First topic message reminder :
Sejak akhir-akhir ini, virus baru yang diketahui telah menggunakan Internet Explorer sebagai mangsanya dengan meninggalkan kesan Hacked by IIC Team dan sebagainya
korang boleh ikuti langkah berikut.
TERBUKTI DAN BERJAYA
1.Double Click on My Computer icon on Desktop and select Tools --> Folder Options
2.When Folder Options click at View[b] tab
- check at [b]Show Hidden files and folders
- unchuck the Hide extention… and Hide protected operating system file
- click OK
3.Press Ctrl+Alt+Delete. The Windows Task Manager will display. Click at Processes tab
- Click menu Image Name (to sort Files)
- Select wscript.exe (one by one)
- Click End Process button
4.Open drive (By right click and select Explore. Must not Double Click !) Delete autorun.inf and MS32DLL.dll.vbs (or other file that have extantion .vbs (Press Shift+Delete) in all drives include Handy Drive and Floppy disk.
5.Open folder C:\WINDOWS to delete MS32DLL.dll.vbs (or other file that have extantion .vbs inside (press Shift+Delete)
6.Go to Start --> Run and enter regedit click OK. Registry Edit dialog will display.
6.Select HKEY_LOCAL_MACHINE --> Software --> Microsoft --> Windows --> Current Version --> Run to delete MS32DLL (or the file that have same name with above) (press Delete key on keyboard)
7.Select HKEY_CURRENT_USER --> Software --> Microsoft --> Internet Explorer --> Main to delete Window Title “Hacked by Godzilla” (or anything else) (press Delete key on keyboard)
8.Click Start --> Run and enter gpedit.msc click OK. Group Policy dialog will display.
9.Select User Configuration --> Administrative Templates --> System --> Double Click on file Turn Off Autoplay then Turn Off Autoplay Properties will display
- Select Enabled
- Select All drives
- Click OK
To prevent auto open when we insert CD or plug the Handy Drive that is the way virus infect.
10.Click Start --> Run and enter msconfig Click OK. The System Configuration Utility dialog will display
- Click Startup tab
- Uncheck MS32DLL (p/s:if it didn't have this file, leave it)
- Click Apply
- Click OK (or Close)
When the System Configuration dialog display select Exit Without Restart
11.Double Click on icon My Computer on Desktop. Then select Tools --> Folder Options
12.On Folder Options dialoq select View tab
- Check at Hide extention… and Hide protected operating system file
- Click OK
13.Right Click at Recycle bin. Then select Empty Recycle Bin to make sure the virus is deleted.