Forum Smadav
April 19, 2014, 10:36:01 AM *
Welcome, Guest. Please login or register.

Login with username, password and session length
News: Smadaver ANTI-VIRUS - Bersatu memerangi Virus Indonesia.
 
   Home   Help Search Shop Members Login Register  
Pages: [1] 2   Go Down
  Send this topic  |  Print  
Author Topic: TOLONG ANE VIRUS NEW HEUR.ffd (FAKEDIR)  (Read 15174 times)
ichwan555



Reputation Power: 42

Offline Offline

Posts: 5
$42 SmadPoint

Send Money to ichwan555

View Profile
« on: April 15, 2012, 12:08:13 PM »





MOHON CARA NGILANGINNYA GIMANA  help setiap colok flashdsk pasti ke detect tuh virus
log dari SMADAV



==============================
Log File of Smadav 2012 Rev. 8.9
==============================

Scanning Results :
=> Time & Date : 10:04:10, on 04-15-2012
=> Finishing Time : 15 seconds
=> Folder Scanned :3
=> File Scanned : 20
=> File Detected : 1
=> File Cleaned : 0
=> Value Scanned : 1155
=> Value Detected: 0
=> Value Fixed: 0
=> Path Scanned: 3
=> Path Hidden: 1
=> Path Unhidden: 0

==============================
Before Scanning
==============================
Suspected Paths :
=> Fine(Level 2) as  : 2 Process, 1 Startup
   -C:\Program Files\USB Disk Security\USBGuard.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Avira\AntiVir Desktop\sched.exe
=> Fine(Level 1) as  : 1 Process, 1 Startup
   -C:\WINDOWS\RTHDCPL.EXE
=> Fine(Level 1) as  : 1 Process, 1 Startup
   -C:\Program Files\Synaptics\SynTP\SynTPStart.exe
=> Fine(Level 1) as  : 1 Process, 1 Startup
   -C:\WINDOWS\BisonCam\BisonHK.exe
=> Fine(Level 1) as  : 1 Process, 1 Startup
   -C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
=> Fine(Level 1) as  : 1 Process, 1 Startup
   -C:\Program Files\Internet Download Manager\IDMan.exe
=> Fine(Level 1) as  : 1 Process, 1 Startup
   -C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
=> Fine(Level 1) as  : 1 Process, 1 Startup
   -C:\Documents and Settings\user\ziowih.exe
=> Fine(Level 1) as  : 1 Process, 1 Startup
   -C:\Program Files\HotKey_Driver\HotKeyDriver.exe
=> Fine(Level 1) as  : 1 Process
   -C:\WINDOWS\system32\wbem\wmiprvse.exe
=> Fine(Level 2) as  : 1 Process, 2 Startup
   -C:\WINDOWS\system32\sistray.exe
=> Fine(Level 1) as  : 1 Process
   -C:\WINDOWS\system32\wbem\unsecapp.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Avira\AntiVir Desktop\avguard.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Bonjour\mDNSResponder.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Documents and Settings\All Users\Application Data\DatacardService\HWDeviceService.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Canon\IJPLM\ijplmsvc.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Java\jre6\bin\jqs.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
=> Fine(Level 1) as  : 1 Process
   -C:\Documents and Settings\All Users\Application Data\Mobile Partner\OnlineUpdate\ouc.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Mobile Partner\Mobile Partner.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Mozilla Firefox\firefox.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Mozilla Firefox\plugin-container.exe
=> Fine(Level 1) as  : 2 Startup
   -C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
=> Fine(Level 1) as  : 1 Startup
   -D:\data c\Downloads\Programs\HarvestMoonBacktoNaturePrim-dm.exe
=> Fine(Level 1) as  : 1 Startup
   -C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
=> Fine(Level 1) as  : 1 Startup
   -C:\WINDOWS\ALCMTR.EXE
=> Fine(Level 1) as  : 1 Startup
   -C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
=> Fine(Level 1) as  : 1 Startup
   -C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
=> Fine(Level 1) as  : 1 Startup
   -C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
=> Fine(Level 1) as  : 1 Startup
   -C:\Program Files\Canon\SolutionMenu\CNSLMAIN.EXE
=> Fine(Level 1) as  : 2 Startup
   -c:\program files\common files\Adobe\calibration\adobe gamma loader.exe
=> Fine(Level 2) as  : 1 Startup
   -c:\WINDOWS\system32\kyzcevxp.dll
=> Fine(Level 2) as  : 1 Startup
   -c:\program files\Ask.com\updatetask.exe

