Penulis Topik: TOLONG ANE VIRUS NEW HEUR.ffd (FAKEDIR)  (Dibaca 332751 kali)

Offline ichwan555

  • Pro3
  • **
  • Tulisan: 5
  • Reputation: 40
    • Lihat Profil
TOLONG ANE VIRUS NEW HEUR.ffd (FAKEDIR)
« pada: April 15, 2012, 11:08:13 AM »




MOHON CARA NGILANGINNYA GIMANA  ^:)^ setiap colok flashdsk pasti ke detect tuh virus
log dari SMADAV



==============================
Log File of Smadav 2012 Rev. 8.9
==============================

Scanning Results :
=> Time & Date : 10:04:10, on 04-15-2012
=> Finishing Time : 15 seconds
=> Folder Scanned :3
=> File Scanned : 20
=> File Detected : 1
=> File Cleaned : 0
=> Value Scanned : 1155
=> Value Detected: 0
=> Value Fixed: 0
=> Path Scanned: 3
=> Path Hidden: 1
=> Path Unhidden: 0

==============================
Before Scanning
==============================
Suspected Paths :
=> Fine(Level 2) as  : 2 Process, 1 Startup
   -C:\Program Files\USB Disk Security\USBGuard.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Avira\AntiVir Desktop\sched.exe
=> Fine(Level 1) as  : 1 Process, 1 Startup
   -C:\WINDOWS\RTHDCPL.EXE
=> Fine(Level 1) as  : 1 Process, 1 Startup
   -C:\Program Files\Synaptics\SynTP\SynTPStart.exe
=> Fine(Level 1) as  : 1 Process, 1 Startup
   -C:\WINDOWS\BisonCam\BisonHK.exe
=> Fine(Level 1) as  : 1 Process, 1 Startup
   -C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
=> Fine(Level 1) as  : 1 Process, 1 Startup
   -C:\Program Files\Internet Download Manager\IDMan.exe
=> Fine(Level 1) as  : 1 Process, 1 Startup
   -C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
=> Fine(Level 1) as  : 1 Process, 1 Startup
   -C:\Documents and Settings\user\ziowih.exe
=> Fine(Level 1) as  : 1 Process, 1 Startup
   -C:\Program Files\HotKey_Driver\HotKeyDriver.exe
=> Fine(Level 1) as  : 1 Process
   -C:\WINDOWS\system32\wbem\wmiprvse.exe
=> Fine(Level 2) as  : 1 Process, 2 Startup
   -C:\WINDOWS\system32\sistray.exe
=> Fine(Level 1) as  : 1 Process
   -C:\WINDOWS\system32\wbem\unsecapp.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Avira\AntiVir Desktop\avguard.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Bonjour\mDNSResponder.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Documents and Settings\All Users\Application Data\DatacardService\HWDeviceService.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Canon\IJPLM\ijplmsvc.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Java\jre6\bin\jqs.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
=> Fine(Level 1) as  : 1 Process
   -C:\Documents and Settings\All Users\Application Data\Mobile Partner\OnlineUpdate\ouc.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Mobile Partner\Mobile Partner.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Mozilla Firefox\firefox.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Mozilla Firefox\plugin-container.exe
=> Fine(Level 1) as  : 2 Startup
   -C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
=> Fine(Level 1) as  : 1 Startup
   -D:\data c\Downloads\Programs\HarvestMoonBacktoNaturePrim-dm.exe
=> Fine(Level 1) as  : 1 Startup
   -C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
=> Fine(Level 1) as  : 1 Startup
   -C:\WINDOWS\ALCMTR.EXE
=> Fine(Level 1) as  : 1 Startup
   -C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
=> Fine(Level 1) as  : 1 Startup
   -C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
=> Fine(Level 1) as  : 1 Startup
   -C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
=> Fine(Level 1) as  : 1 Startup
   -C:\Program Files\Canon\SolutionMenu\CNSLMAIN.EXE
=> Fine(Level 1) as  : 2 Startup
   -c:\program files\common files\Adobe\calibration\adobe gamma loader.exe
=> Fine(Level 2) as  : 1 Startup
   -c:\WINDOWS\system32\kyzcevxp.dll
=> Fine(Level 2) as  : 1 Startup
   -c:\program files\Ask.com\updatetask.exe

Running Processes :
=> N/A
=> N/A
=> C:\WINDOWS\system32\smss.exe
=> C:\WINDOWS\system32\csrss.exe
=> C:\WINDOWS\system32\winlogon.exe
=> C:\WINDOWS\system32\services.exe
=> C:\WINDOWS\system32\lsass.exe
=> C:\WINDOWS\system32\svchost.exe
=> C:\WINDOWS\system32\svchost.exe
=> C:\WINDOWS\system32\svchost.exe
=> C:\WINDOWS\system32\svchost.exe
=> C:\WINDOWS\system32\svchost.exe
=> C:\WINDOWS\system32\spoolsv.exe
=> C:\Program Files\Avira\AntiVir Desktop\sched.exe
=> C:\WINDOWS\RTHDCPL.EXE
=> C:\Program Files\Synaptics\SynTP\SynTPStart.exe
=> C:\WINDOWS\BisonCam\BisonHK.exe
=> C:\WINDOWS\system32\rundll32.exe
=> C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
=> C:\Program Files\Smadav\SMΔRTP.exe
=> C:\Program Files\USB Disk Security\USBGuard.exe
=> C:\Program Files\USB Disk Security\USBGuard.exe
=> C:\WINDOWS\system32\ctfmon.exe
=> C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
=> C:\Program Files\Internet Download Manager\IDMan.exe
=> C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
=> C:\Documents and Settings\user\ziowih.exe
=> C:\Program Files\HotKey_Driver\HotKeyDriver.exe
=> C:\WINDOWS\system32\wbem\wmiprvse.exe
=> C:\WINDOWS\system32\sistray.exe
=> C:\WINDOWS\system32\wbem\unsecapp.exe
=> C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
=> C:\Program Files\Avira\AntiVir Desktop\avguard.exe
=> C:\Program Files\Bonjour\mDNSResponder.exe
=> C:\WINDOWS\system32\svchost.exe
=> C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
=> C:\Documents and Settings\All Users\Application Data\DatacardService\HWDeviceService.exe
=> C:\Program Files\Canon\IJPLM\ijplmsvc.exe
=> C:\Program Files\Java\jre6\bin\jqs.exe
=> C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
=> C:\Documents and Settings\All Users\Application Data\Mobile Partner\OnlineUpdate\ouc.exe
=> C:\WINDOWS\system32\svchost.exe
=> C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
=> C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
=> C:\WINDOWS\system32\svchost.exe
=> C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
=> C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
=> C:\WINDOWS\system32\alg.exe
=> C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
=> C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
=> C:\WINDOWS\system32\ping.exe
=> C:\Program Files\Mobile Partner\Mobile Partner.exe
=> C:\Program Files\Mozilla Firefox\firefox.exe
=> C:\WINDOWS\explorer.exe
=> C:\WINDOWS\system32\taskmgr.exe
=> C:\Program Files\Mozilla Firefox\plugin-container.exe
=> C:\Program Files\Smadav\SMΔRTP.exe

==============================
After Scanning
==============================
Suspected Paths :
=> Fine(Level 2) as  : 2 Process, 1 Startup
   -C:\Program Files\USB Disk Security\USBGuard.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Avira\AntiVir Desktop\sched.exe
=> Fine(Level 1) as  : 1 Process, 1 Startup
   -C:\WINDOWS\RTHDCPL.EXE
=> Fine(Level 1) as  : 1 Process, 1 Startup
   -C:\Program Files\Synaptics\SynTP\SynTPStart.exe
=> Fine(Level 1) as  : 1 Process, 1 Startup
   -C:\WINDOWS\BisonCam\BisonHK.exe
=> Fine(Level 1) as  : 1 Process, 1 Startup
   -C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
=> Fine(Level 1) as  : 1 Process, 1 Startup
   -C:\Program Files\Internet Download Manager\IDMan.exe
=> Fine(Level 1) as  : 1 Process, 1 Startup
   -C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
=> Fine(Level 1) as  : 1 Process, 1 Startup
   -C:\Documents and Settings\user\ziowih.exe
=> Fine(Level 1) as  : 1 Process, 1 Startup
   -C:\Program Files\HotKey_Driver\HotKeyDriver.exe
=> Fine(Level 1) as  : 1 Process
   -C:\WINDOWS\system32\wbem\wmiprvse.exe
=> Fine(Level 2) as  : 1 Process, 2 Startup
   -C:\WINDOWS\system32\sistray.exe
=> Fine(Level 1) as  : 1 Process
   -C:\WINDOWS\system32\wbem\unsecapp.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Avira\AntiVir Desktop\avguard.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Bonjour\mDNSResponder.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Documents and Settings\All Users\Application Data\DatacardService\HWDeviceService.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Canon\IJPLM\ijplmsvc.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Java\jre6\bin\jqs.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
=> Fine(Level 1) as  : 1 Process
   -C:\Documents and Settings\All Users\Application Data\Mobile Partner\OnlineUpdate\ouc.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Mobile Partner\Mobile Partner.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Mozilla Firefox\firefox.exe
=> Fine(Level 1) as  : 1 Process
   -C:\Program Files\Mozilla Firefox\plugin-container.exe
=> Fine(Level 1) as  : 2 Startup
   -C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
=> Fine(Level 1) as  : 1 Startup
   -D:\data c\Downloads\Programs\HarvestMoonBacktoNaturePrim-dm.exe
=> Fine(Level 1) as  : 1 Startup
   -C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
=> Fine(Level 1) as  : 1 Startup
   -C:\WINDOWS\ALCMTR.EXE
=> Fine(Level 1) as  : 1 Startup
   -C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
=> Fine(Level 1) as  : 1 Startup
   -C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
=> Fine(Level 1) as  : 1 Startup
   -C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
=> Fine(Level 1) as  : 1 Startup
   -C:\Program Files\Canon\SolutionMenu\CNSLMAIN.EXE
=> Fine(Level 1) as  : 2 Startup
   -c:\program files\common files\Adobe\calibration\adobe gamma loader.exe
=> Fine(Level 2) as  : 1 Startup
   -c:\WINDOWS\system32\kyzcevxp.dll
=> Fine(Level 2) as  : 1 Startup
   -c:\program files\Ask.com\updatetask.exe

Running Processes :
=> N/A
=> N/A
=> C:\WINDOWS\system32\smss.exe
=> C:\WINDOWS\system32\csrss.exe
=> C:\WINDOWS\system32\winlogon.exe
=> C:\WINDOWS\system32\services.exe
=> C:\WINDOWS\system32\lsass.exe
=> C:\WINDOWS\system32\svchost.exe
=> C:\WINDOWS\system32\svchost.exe
=> C:\WINDOWS\system32\svchost.exe
=> C:\WINDOWS\system32\svchost.exe
=> C:\WINDOWS\system32\svchost.exe
=> C:\WINDOWS\system32\spoolsv.exe
=> C:\Program Files\Avira\AntiVir Desktop\sched.exe
=> C:\WINDOWS\RTHDCPL.EXE
=> C:\Program Files\Synaptics\SynTP\SynTPStart.exe
=> C:\WINDOWS\BisonCam\BisonHK.exe
=> C:\WINDOWS\system32\rundll32.exe
=> C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
=> C:\Program Files\Smadav\SMΔRTP.exe
=> C:\Program Files\USB Disk Security\USBGuard.exe
=> C:\Program Files\USB Disk Security\USBGuard.exe
=> C:\WINDOWS\system32\ctfmon.exe
=> C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
=> C:\Program Files\Internet Download Manager\IDMan.exe
=> C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
=> C:\Documents and Settings\user\ziowih.exe
=> C:\Program Files\HotKey_Driver\HotKeyDriver.exe
=> C:\WINDOWS\system32\wbem\wmiprvse.exe
=> C:\WINDOWS\system32\sistray.exe
=> C:\WINDOWS\system32\wbem\unsecapp.exe
=> C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
=> C:\Program Files\Avira\AntiVir Desktop\avguard.exe
=> C:\Program Files\Bonjour\mDNSResponder.exe
=> C:\WINDOWS\system32\svchost.exe
=> C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
=> C:\Documents and Settings\All Users\Application Data\DatacardService\HWDeviceService.exe
=> C:\Program Files\Canon\IJPLM\ijplmsvc.exe
=> C:\Program Files\Java\jre6\bin\jqs.exe
=> C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
=> C:\Documents and Settings\All Users\Application Data\Mobile Partner\OnlineUpdate\ouc.exe
=> C:\WINDOWS\system32\svchost.exe
=> C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
=> C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
=> C:\WINDOWS\system32\svchost.exe
=> C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
=> C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
=> C:\WINDOWS\system32\alg.exe
=> C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
=> C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
=> C:\WINDOWS\system32\ping.exe
=> C:\Program Files\Mobile Partner\Mobile Partner.exe
=> C:\Program Files\Mozilla Firefox\firefox.exe
=> C:\WINDOWS\explorer.exe
=> C:\WINDOWS\system32\taskmgr.exe
=> C:\Program Files\Mozilla Firefox\plugin-container.exe
=> C:\Program Files\Smadav\SMΔRTP.exe

