default), "Driver Group"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-Boot Bus Extender, (default), "Driver Group"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-Boot file system, (default), "Driver Group"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-Browser, (default), "Service"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-CryptSvc, (default), "Service"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-DcomLaunch, (default), "Service"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-Dhcp, (default), "Service"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-dmadmin, (default), "Service"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-dmboot.sys, (default), "Driver"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-dmio.sys, (default), "Driver"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-dmload.sys, (default), "Driver"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-dmserver, (default), "Service"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-DnsCache, (default), "Service"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-EventLog, (default), "Service"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-File system, (default), "Driver Group"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-Filter, (default), "Driver Group"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-HelpSvc, (default), "Service"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-ip6fw.sys, (default), "Driver"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-ipnat.sys, (default), "Driver"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-LanmanServer, (default), "Service"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-LanmanWorkstation, (default), "Service"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-LmHosts, (default), "Service"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-Messenger, (default), "Service"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-NDIS, (default), "Driver Group"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-NDIS Wrapper, (default), "Driver Group"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-Ndisuio, (default), "Service"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-NetBIOS, (default), "Service"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-NetBIOSGroup, (default), "Driver Group"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-NetBT, (default), "Service"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-NetDDEGroup, (default), "Driver Group"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-Netlogon, (default), "Service"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-NetMan, (default), "Service"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-Network, (default), "Driver Group"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-NetworkProvider, (default), "Driver Group"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-NtLmSsp, (default), "Service"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-PCI Configuration, (default), "Driver Group"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-PlugPlay, (default), "Service"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-PNP Filter, (default), "Driver Group"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-PNP_TDI, (default), "Driver Group"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-Primary disk, (default), "Driver Group"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-rdpcdd.sys, (default), "Driver"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-rdpdd.sys, (default), "Driver"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-rdpwd.sys, (default), "Driver"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-rdsessmgr, (default), "Service"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-RpcSs, (default), "Service"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-SCSI Class, (default), "Driver Group"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-sermouse.sys, (default), "Driver"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-SharedAccess, (default), "Service"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-sr.sys, (default), "FSFilter System Recovery"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-SRService, (default), "Service"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-Streams Drivers, (default), "Driver Group"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-System Bus Extender, (default), "Driver Group"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-Tcpip, (default), "Service"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-TDI, (default), "Driver Group"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-tdpipe.sys, (default), "Driver"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-tdtcp.sys, (default), "Driver"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-termservice, (default), "Service"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-vga.sys, (default), "Driver"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-vgasave.sys, (default), "Driver"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-WinMgmt, (default), "Service"
    HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-WZCSVC, (default), "Service"

    [del]
    HKCU, Software-Microsoft-Windows-CurrentVersion-RunMRU, a
    HKCU, Software-Microsoft-Internet Explorer-Main, Window Title
    HKLM, SOFTWARE-Microsoft-Windows-CurrentVersion-Run, Ageia
    HKLM, SOFTWARE-Microsoft-Windows-CurrentVersion-Run, Systemdir
    HKLM, SOFTWARE-Microsoft-Windows-CurrentVersion-Policies-system, EnableLUA
    HKLM, SOFTWARE-Microsoft-Windows-CurrentVersion-Winlogon

    Copy paste script tersebut ke dalam notepad kemudian simpan dengan nama "repair.inf" (gunakan pilihan Save As Type menjadi All Files agar tidak terjadi kesalahan).