Running Processes :
=> N/A
=> N/A
=> C:\WINDOWS\system32\smss.exe
=> C:\WINDOWS\system32\csrss.exe
=> C:\WINDOWS\system32\winlogon.exe
=> C:\WINDOWS\system32\services.exe
=> C:\WINDOWS\system32\lsass.exe
=> C:\WINDOWS\system32\svchost.exe
=> C:\WINDOWS\system32\svchost.exe
=> C:\WINDOWS\system32\svchost.exe
=> C:\WINDOWS\system32\svchost.exe
=> C:\WINDOWS\system32\svchost.exe
=> C:\WINDOWS\system32\spoolsv.exe
=> C:\Program Files\Avira\AntiVir Desktop\sched.exe
=> C:\WINDOWS\RTHDCPL.EXE
=> C:\Program Files\Synaptics\SynTP\SynTPStart.exe
=> C:\WINDOWS\BisonCam\BisonHK.exe
=> C:\WINDOWS\system32\rundll32.exe
=> C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
=> C:\Program Files\Smadav\SMΔRTP.exe
=> C:\Program Files\USB Disk Security\USBGuard.exe
=> C:\Program Files\USB Disk Security\USBGuard.exe
=> C:\WINDOWS\system32\ctfmon.exe
=> C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
=> C:\Program Files\Internet Download Manager\IDMan.exe
=> C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
=> C:\Documents and Settings\user\ziowih.exe
=> C:\Program Files\HotKey_Driver\HotKeyDriver.exe
=> C:\WINDOWS\system32\wbem\wmiprvse.exe
=> C:\WINDOWS\system32\sistray.exe
=> C:\WINDOWS\system32\wbem\unsecapp.exe
=> C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
=> C:\Program Files\Avira\AntiVir Desktop\avguard.exe
=> C:\Program Files\Bonjour\mDNSResponder.exe
=> C:\WINDOWS\system32\svchost.exe
=> C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
=> C:\Documents and Settings\All Users\Application Data\DatacardService\HWDeviceService.exe
=> C:\Program Files\Canon\IJPLM\ijplmsvc.exe
=> C:\Program Files\Java\jre6\bin\jqs.exe
=> C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
=> C:\Documents and Settings\All Users\Application Data\Mobile Partner\OnlineUpdate\ouc.exe
=> C:\WINDOWS\system32\svchost.exe
=> C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
=> C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
=> C:\WINDOWS\system32\svchost.exe
=> C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
=> C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
=> C:\WINDOWS\system32\alg.exe
=> C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
=> C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
=> C:\WINDOWS\system32\ping.exe
=> C:\Program Files\Mobile Partner\Mobile Partner.exe
=> C:\Program Files\Mozilla Firefox\firefox.exe
=> C:\WINDOWS\explorer.exe
=> C:\WINDOWS\system32\taskmgr.exe
=> C:\Program Files\Mozilla Firefox\plugin-container.exe
=> C:\Program Files\Smadav\SMΔRTP.exe