Detected Virus :
=> New Heur.FFD(FakeDir)
   -Infected File
   -J:\.demovideo.exe

Hidden Files/Folders
=> J:\.demovideo
   -Folder, Hidden, System

Offline ichwan555

  • Pro3
  • **
  • Tulisan: 5
  • Reputation: 40
    • Lihat Profil
Re: TOLONG ANE VIRUS NEW HEUR.ffd (FAKEDIR)
« Jawab #1 pada: April 15, 2012, 11:11:45 AM »
Tambahan

Offline ichwan555

  • Pro3
  • **
  • Tulisan: 5
  • Reputation: 40
    • Lihat Profil
Re: TOLONG ANE VIRUS NEW HEUR.ffd (FAKEDIR)
« Jawab #2 pada: April 15, 2012, 11:14:49 AM »
MAaf Kalo misal dopost , ane bener lagi kebingungan.  :'( :'( :'(

Agan TOLONG ANE !!! help help , FLASH DISK ane kena virus New Heur.FFD (FakeDir). Setiap colokin FLASHDISK ke detect trus sma SMADAV trus udah ane delete tetep aja muncul pas ane colokin ke kompi....
Trus setiap folder/file yang ane paste ke flash disk. File/folder ane pasti ngilang dan digantiin sma ini virus dengan nama file yang ane copyditambah .exe (Misal ane paste folder smadav. pasti ntar file aslinya ngilang dan folder berubah menjadi smadav.exe)  Shocked Shocked Shocked
Gimana cara menghilangkannya, Mohon pencerahan Huh?  Huh? Huh?       help help help

Offline Uko_Corleone

  • Pro500
  • ******
  • Tulisan: 1.850
  • Reputation: 65409
  • Jenis kelamin: Pria
    • Lihat Profil
Re: TOLONG ANE VIRUS NEW HEUR.ffd (FAKEDIR)
« Jawab #3 pada: April 15, 2012, 04:19:04 PM »
emang virusnya dapet dari mana?

Offline MAbdanMulia

  • Pro100
  • ****
  • Tulisan: 104
  • Reputation: 505
  • Jenis kelamin: Pria
    • Lihat Profil
Re: TOLONG ANE VIRUS NEW HEUR.ffd (FAKEDIR)
« Jawab #4 pada: April 15, 2012, 10:04:00 PM »
boleh minta tolong uploadkan sample" virusnya kah ?   :-\

Offline M. Ridzky

  • Forum Developer
  • Pro200
  • ***
  • Tulisan: 214
  • Reputation: 23460
  • Jenis kelamin: Pria
    • Lihat Profil
Re: TOLONG ANE VIRUS NEW HEUR.ffd (FAKEDIR)
« Jawab #5 pada: April 16, 2012, 02:26:47 AM »

Coba ikutin cara berikut

Buka SMADAV, kemudian klik TAB Tools > One Virus By User, di situ akan terlihat file virus yg mencurigakan, seperti ikon folder, ikon video (namanya acak), klo udh ketemu kemudian klik kanan pilih Add As Virus. Lihat contohnya seperti gambar dibawah ini. (Ini cuma contoh dari kasus virus yg berbeda)


Kemudian menuju ke TAB Scanner  pilih Full Scan.  Jika sudah tinggal klik tombol SCAN >>


Tunggu sampe proses selesai, klo virusnya ada biasanya langsung terdeteksi..

