To Solve VirusMawar

UDM_StrikesBack or ViRusMaWar
What are the symptoms that shows your computer have been affected by UDM_StrikesBack or ViRusMaWar :
1) Task Manager have been disabled
2) Folder Option have been disabled
3) Regedit have been disabled
4) Search have been disabled
5) You can find UDM_StrikesBack.html in all your partition drive
6) Your Internet Explorer browser shows title "VirusMawar menguCapKan SelAmaT TaHun BaRu Cina, Terutama kpd WarGa UDM+++"
7) System properties, registered to : MawarKu

What you should do to remove this virus :
1) Go to Run then type cmd
2) Paste this line in command window
REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Pol icies\System /v DisableRegistryTools /t REG_DWORD /d 0 /f
3) Again, go to Run type regedit
4) In Registry editor find keyword "disabletaskmgr" then modify it to 0
5) in Registry editor find keyword "Mawar" then delete all (to many)
6) Open your Task Manager and stop all process with name "wscript.exe"
7) Search for keyword "nofolderoption" then modify it to 0
8) You also may found keyword "NoFind" there, do same thing as before, modify it to 0
9) type msconfig on run, click startup, uncheck startup item for MawarKu.
10) Open your Folder Option and in View tab, check for show hidden files and uncheck hide operating system files
11) Now you can delete the virus with name "ViRusMaWar3.js" which located in location such as "C:\WINDOWS\system32" , and all partition drive in your computer (ex partition c or e:).
12) You also need to delete files named "Autorun.inf" and UDM_StrikesBack.html file in every partition drive and removable drive that have been connected with your PC before.
13) Lastly restart your computer and remember to restore back your Folder Option to previous setting.

Comments

Post a Comment

Popular posts from this blog

How to Install ‘IPFire’ Free Firewall Linux Distribution

Image
How to Install ‘IPFire’ Free Firewall Linux Distribution IPFire  is one of the high-level flexible firewall with great features such as other firewall’s. IPFire will work as a firewall, VPN gateway, Proxy server, DHCP server, Time server, Caching name server, Wake-On-LAN, DDNS, Open VPN, Monitoring etc.. IPFire Firewall Installation Guide IPFire is released under GPL license and totally designed to use free. The developers keep the key things as security while the IPFire was build. Since IPFire will connect directly to the internet, due to this, there will be chances for hackers and threats to attack it. To avoid those threats and attacks  Pakfire package manager  helps administrators to keep the the packages database up-to-date in IPFire. Basically IPfire was build using a super kernel with various threat, attacks, detect and compromise features and have a rich Graphical interface to use. IPfire have the feature to use samba and vsftpd file services. IPFire supports V
Read more

Working with Columns on the Joomla Frontpage

Image
Working with Columns on the Joomla Frontpage Log into your Joomla 3.0 Admin dashboard In the top menu, click  Menus  and then click  Main Menu  (or the menu with a logo of a house to the right) In the list of Menu Items, find and  click on the menu item  that has a  yellow star  under the Home  column Click the  Advanced Options  tab at the top of the page Click to expand the  Blog Layout Options  section You'll want to pay attention to the following settings: # Intro Articles Number of articles to show after the leading article. Articles will be shown in columns. # Columns The number of columns in which to show Intro Articles. Normally 1, 2, or 3. For the columns setting, enter the number of columns that you want. Then, enter the number of articles that you want to show in columns. For example, if you have 3 columns and 4 intro articles, you'll end up having 2 rows of three columns, but two columns will be blank. When finished making changes, click the  save  button i
Read more

Installing Moodle on a Debian-based LAMP server

1. Get the Moodle code 1.a Install  Install the Moodle package from the command-line interface and follow the prompts: sudo apt-get install moodle 1.b Either by downloading the tar-archive The Moodle download site [6] runs a script which fetches archives from the mirrors of sourceforge.net [7] . The logic is that moodle-X.Y.Z.tgz means the point release X.Y.Z and moodle-latest-XY.tgz stands for the version X.Y.latest+ of branches still supported. See the examples below: # wget http://download.moodle.org/download.php/direct/stable16/moodle-1.6.9.tgz # wget http://download.moodle.org/download.php/direct/stable17/moodle-1.7.7.tgz # wget http://download.moodle.org/download.php/direct/stable18/moodle-1.8.14.tgz # wget http://download.moodle.org/download.php/direct/stable19/moodle-latest-19.tgz # wget http://download.moodle.org/download.php/direct/stable20/moodle-2.0.10.tgz # wget http://download.moodle.org/download.php/direct/stable21/moodle-2.1.10.tgz # wget http://downloa
Read more