Thursday, May 23, 2013
How To Clean Ramnit Virus
Informasi HP - As explained in previous posts that this virus will inject files that have the extension EXE, DLL and HTM / HTML both program files and Windows file system. Therefore, cleaning should be done in DOS mode. To facilitate cleaning please use the Windows Live CD Mini PE (please search on the internet). Then download Dr.Web CureIt tools! in http://www.freedrweb.com/cureit/?lng=en and should be done on a computer that is not infected with the virus. For protect Tools Dr.Web CureIt! not infected, should be in ZIP and the password.
Following steps:
1. For cleaning can be done optimally, you should scan all the HDD including USB flash or external HDD, this is because the virus is akaan drop some files on a USB flash or external HDD.
2. Before doing the cleaning should block viral duplicate files by using the "Software Restriction Policies". This feature is only there on the operating system Windows XP Pro, Vista, 7, Server 2003 and Server 2008 in the following manner:
· Click the [Start]
· Click [Run]
· In the Run dialog box, type secpol.msc and then click the [OK]
· After the screen appears "Local Security Policy", right-click menu "Software Restriction Policies" and click "Create New Policies" or "New Software Restriction Policies" if using Windows Vista / 7
· Then right click on the "Additional Rules", then select "New Hash Rule ..."
· Then the screen will display "New Hash Rule." In the column "Hash Files", click the [Browse] and specify one of the viruses that have duplicate file icon "folder" with a size of 105 KB (example C:-Windows-Explorermgr.exe) and click the [Open]. In the "Security Level", select [Disallowed]. Then click the [OK]
3. Connect the USB flash and external HDD to the computer.
4. Use the Web Dr. Live CD to eradicate this virus completely. Please download the software at http://www.freedrweb.com/livecd/?lng=en address you are advised to always download Dr Web Live new CD every time you want to use to clean up and eradicate the virus. If you use the DR Web Live CD a long time, then the virus definitions contained in the CD will follow the last time you download Dr Web Live CD. Another alternative is that you use antivirus software Dr. Web Pay is distributed by virusICU http://www.virusICU.com.
a. After the software is successfully downloaded Dr.Web LiveCD, burn into CD / DVD
b. Connect the USB flash and external HDD to the computer
c. Booting the computer through a CD / DVD ROM
d. Then the screen will display "Welcome to Dr.Web LiveCD"
e. Select "Dr.Web LiveCD (Default)" and then press the "Enter" on your keyboard
f. Wait a few moments to appear Dr.Web LiveCD interface that will display the application "Dr.Web Scanner" automatically. Dr.Web Scanner is working to examine your computer from viruses.
g. To scan the HDD, the screen "Dr.Web Scanner" select a location that will drive in check and make sure you check list option "Scan subdirectories" for Dr.Web can conduct examination on the directories and subdirectories for optimal cleaning. If the screen does not appear Dr.Web Scanner double-click the icon "Dr.Web Scanner" contained on the Desktop.
h. Then click the [Start] to begin the process of examination (scan)
i. Wait a while until the scan is completed. If you find any viruses, Dr.Web will inform the infected file and the type of virus that infects the virus information is available column.
j. Click the [Select All] to select all the objects / files to be Cleaned or you can specify which files would you clean it with a check list on the options available
k. then click the [Cure] to clean up files that have been infected with a virus
l. Wait until the cleaning process is completed. Scan the computer to ensure clean your computer from viruses n. Restart the computer.
Following steps:
1. For cleaning can be done optimally, you should scan all the HDD including USB flash or external HDD, this is because the virus is akaan drop some files on a USB flash or external HDD.
2. Before doing the cleaning should block viral duplicate files by using the "Software Restriction Policies". This feature is only there on the operating system Windows XP Pro, Vista, 7, Server 2003 and Server 2008 in the following manner:
· Click the [Start]
· Click [Run]
· In the Run dialog box, type secpol.msc and then click the [OK]
· After the screen appears "Local Security Policy", right-click menu "Software Restriction Policies" and click "Create New Policies" or "New Software Restriction Policies" if using Windows Vista / 7
· Then right click on the "Additional Rules", then select "New Hash Rule ..."
· Then the screen will display "New Hash Rule." In the column "Hash Files", click the [Browse] and specify one of the viruses that have duplicate file icon "folder" with a size of 105 KB (example C:-Windows-Explorermgr.exe) and click the [Open]. In the "Security Level", select [Disallowed]. Then click the [OK]
3. Connect the USB flash and external HDD to the computer.
4. Use the Web Dr. Live CD to eradicate this virus completely. Please download the software at http://www.freedrweb.com/livecd/?lng=en address you are advised to always download Dr Web Live new CD every time you want to use to clean up and eradicate the virus. If you use the DR Web Live CD a long time, then the virus definitions contained in the CD will follow the last time you download Dr Web Live CD. Another alternative is that you use antivirus software Dr. Web Pay is distributed by virusICU http://www.virusICU.com.
a. After the software is successfully downloaded Dr.Web LiveCD, burn into CD / DVD
b. Connect the USB flash and external HDD to the computer
c. Booting the computer through a CD / DVD ROM
d. Then the screen will display "Welcome to Dr.Web LiveCD"
e. Select "Dr.Web LiveCD (Default)" and then press the "Enter" on your keyboard
f. Wait a few moments to appear Dr.Web LiveCD interface that will display the application "Dr.Web Scanner" automatically. Dr.Web Scanner is working to examine your computer from viruses.
g. To scan the HDD, the screen "Dr.Web Scanner" select a location that will drive in check and make sure you check list option "Scan subdirectories" for Dr.Web can conduct examination on the directories and subdirectories for optimal cleaning. If the screen does not appear Dr.Web Scanner double-click the icon "Dr.Web Scanner" contained on the Desktop.
h. Then click the [Start] to begin the process of examination (scan)
i. Wait a while until the scan is completed. If you find any viruses, Dr.Web will inform the infected file and the type of virus that infects the virus information is available column.
j. Click the [Select All] to select all the objects / files to be Cleaned or you can specify which files would you clean it with a check list on the options available
k. then click the [Cure] to clean up files that have been infected with a virus
l. Wait until the cleaning process is completed. Scan the computer to ensure clean your computer from viruses n. Restart the computer.