Klo ada virus yg belum terdeteksi oleh Smadav, gunakan Fitur One Virus By User  :-bd

jgn lupa kunjungin Portal Informasi Virus dan pembersihanya menggunakan smadav berikut : http://www.viruslokal.com

Offline ichwan555

  • Pro3
  • **
  • Tulisan: 5
  • Reputation: 40
    • Lihat Profil
Re: TOLONG ANE VIRUS NEW HEUR.ffd (FAKEDIR)
« Jawab #6 pada: April 17, 2012, 05:01:49 AM »
@GreyHat-EliteHacker : Mungkin dapet dari warnet, tapi anehnya flashdisk yang pertama kedetect, Trus gak taunya microsd yang ada di modem juga kena padahal gak sya pake diwarnet dan belum bersentuhan dengan flashdisk yang terkena virus..  :'( :'(
@abdanmulia : Upload kemana gan, ane masih belum kelar ngurusin nie virus.... sedih ==> mohon bantuan

@ M. Ridzky : sya coba dulu ya gan.... makasih infonya..  :-bd :-bd   

Offline Muhibbudin

  • Pro1
  • *
  • Tulisan: 1
  • Reputation: 31
    • Lihat Profil
Re: TOLONG ANE VIRUS NEW HEUR.ffd (FAKEDIR)
« Jawab #7 pada: Juni 23, 2013, 11:03:09 AM »
Bang tolong ane,, :'( :'( :'(
ane dapet virus yang lumayan mengganggu namanya NEW HEUR .FFD (LINK),,,
setiap ane masukin removable disk selalu diubah ama tuh virus datanya jadi ngelink/ shortcut ke flashdisk asli, ya jadinya kalo MMC jadi ga keDETECT ama HP... :-\
Mau cari caranya d.Google tapi ga ada cuma ada NEW HEUR .FDD (Hidden-root) sama temen"nya (kecuali new heur .ffd (link))....
Minta jawabanya gan.. 8)

Offline Demetrios Manella

  • Pro100
  • ****
  • Tulisan: 116
  • Reputation: 147
  • Jenis kelamin: Pria
  • Mau istirahat dulu jadi programmer :)
    • Lihat Profil
    • Demetrios Manella
Re: TOLONG ANE VIRUS NEW HEUR.ffd (FAKEDIR)
« Jawab #8 pada: Juni 23, 2013, 01:04:55 PM »
Wih,, kayaknya seru tuh... Minta donk.... :D
Follow me on Twitter: @theSyahputera7
Visit my blog: http://dsyahputera7.mywapblog.com

Offline matkomputer76

  • Pro1
  • *
  • Tulisan: 2
  • Reputation: 32
    • Lihat Profil
How to remove VIRUS NEW HEUR.ffd (FAKEDIR) -Answer
« Jawab #9 pada: Oktober 17, 2013, 07:24:09 PM »
 Remove New Heur Virus
1. Open new notepad

2. Type

@echo off
echo press any key
echo. & pause
del /f /s /q \*.pif
del /f /s /q \autorun.ini
del /f /s /q %systemdrive%\*.tmp
del /f /s /q %systemdrive%\*._mp
del /f /s /q %systemdrive%\*.log
del /f /s /q %systemdrive%\*.gid
del /f /s /q %systemdrive%\*.chk
del /f /s /q %systemdrive%\*.old
del /f /s /q %systemdrive%\recycled\*.*
del /f /s /q %systemdrive%\Thumbs.dbrem —————————In this part just need one excecute
del /f /s /q %windir%\system.ini
del /f /s /q %windir%\ODBCINST.INI
del /f /s /q %windir%\msdfmap.ini
del /f /s /q %windir%\desktop.ini
del /f /s /q %windir%\control.ini
del /f /s /q %windir%\clock.avi
del /f /s /q %windir%\bootstat.dat
rem ——————————-limit delete command
del /f /s /q %windir%\_default
del /f /s /q %windir%\*.bmp
del /f /s /q %windir%\*.txt
del /f /s /q %windir%\*.bak
del /f /s /q %windir%\prefetch\*.*
rd /s /q %windir%\temp & md %windir%\temp

del /f /q %userprofile%\cookies\*.*
del /f /q %userprofile%\recent\*.*
del /f /s /q “%userprofile%\Local Settings\Temporary Internet Files\*.*”
del /f /s /q “%userprofile%\Local Settings\Temp\*.*”
del /f /s /q “%userprofile%\recent\*.*”
echo your computer now clean from virus
echo. & pause


3 Save as fix.bat

4. Open data in drive that you want to fix (if Drive c and you open it in drive c)

5. And finish
Posted by matkomputer76 at 08:22 PM