==============================
After Scanning
==============================
Suspected Paths :
=> Fine(Level 2) as  : 2 Process, 1 Startup
   -C:\Program Files\USB Disk Security\USBGuard.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Avira\AntiVir Desktop\sched.exe
=> Fine(Level 1) as  : 1 Process, 1 Startup
   -C:\WINDOWS\RTHDCPL.EXE
=> Fine(Level 1) as  : 1 Process, 1 Startup
   -C:\Program Files\Synaptics\SynTP\SynTPStart.exe
=> Fine(Level 1) as  : 1 Process, 1 Startup
   -C:\WINDOWS\BisonCam\BisonHK.exe
=> Fine(Level 1) as  : 1 Process, 1 Startup
   -C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
=> Fine(Level 1) as  : 1 Process, 1 Startup
   -C:\Program Files\Internet Download Manager\IDMan.exe
=> Fine(Level 1) as  : 1 Process, 1 Startup
   -C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
=> Fine(Level 1) as  : 1 Process, 1 Startup
   -C:\Documents and Settings\user\ziowih.exe
=> Fine(Level 1) as  : 1 Process, 1 Startup
   -C:\Program Files\HotKey_Driver\HotKeyDriver.exe
=> Fine(Level 1) as  : 1 Process
   -C:\WINDOWS\system32\wbem\wmiprvse.exe
=> Fine(Level 2) as  : 1 Process, 2 Startup
   -C:\WINDOWS\system32\sistray.exe
=> Fine(Level 1) as  : 1 Process
   -C:\WINDOWS\system32\wbem\unsecapp.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Avira\AntiVir Desktop\avguard.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Bonjour\mDNSResponder.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Documents and Settings\All Users\Application Data\DatacardService\HWDeviceService.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Canon\IJPLM\ijplmsvc.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Java\jre6\bin\jqs.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
=> Fine(Level 1) as  : 1 Process
   -C:\Documents and Settings\All Users\Application Data\Mobile Partner\OnlineUpdate\ouc.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Mobile Partner\Mobile Partner.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Mozilla Firefox\firefox.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Mozilla Firefox\plugin-container.exe
=> Fine(Level 1) as  : 2 Startup
   -C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
=> Fine(Level 1) as  : 1 Startup
   -D:\data c\Downloads\Programs\HarvestMoonBacktoNaturePrim-dm.exe
=> Fine(Level 1) as  : 1 Startup
   -C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
=> Fine(Level 1) as  : 1 Startup
   -C:\WINDOWS\ALCMTR.EXE
=> Fine(Level 1) as  : 1 Startup
   -C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
=> Fine(Level 1) as  : 1 Startup
   -C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
=> Fine(Level 1) as  : 1 Startup
   -C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
=> Fine(Level 1) as  : 1 Startup
   -C:\Program Files\Canon\SolutionMenu\CNSLMAIN.EXE
=> Fine(Level 1) as  : 2 Startup
   -c:\program files\common files\Adobe\calibration\adobe gamma loader.exe
=> Fine(Level 2) as  : 1 Startup
   -c:\WINDOWS\system32\kyzcevxp.dll
=> Fine(Level 2) as  : 1 Startup
   -c:\program files\Ask.com\updatetask.exe

Running Processes :
=> N/A
=> N/A
=> C:\WINDOWS\system32\smss.exe
=> C:\WINDOWS\system32\csrss.exe
=> C:\WINDOWS\system32\winlogon.exe
=> C:\WINDOWS\system32\services.exe
=> C:\WINDOWS\system32\lsass.exe
=> C:\WINDOWS\system32\svchost.exe
=> C:\WINDOWS\system32\svchost.exe
=> C:\WINDOWS\system32\svchost.exe
=> C:\WINDOWS\system32\svchost.exe
=> C:\WINDOWS\system32\svchost.exe
=> C:\WINDOWS\system32\spoolsv.exe
=> C:\Program Files\Avira\AntiVir Desktop\sched.exe
=> C:\WINDOWS\RTHDCPL.EXE
=> C:\Program Files\Synaptics\SynTP\SynTPStart.exe
=> C:\WINDOWS\BisonCam\BisonHK.exe
=> C:\WINDOWS\system32\rundll32.exe
=> C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
=> C:\Program Files\Smadav\SMΔRTP.exe
=> C:\Program Files\USB Disk Security\USBGuard.exe
=> C:\Program Files\USB Disk Security\USBGuard.exe
=> C:\WINDOWS\system32\ctfmon.exe
=> C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
=> C:\Program Files\Internet Download Manager\IDMan.exe
=> C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
=> C:\Documents and Settings\user\ziowih.exe
=> C:\Program Files\HotKey_Driver\HotKeyDriver.exe
=> C:\WINDOWS\system32\wbem\wmiprvse.exe
=> C:\WINDOWS\system32\sistray.exe
=> C:\WINDOWS\system32\wbem\unsecapp.exe
=> C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
=> C:\Program Files\Avira\AntiVir Desktop\avguard.exe
=> C:\Program Files\Bonjour\mDNSResponder.exe
=> C:\WINDOWS\system32\svchost.exe
=> C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
=> C:\Documents and Settings\All Users\Application Data\DatacardService\HWDeviceService.exe
=> C:\Program Files\Canon\IJPLM\ijplmsvc.exe
=> C:\Program Files\Java\jre6\bin\jqs.exe
=> C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
=> C:\Documents and Settings\All Users\Application Data\Mobile Partner\OnlineUpdate\ouc.exe
=> C:\WINDOWS\system32\svchost.exe
=> C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
=> C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
=> C:\WINDOWS\system32\svchost.exe
=> C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
=> C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
=> C:\WINDOWS\system32\alg.exe
=> C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
=> C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
=> C:\WINDOWS\system32\ping.exe
=> C:\Program Files\Mobile Partner\Mobile Partner.exe
=> C:\Program Files\Mozilla Firefox\firefox.exe
=> C:\WINDOWS\explorer.exe
=> C:\WINDOWS\system32\taskmgr.exe
=> C:\Program Files\Mozilla Firefox\plugin-container.exe
=> C:\Program Files\Smadav\SMΔRTP.exe