    5. Buka file repair.inf kemudian jalankan dengan cara klik kanan file tersebut kemudian pilih install.

    Sumber: Vaksincom

    Back to top Go down
    View user profile
    Marvin07
    Novice
    Novice
    avatar

    Male Number of posts : 92
    Age : 28
    Location : Manado
    Points : 52
    Registration date : 2008-09-10

    PostSubject: Re: Hati-hati, Virus Huhuhaha Bikin Rentan Windows Vista   Sat Jan 24, 2009 11:12 pm

    bagimana membersihkan virus junk-post di forum? rupa sapa sto kurang kerja ja post2 macam2...


    peace, JK, nice info...
    Senyum
    Back to top Go down
    View user profile
    lovely
    Expert
    Expert
    avatar

    Female Number of posts : 772
    Age : 27
    Location : with you
    Points : 73
    Registration date : 2009-01-11

    PostSubject: Re: Hati-hati, Virus Huhuhaha Bikin Rentan Windows Vista   Sun Jan 25, 2009 9:42 am

    Marvin07 wrote:


    peace, JK, nice info...
    Senyum

    makasih...
    Back to top Go down
    View user profile
    eyn_mutz
    Pro
    Pro
    avatar

    Female Number of posts : 994
    Age : 29
    Location : KOTA CAKALANG
    Points : 137
    Registration date : 2009-01-07

    PostSubject: Re: Hati-hati, Virus Huhuhaha Bikin Rentan Windows Vista   Sun Jan 25, 2009 9:44 am

    thx2 mar bingo re kita
    Back to top Go down
    View user profile
    e8salv
    Moderator
    Moderator
    avatar

    Male Number of posts : 79
    Points : 1
    Registration date : 2008-06-06

    PostSubject: Re: Hati-hati, Virus Huhuhaha Bikin Rentan Windows Vista   Sun Jan 25, 2009 10:16 am

    wkwkwkwkw...ambe dari mna ini??
    Back to top Go down
    View user profile
    lovely
    Expert
    Expert
    avatar

    Female Number of posts : 772
    Age : 27
    Location : with you
    Points : 73
    Registration date : 2009-01-11

    PostSubject: Re: Hati-hati, Virus Huhuhaha Bikin Rentan Windows Vista   Sun Jan 25, 2009 10:19 am

    miss sama kita le masih bingung...
    mar mumpung masih baru jadi post jo noch Senyum
    e8salv wrote:
    wkwkwkwkw...ambe dari mna ini??
    ambe dari artikel kompas...
    kiapa so e8salv??
    Senyum
    Back to top Go down
    View user profile
    jzt.nwbie
    Administrator
    Administrator
    avatar

    Male Number of posts : 529
    Location : /home/jzt.nwbie
    Points : 109
    Registration date : 2008-09-16

    PostSubject: Re: Hati-hati, Virus Huhuhaha Bikin Rentan Windows Vista   Wed Jan 28, 2009 1:32 pm

    thanx dp share...

    _________________
    wanna be computer geek, nerd, etc...!!!
    Back to top Go down
    View user profile
    lovely
    Expert
    Expert
    avatar

    Female Number of posts : 772
    Age : 27
    Location : with you
    Points : 73
    Registration date : 2009-01-11

    PostSubject: Re: Hati-hati, Virus Huhuhaha Bikin Rentan Windows Vista   Wed Jan 28, 2009 8:23 pm

    Jzt_nwbie wrote:
    thanx dp share...
    your welcome.. :nyatai:
    Back to top Go down
    View user profile
    Sponsored content




    PostSubject: Re: Hati-hati, Virus Huhuhaha Bikin Rentan Windows Vista   

    Back to top Go down
     
    Hati-hati, Virus Huhuhaha Bikin Rentan Windows Vista
    Back to top 
    Page 1 of 1
     Similar topics
    -
    » Car windows broken and wheels stolen
    » Boarded up windows given a telephone number to ring in a dream it is real limousine hire
    » Norwest Private hospital , Bella Vista..?? Dr Roy..
    » Norwest Private in Bella Vista - with Dr. Brendan Ryan.
    » MASSIVE H1-5 Series/VIRUS STRAIN SWEEPING AROUND THE PLANET.

    Permissions in this forum:You cannot reply to topics in this forum
    UNKLAB FORUM :: KLABAT UNIVERSITY :: Computer Science Faculty :: Computer Security :: Virus, Worm, Trojan, Etc.-
    Jump to: