(it)gossips     Twitter     Advertise     Squidoo     Subscribe for FREE newsletter

Cleaning manual virus (”Pendekar Blank”)

February 24th, 2008 by | Filed under Uncategorized.

Cleaning manual virus (”Pendekar Blank”)
By Heddy a.k.a cambah @ deskofdesign.co.cc

Tutorial for cleaning Pendekar Blank Virus

1. You must have ProceXP and run it, You can download @ http://www.sysinternals.com/

2. Click @ Right and choice suspend @ blank.doc ,empty.jpg ,hole.zip,unoccupied.reg ,zero.txt

3. Next go to controlpanel ==> folder options, choice Tab View and @ advanced settings:
choice Show Hidden files and folder
Unmark Hide extensions for known file types
Unmark Hide protected operating system files (Recommended)

4. Search and delete file contain of the virus :
c:\aut0exec.bat
c:\windows\system32\dllcache\Regedit32.com
c:\windows\system32\dllcache\Shell32.com
c:\windows\system32\dllcache\rund1132.exe
c:\windows\system32\dllchache.exe
c:\windows\system32\M5VBVM60.exe
c:\(Read Me)Pendekar Blank.txt
c:\windows\system32\dllchache\blank.doc
c:\windows\system32\dllchache\empty.jpg
c:\windows\system32\dllchache\hole.zip
c:\windows\system32\dllchache\msvbvm60.dll
c:\windows\system32\dllchache\unoccupied.reg
c:\windows\system32\dllchache\zero.txt
c:\windows\system32.exe

5. Clean and Repair registry
Delete HKEY_CURRENT_USER, Software\Microsoft\Windows\CurrentVersion\Run, Secure32
Delete HKEY_CURRENT_USER, Software\Microsoft\Windows\CurrentVersion\Run, Secure64
Delete HKEY_LOCALMACHINE, Software\Microsoft\Windows\CurrentVersion\Run, Blank Antiviri
CHANGE & MODIFY @ HKCR, comfile\shell\open\command,,,”””%1″” %*”
CHANGE & MODIFY @ HKLM, SYSTEM\ControlSet001\Control\SafeBoot, AlternateShell,0, “cmd.exe”
CHANGE & MODIFY @ HKLM, SYSTEM\CurrentControlSet\Control\SafeBoot, AlternateShell,0, “cmd.exe”
CHANGE & MODIFY @ HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, Userinit,0, “C:\Windows\system32\userinit.exe,”
CHANGE & MODIFY @ HKCU, Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced, ShowSuperHidden,0×00010001,1
CHANGE & MODIFY @ HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, Userinit.,0, “userinit.exe”

6. Restart yout computer

7. Enjoy

Related Posts


[Read the rest on (it)gossips network: heddy]

Subscribe to Our FREE Newsletter Now:

Enter your email address:

« Video Download : Installing Backtrack live CD to Hardisk Video tutorial
Cleaning Virus “Sality.S” »

Viewing 2 Comments

 

Trackbacks

(Trackback URL)

close Reblog this comment
Powered by Disqus · Learn more
blog comments powered by Disqus Some people come to this post with this search term: pendekar blank, (Read Me)Pendekar Blank, hole.zip virus, virus pendekar blank, pendekar blank virus, pendekar blank remover, remove pendekar blank, Unoccupied.reg, pendekar virus, hole.zip zero.txt, blank.doc virus, Pendekar blank removal, Empty.jpg virus removal, hole.zip, remove blank.doc, how to remove blank.doc, virus pendekar, empty.jpg zero.txt blank.doc virus, zero.txt hole.zip , hole.zip zero.txt blank.doc empty.jpg , blank.doc hole.zip, virus Empty.jpg, remover pendekar blank , blank.doc, hole.zip, zero.txt virus, "empty.jpg"+"hole.zip"+"blank.doc"+"Zero.txt"+"unoccupied.reg", empty.jpg virus, empty.jpg, how to remove blank.doc virus, how to remove viruses hole.zip,zero.txt,blank.doc,empty.jpg, hole.zip unoccupied.reg blank.doc, (Read Me)Pendekar Blank.txt, how to remove Zero.txt, unoccupied.reg virus removal tool, virus blank, virus zero.txt, hole.zip empty.jpg, virus blank.doc, how to remove virus blank.doc, zero.txt blank.doc, hole.zip virus fix, zero.txt, blank.doc zero.txt, zero.txt removal, hole.zip virus removal tool, blank.doc, How to remove unoccupied.reg, how to remove hole.zip, how to remove Hole.zip virus, (Read Me)Pendekar.Blank. txt,