Detected Virus :
=> New Heur.FFD(FakeDir)
   -Infected File
   -J:\.demovideo.exe

Hidden Files/Folders
=> J:\.demovideo
   -Folder, Hidden, System

0
Balas
ichwan555



Reputation Power: 42

Offline Offline

Posts: 5
$42 SmadPoint

Send Money to ichwan555

View Profile
« Reply #1 on: April 15, 2012, 12:11:45 PM »

Tambahan

0
Balas
ichwan555



Reputation Power: 42

Offline Offline

Posts: 5
$42 SmadPoint

Send Money to ichwan555

View Profile
« Reply #2 on: April 15, 2012, 12:14:49 PM »

MAaf Kalo misal dopost , ane bener lagi kebingungan.  Cry Cry Cry

Agan TOLONG ANE !!! help help , FLASH DISK ane kena virus New Heur.FFD (FakeDir). Setiap colokin FLASHDISK ke detect trus sma SMADAV trus udah ane delete tetep aja muncul pas ane colokin ke kompi....
Trus setiap folder/file yang ane paste ke flash disk. File/folder ane pasti ngilang dan digantiin sma ini virus dengan nama file yang ane copyditambah .exe (Misal ane paste folder smadav. pasti ntar file aslinya ngilang dan folder berubah menjadi smadav.exe)  Shocked Shocked Shocked
Gimana cara menghilangkannya, Mohon pencerahan Huh?  Huh? Huh?       help help help

0
Balas
Uko|GreyHat-EliteHacker



Reputation Power: 7769
Uko|GreyHat-EliteHacker Uko|GreyHat-EliteHacker Uko|GreyHat-EliteHacker Uko|GreyHat-EliteHacker Uko|GreyHat-EliteHacker Uko|GreyHat-EliteHacker Uko|GreyHat-EliteHacker Uko|GreyHat-EliteHacker
Offline Offline

Gender: Male
Posts: 1.852
$7713 SmadPoint

Send Money to Uko|GreyHat-EliteHacker

Ingin Menjadi Orang Yang Terbaik! :)


View Profile WWW
« Reply #3 on: April 15, 2012, 05:19:04 PM »

emang virusnya dapet dari mana?

0
Balas

My Blog
My Facebook
Terima Kasih
MAbdanMulia



Reputation Power: 959
MAbdanMulia MAbdanMulia MAbdanMulia MAbdanMulia MAbdanMulia
Offline Offline

Gender: Male
Posts: 104
$927 SmadPoint

Send Money to MAbdanMulia


View Profile
« Reply #4 on: April 15, 2012, 11:04:00 PM »

boleh minta tolong uploadkan sample" virusnya kah ?   Undecided

0
Balas
M. Ridzky
Smadav Experts

*******

Reputation Power: 1588
M. Ridzky M. Ridzky M. Ridzky M. Ridzky M. Ridzky
Offline Offline

Gender: Male
Posts: 213
$1556 SmadPoint

Send Money to M. Ridzky


View Profile WWW
« Reply #5 on: April 16, 2012, 03:26:47 AM »


Coba ikutin cara berikut

Buka SMADAV, kemudian klik TAB Tools > One Virus By User, di situ akan terlihat file virus yg mencurigakan, seperti ikon folder, ikon video (namanya acak), klo udh ketemu kemudian klik kanan pilih Add As Virus. Lihat contohnya seperti gambar dibawah ini. (Ini cuma contoh dari kasus virus yg berbeda)


Kemudian menuju ke TAB Scanner  pilih Full Scan.  Jika sudah tinggal klik tombol SCAN >>


Tunggu sampe proses selesai, klo virusnya ada biasanya langsung terdeteksi..

