Ciri-ciri terkena virus Free_Mine.exe :
1. File Word akan berubah menjadi exe.
2. disetiap drive akan ada file autoran.inf dan Free_mine.exe (terhiden).
3. 15 menit setelah login windows akan muncul pesan text dari virus free_mine.exe
Langkah menghapus virus Free_Mine.exe :
Untuk menghapus virus Free_mine.exe cukup mendownload Anti Virus ANSAVv2.0.9BETA dialamat berikut http://ansav.server.or.id/download/program/
setelah selesai scan hapus folder yg ada di di folder C:\windows\system32\Loloz, setelah itu restart komputer Anda.
untuk mengembalikan regedit yg telah di obok oleh virus free_mine.exe, buat file repair.inf yg isinya sbb:
[Version]
Signature="$Chicago$"
Provider=PCNUSANTARA
[DefaultInstall]
AddReg=UnhookRegKey
DelReg=del
[UnhookRegKey]
HKLM, Software\CLASSES\batfile\shell\open\command,,,"""%1"" %*"
HKLM, Software\CLASSES\comfile\shell\open\command,,,"""%1"" %*"
HKLM, Software\CLASSES\exefile\shell\open\command,,,"""%1"" %*"
HKLM, Software\CLASSES\piffile\shell\open\command,,,"""%1"" %*"
HKLM, Software\CLASSES\regfile\shell\open\command,,,"regedit.exe "%1""
HKLM, Software\CLASSES\scrfile\shell\open\command,,,"""%1"" %*"
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, Shell,0, "Explorer.exe"
HKLM, SYSTEM\ControlSet001\Control\SafeBoot, AlternateShell,0, "cmd.exe"
HKLM, SYSTEM\ControlSet002\Control\SafeBoot, AlternateShell,0, "cmd.exe"
HKLM, SYSTEM\CurrentControlSet\Control\SafeBoot, AlternateShell,0, "cmd.exe"
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\HideFileExt, UncheckedValue,0x00010001,0
HKLM, SOFTWARE\Classes\scrfile,,,"Screen Saver"
[del]
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, LegalNoticeCaption
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, LegalNoticeText
HKLM, SOFTWARE\Classes\scrfile, InfoTip
HKLM, SOFTWARE\Classes\scrfile, NeverShowExt
HKLM, SOFTWARE\Classes\scrfile, TileInfo
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System,DisableRegistryTools
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\Explorer,NoFolderOptions
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Msconfig.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedit.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe
Semoga Bermanfaat.
Blog Ini Bkn Hanya Seputar Virus dan Komputer Juga Menerima Layanan Pembuatan website Profile CMS, Web Store Toko Online,Web Profil Statis.dll Jika Anda Berminat Silahkan Hubungi Saya di 
Atau Lansung Ke FADIA KHATULISTIWA
Tukeran link
ShoutMix chat widget
Blog Friends
.png){kind=small}
Masukkan Code ini K1-351C97-1
untuk berbelanja di KutuKutuBuku.com
Makasih Bos Atas Tipsx, Maju Trs Blogger Bontang. Thanks
BalasHapusYupz Sama Jayadi...
BalasHapus