Smadav Center > Konsultasi Virus
CONFICKER/ RECYCLER/ KIDO/ DOWNADUP
kambeeng:
Silahkan Masukan Cara Penaganan Virus KIDO, DOWNUP, CONFLICKER disini
RefrizaL:
Untuk Penangan Virus Ini silahkan baca postingan Zai di websitenya www.nafarin.com..
setelah membaca.. jika kemudian diketemukan kesulitan, selanjutnya bisa didiskusikan di thread ini..
Thx 8)
★ harboot ★:
wew... klo nulis nama Virus lengkap ama seri-nya dunkz..
tiap negara bisa beda2 byk varian..
Net-Worm.Win32.Kido.bt
klo ini, dia copy ke %System%\<ngasal>.dll (ngasal maksudnya ngacak)
Registry
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost]
"netsvcs" = "<original value> %System%\<rnd>.dll"
Virus ini berusaha masuk jadi admin (brute force) dan ngeremote kompi dijaringan.
Cara mengatasinya :
1. Delete the system registry key shown below::
[HKLM\SYSTEM\CurrentControlSet\Services\netsvcs]
2. Delete "%System%\<rnd>.dll" from the system registry key parameter shown below:
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost] "netsvcs"
3. Reboot the computer.
4. Delete the original worm file (the location will depend on how the malicious program penetrated the computer).
5. Delete the file shown below:
%System%\<rnd>.dll <rnd> is a string of random symbols
6. Delete the following files from all removable storage media:
<X>:\autorun.inf <X>:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\<rnd>.vmx rnd is a string of random lower case symbols; X is the disk.
7. Download and install operating system updates from the following link:
http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx
8. Update your antivirus databases and perform a full scan of the computer (download a trial version of Kaspersky Anti-Virus.
Selengkapnya baca : http://www.viruslist.com/en/viruses/encyclopedia?virusid=21782725
Untuk 2 Virus yg ditanyakan cari aja di VIRUSLIST.COM... sumbernya segala sumber berita VIRUS...
shinichi:
jagan lupa kidokiller toolsnya kaspersky versi barunya jga ya... ;)
RefrizaL:
sudah ... sudah ... kisana
lengkap banget dah.. ;D
Navigasi
[0] Indeks Pesan
Ke versi lengkap