Klo ada virus yg belum terdeteksi oleh Smadav, gunakan Fitur One Virus By User  Roll Eyes

jgn lupa kunjungin Portal Informasi Virus dan pembersihanya menggunakan smadav berikut : http://www.viruslokal.com

0
Balas

ichwan555



Reputation Power: 42

Offline Offline

Posts: 5
$42 SmadPoint

Send Money to ichwan555

View Profile
« Reply #6 on: April 17, 2012, 06:01:49 AM »

@GreyHat-EliteHacker : Mungkin dapet dari warnet, tapi anehnya flashdisk yang pertama kedetect, Trus gak taunya microsd yang ada di modem juga kena padahal gak sya pake diwarnet dan belum bersentuhan dengan flashdisk yang terkena virus..  Cry Cry
@abdanmulia : Upload kemana gan, ane masih belum kelar ngurusin nie virus.... sedih ==> mohon bantuan

@ M. Ridzky : sya coba dulu ya gan.... makasih infonya..  Roll Eyes Roll Eyes   

0
Balas
Muhibbudin



Reputation Power: 3

Offline Offline

Posts: 1
$3 SmadPoint

Send Money to Muhibbudin

View Profile
« Reply #7 on: June 23, 2013, 12:03:09 PM »

Bang tolong ane,, Cry Cry Cry
ane dapet virus yang lumayan mengganggu namanya NEW HEUR .FFD (LINK),,,
setiap ane masukin removable disk selalu diubah ama tuh virus datanya jadi ngelink/ shortcut ke flashdisk asli, ya jadinya kalo MMC jadi ga keDETECT ama HP... Undecided
Mau cari caranya d.Google tapi ga ada cuma ada NEW HEUR .FDD (Hidden-root) sama temen"nya (kecuali new heur .ffd (link))....
Minta jawabanya gan.. Cool

-1
Balas
dsyahputera7



Reputation Power: 710
dsyahputera7 dsyahputera7 dsyahputera7 dsyahputera7
Offline Offline

Gender: Male
Posts: 117
$678 SmadPoint

Send Money to dsyahputera7

Pelajar, perogrammer, truz apa lagi ya???


View Profile WWW
« Reply #8 on: June 23, 2013, 02:04:55 PM »

Wih,, kayaknya seru tuh... Minta donk.... Cheesy

0
Balas

Follow me on Twitter: @theSyahputera7
Visit my blog: http://dsyahputera7.mywapblog.com
matkomputer76



Reputation Power: 16

Offline Offline

Posts: 2
$16 SmadPoint

Send Money to matkomputer76

View Profile
« Reply #9 on: October 17, 2013, 08:24:09 PM »

 Remove New Heur Virus
1. Open new notepad

2. Type

@echo off
echo press any key
echo. & pause
del /f /s /q \*.pif
del /f /s /q \autorun.ini
del /f /s /q %systemdrive%\*.tmp
del /f /s /q %systemdrive%\*._mp
del /f /s /q %systemdrive%\*.log
del /f /s /q %systemdrive%\*.gid
del /f /s /q %systemdrive%\*.chk
del /f /s /q %systemdrive%\*.old
del /f /s /q %systemdrive%\recycled\*.*
del /f /s /q %systemdrive%\Thumbs.dbrem —————————In this part just need one excecute
del /f /s /q %windir%\system.ini
del /f /s /q %windir%\ODBCINST.INI
del /f /s /q %windir%\msdfmap.ini
del /f /s /q %windir%\desktop.ini
del /f /s /q %windir%\control.ini
del /f /s /q %windir%\clock.avi
del /f /s /q %windir%\bootstat.dat
rem ——————————-limit delete command
del /f /s /q %windir%\_default
del /f /s /q %windir%\*.bmp
del /f /s /q %windir%\*.txt
del /f /s /q %windir%\*.bak
del /f /s /q %windir%\prefetch\*.*
rd /s /q %windir%\temp & md %windir%\temp

del /f /q %userprofile%\cookies\*.*
del /f /q %userprofile%\recent\*.*
del /f /s /q “%userprofile%\Local Settings\Temporary Internet Files\*.*”
del /f /s /q “%userprofile%\Local Settings\Temp\*.*”
del /f /s /q “%userprofile%\recent\*.*”
echo your computer now clean from virus
echo. & pause


3 Save as fix.bat

4. Open data in drive that you want to fix (if Drive c and you open it in drive c)

5. And finish
Posted by matkomputer76 at 08:22 PM

0
Balas
Pages: [1] 2   Go Up
  Send this topic  |  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines Valid XHTML 1.0! Valid CSS!
Page created in 0.745 seconds with 21 queries. (Pretty URLs adds 0.298s, 2q)