e-JutawanCyber.net Join Jer Terus Dapat Cek

Thursday, August 16, 2007

Malware> JambanMu.com, MacroMedia.10.exe, Flash.10.exe [Removal Guide]

Here i bring some solution to remove these little fukie dukie.. this fukie also fucked my laptop down.. anyway this virus called Malware special made from Malaysia.. Gud job! now most anti-virus crawler recognize Malaysian expertise huhu~

Solution:

  1. Use HijackThis to scan and then remove the entries that contain Flash.10.exe, JambaMu.com, MSN.msn

  2. Enable Folder Options that disabled by the malware:
    Go to Run -> Type gpedit.msc -> Expand "User Configuration" -> Expand "Administrative Templates" -> Expand "Windows Components" -> Select "Windows Explorer" -> Double click "Removes the Folder Options menu item from the Tools menu" in the right panel -> Select Disabled

  3. Folder Options should be appeared now, go to Folder Options -> Select "show hidden files and folders" & uncheck "hide protected operating system files"

  4. Go to C:\Windows\System32, delete Flash.10.exe, JambanMu.com, regedit.com, cmd.com, msconfig.com, ping.com, dxdiag.com

  5. Delete My Secret.fold in My Documents, New Song.lagu & New Video.vidz in My Music, aweks.pikz & seram.pikz in My Pictures

  6. Delete C:\Program Files\Common Files\Microsoft Shared\DAO\MSN.msn

  7. Delete C:\Program Files\Common Files\Microsoft Shared\Macromedia.10.exe


  8. - If you cannot delete the files and get messages like "cannot read from the source disk" or others that similar, probably your antivirus has blocked the access to these files, that's why you cannot move, delete or rename the files. Disable your antivirus and try again.

    *regedit.exe and cmd.exe actually stay intact, it just disabled by the malware.
  9. Enable regedit that disabled by the malware:
    Go to Run -> Type gpedit.msc -> Expand "User Configuration" -> Expand "Administrative Templates" -> Select "System" -> Double click "Prevent access to registry editing tools" in the right panel -> Select Disabled

  10. Enable command prompt(cmd) that disabled by the malware:
    Go to Run -> Type gpedit.msc -> Expand "User Configuration" -> Expand "Administrative Templates" -> Select "System" -> Double click "Prevent access to the command prompt" in the right panel -> Select Disabled
If you guys have any question just leave comment here or IM me..


ShiTTalk Today! - I gotta format my baby becoz of these fukie dukie <> shittt~~~

No comments: