Folder.EXE Virus

It seems your computer is infected by "Brontok".

The steps I did are :
1. I boot my computer with the Bart PE. The XP
LiveCD made by Bart PEBuilder (http://www.nu2.nu/pebuilder).

2. In "Folder Options" "Show hidden files and folders" & Uncheck "Hide protected operating systmes files" all of the hidden files can be shown. "View Details" to see the hidden i manually delete folder.exe, autorun.inf.(be careful deleting files)

3. I boot the computer by the HDD and turned off the System
Restore.

4. Delete all the task in Schedule Task.

5. I remove all the entries in the Registry. (to unlock the registry, I
install the UnHookExec(right click this file and choose install), it
can be downloaded in www.symantec.com
This virus entries names like :
"kesenjangansosial","rakyatkelaparan","b…
just find these items in the registry.
examples : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wi…
HKEY_USERS\SOFTWARE\Microsoft\Windows\…

6. I install the Antivirus with the newest Definition Files.
7. I scan it.
8. Done.

0 comments:

Post a Comment