penanganan virus deadlock versi inggris

Posted: September 6, 2009 in informasi

Deadlock considered vicious virus. If your computer is already infected, be ready on 12 and 13 all the data you will be destroyed, either in hard drives, USB disk and Windows O/S so it displaying missing NTLDR message.
However, if you are already a victim, never re-install the OS to your hard drive that contain lost data. Perform important data recovery process by using data recovery application, and, of course, correct method.
Because, if you reinstall the OS to the hard drive that contains the data you want recovered, the possibility of success of recovery will be very low.
However, this virus can also be treated manually. Follow 6 short steps below:

1. Disable [System Restore] during the cleaning process.

2. Turn off active virus in memory, using tools such as Task Manager ‘Process Explorer’, and then turn off the process named mysql.exe and apache.exe. Please download these tools on the following url: http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx

3. In order to block this virus not to be active again, file can not be executed in order to register with the Software Restriction Policies. This feature only exists on the computer with the operating system Windows XP Professional/Windows Server 2003/Windows Vista and Windows Server 2008.

How:
-. Start – Run and then type the command SECPOL.MSC click [OK]
-. Screen appears after the Local Security Settings, right-click on Software Restriction Policies menu and click Create New Policies
-. In the Software Restriction Policies menu, click Additional Rules
-. Right-click on Additional Rules and select New Hash Rule, and the display will show New Hash Rule
-. In the hash file click the Browse button and navigate to the directory [C:\Windows\system32\apache.exe] and click the button [Open]
-. Security in the level select [Disallowed]
-. In the description column should be filled or emptied only
-. Click [Apply] and [Ok]

Note: If your computer is not installed Windows XP Professional/2003 Server/Vista/2008 skip this step.

4. Delete string registry which is modified by the virus. To speed up the process, copy script below on the notepad program and save it with the name repair.inf then run the file in the following manner:

-. Right-click file repair.inf
-. Click [Install]

[Version]
Signature = “$Chicago$”
Provider = Vaksincom
[DefaultInstall]
AddReg = UnhookRegKey
DelReg = del
[UnhookRegKey]

Tinggalkan Balasan

Isikan data di bawah atau klik salah satu ikon untuk log in:

Logo WordPress.com

You are commenting using your WordPress.com account. Logout / Ubah )

Gambar Twitter

You are commenting using your Twitter account. Logout / Ubah )

Foto Facebook

You are commenting using your Facebook account. Logout / Ubah )

Foto Google+

You are commenting using your Google+ account. Logout / Ubah )

Connecting to %s