sesiapa yang kena virus ni , kalu nak cari penawar dia.. boleh pm kat aku.. InsyAllah aku akan bantu apa yang mampu

kesan daripada serangan virus ini pada pc anda
1. CMD tak boleh buka
2. folder option akan hilang
3. Regedit tak boleh nak buka
4. task manager tidak berfungsi

geng mcm mn nk don lod anti bro nie.......

tiada takde nak download apa²pun... tapi ada cara untuk buat.. sebab dia ni serang bahagian registry ja.. banyak items dia bagi disable.. contohnya.. task manager dan folder option.. nama lain virus ni RVhost... dan dikategorikan sebagai warm!! kalu ko dah kena warm ni, pm aku nanti.. aku bagi tools dia ngan ko ,luis Garcia. ok?

ok.... bro... i tell u ... thkz ar....

banyak kali dah aku kena virus ni... janji korg paki latest Antivirus. update sellu... tpi bgi yg dah kena... byk dah cara remove virus ni. search jer kat google... melambak dorg bagi tips...

sedikit info ttg virus ni..

Name: Yahoo Messengger
Filename: RVHOST.exe
Fix RVHOST.exe errors: Try a Registry Scan
Command: C:\Windows\System32\RVHOST.exe
Description: Added by the W32/SillyFDC-G floppy disk and network worm.
File Location: %System%
Startup Type: This startup entry is started automatically from a Run, RunOnce, RunServices, or RunServicesOnce entry in the registry.

- scan pc ko gan mana2 antivirus spt kaspersky/AVG
- pas2 bleh jga try download portable AV made malaysia d data0.net atau guna hijackthis

- buka notepad & copy text d bawah & paste d notepad.

[b][color=orange]On Error Resume Next
Set shl = CreateObject("WScript.Shell")
Set fso = CreateObject("scripting.FileSystemObject")
shl.RegDelete "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools"
shl.RegDelete "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr"
shl.RegDelete
[/color][/b]
- [color=yellow]save file dgn nama "Enable.VBS" & change type to "all".[/color]

- run>regedit>
ikut arahan selanjutnya...

In the left panel, double-click the following:
[color=orange]HKEY_CURRENT_USER>Software>Microsoft>
Windows>CurrentVersion>Run
[/color]In the right panel, locate and delete the entry:
[color=orange]Yahoo Messengger = "%System%\RVHOST.exe"
[/color](Note: %System% is the Windows system folder, which is usually C:\Windows\System on Windows 98 and ME, C:\WINNT\System32 on Windows NT and 2000, and C:\Windows\System32 on Windows XP and Server 2003.)-->
Removing Other Entry from the Registry

Still in Registry Editor, in the left panel, double-click the following:
[color=orange]HKEY_CURRENT_USER>Software>Microsoft>Windows>
CurrentVersion>Policies>Explorer
In the right panel, locate and delete the entry:
NofolderOptions = "1"
Restoring Modified Entries from the Registry
[/color]
Still in Registry Editor, in the left panel, double-click the following:
[color=orange]HKEY_LOCAL_MACHINE>SOFTWARE>Microsoft>Windows NT>
CurrentVersion>Winlogon
In the right panel, locate the entry:
Shell = "Explorer.exe RVHOST.exe"
Right-click on the value name and choose Modify. Change the value data of this entry to:
Explorer.exe
[/color]In the right panel, double-click the following:
[color=orange]HKEY_LOCAL_MACHINE>SYSTEM>CurrentControlSet>
Services>Schedule
In the right panel, locate the entry:
NextAtJobId = "2"
Right-click on the value name and choose Modify. Change the value data of this entry to:
1
[/color]Close Registry Editor.
Deleting the Malware File(s)

Right-click Start then click Search... or Find..., depending on the version of Windows you are running.
In the Named input box, type:
[color=orange]AT1.JOB
[/color]In the Look In drop-down list, select My Computer, then press Enter.
Once located, select the file then press [color=orange]SHIFT+DELETE[/color].
Note: AT1.JOB is a Sheduled Task so you can find this in C:\WINDOWS


hrp dpt mmbantu...

memang info yg aku_pendiam bagi ni sangat berguna.. sebab aku pun guna teknik yg sama bila nak bersihkan virus ni...



p/s:cantik signature ko

guna jer lah penawar brontok, yg di buat oleh org johor nie, bagus lah juga, cuba klik pada link nie www.kaer-media.org
try lah