Tuesday, May 29, 2012

Mengatasi Virus Yang Menyerang File Exe

Buat teman - teman tentunya tau beberapa virus yang menyerang file – file yang ada didalam computer atau dilam PC kita. Biasanya virus tersebut menyerang langsung ke file exe, file exe ini merupakan file yang digunakan untuk membuka suatu aplikasi yang ada dalam perangkat lunak. Jadi apabila file exe yang terdapat pada perangkat lunak tersebut terkena virus maka perangkat lunak tersebut tidak bisa dibuka dan harus mengestrak ulang atau menginstal ulang kembali perangkat lunak yang akan dibuka. Nah dari kejadian tersebut, saya punya tips ni bagaimana cara membuat antivirus untuk mengatasi virus yang sering menyerang file – file exe dengan menggunakan notepad.
 
Langkah – langkahnya :
  • Buka Notepad kemudian silahkan copy kode dibawah ini dan paste di Notepad
[Version]
Signature=”$Chicago$”
Provider=Vaksincom
[DefaultInstall]
AddReg=UnhookRegKey
DelReg=del
[UnhookRegKey]
HKLM, Software\CLASSES\batfile\shell\open\command,,,”"”%1″” %*”
HKLM, Software\CLASSES\comfile\shell\open\command,,,”"”%1″” %*”
HKLM, Software\CLASSES\exefile\shell\open\command,,,”"”%1″” %*”
HKLM, Software\CLASSES\piffile\shell\open\command,,,”"”%1″” %*”
HKLM, Software\CLASSES\regfile\shell\open\command,,,”regedit.exe “%1″”
HKLM, Software\CLASSES\scrfile\shell\open\command,,,”"”%1″” %*”
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, Shell,0, “Explorer.exe”
HKLM, SYSTEM\ControlSet001\Control\SafeBoot, AlternateShell,0, “cmd.exe”
HKLM, SYSTEM\ControlSet002\Control\SafeBoot, AlternateShell,0, “cmd.exe”
HKLM, SYSTEM\CurrentControlSet\Control\SafeBoot, AlternateShell,0, “cmd.exe”
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden, UncheckedValue,0×00010001,1
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, userinit,0, C:\WINDOWS\System32\userinit.exe ,
[del]
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System,DisableRegistryTools
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\Explorer,NoFolderOptions
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\WinOldApp
HKCU, Software\Microsoft\Windows\CurrentVersion\Run,T1702521TT4
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Run,T70Z516
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Msconfig.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedit.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cmd.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe
HKCU, Software\VB and VBA Program Settings 
  • Setelah kode di atas sudah di paste di Notepad, lalu save as dalam bentuk format *.inf misalnya (antivirus.inf).
  • Setelah selesai di Save, Kemudian buka notepad baru sekali lagi dan paste kode dibawah ini kedalamnya seperti langkah sebelumnya.
Signature=”$Chicago$”
Provider=Babenya Galak
[DefaultInstall]
AddReg=UnhookRegKey
DelReg=del
[UnhookRegKey]
HKLM, Software\CLASSES\batfile\shell\open\command,,,”"”%1″” %*”
HKLM, Software\CLASSES\comfile\shell\open\command,,,”"”%1″” %*”
HKLM, Software\CLASSES\exefile\shell\open\command,,,”"”%1″” %*”
HKLM, Software\CLASSES\piffile\shell\open\command,,,”"”%1″” %*”
HKLM, Software\CLASSES\regfile\shell\open\command,,,”regedit.exe “%1″”
HKLM, Software\CLASSES\scrfile\shell\open\command,,,”"”%1″” %*”
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, Shell,0, “Explorer.exe”
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder, Bitmap,0, “C:\WINDOWS\SYSTEM32\SHELL32.DLL,4″
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder, Text,0, “@shell32.dll,-30498″
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\ClassicViewState, text,0, “@shell32.dll,-30506″
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\ControlPanelInMyComputer, text,0, “@shell32.dll,-30497″
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\DesktopProcess, text,0, “@shell32.dll,-30507″
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\DisableThumbCache, text,0, “@shell32.dll,-30517″
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\FolderSizeTip, text,0, “@shell32.dll,-30514″
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\FriendlyTree, text,0, “@shell32.dll,-30511″
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden, Bitmap,0, “%SystemRoot%\system32\SHELL32.dll,4″
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden, text,0, “@shell32.dll,-30499″
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL, text,0, “@shell32.dll,-30499″
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN, text,0, “@shell32.dll,-30501″
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL, CheckedValue,0×00010001,1
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL, DefaultValue,0×00010001,2
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\HideFileExt, text,0,”@shell32.dll,-30503″
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\HideFileExt, type,0, “CheckBox”
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\NetCrawler, text,0, “@shell32.dll,-30509″
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\PersistBrowsers, text,0, “@shell32.dll,-30513″
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\ShowCompColor, text,0, “@shell32.dll,-30512″
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\ShowFullPath, text,0, “@shell32.dll,-30504″
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\ShowFullPathAddress, text,0, “@shell32.dll,-30505″
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\ShowInfoTip, text,0, “@shell32.dll,-30502″
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SimpleSharing, text,0, “@shell32.dll,-30518″
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden, text,0, “@shell32.dll,-30508″
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Thickets, Bitmap ,0, “C:\WINDOWS\system32\SHELL32.DLL,4″
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Thickets\AUTO, text,0, “Show and manage the pair as a single file”
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Thickets\NOHIDE, text,0, “Show both parts but manage as a single file”
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Thickets\NONE, text,0, “Show both parts and manage them individually”
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\WebViewBarricade, text,0, “@shell32.dll,-30510″
[del]
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System,DisableRegistriTools
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System,DisableCMD
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System,DisableTaskMgr
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\Explorer,NoFolderOptions
HKCU, Software\Microsoft\Windows\CurrentVersion\Run, Intelprc
HKCU, Software\Microsoft\Windows\CurrentVersion\Run, Network
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Run, SystemWindows
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system, legalnoticecaption
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system,legalnoticetext 
  • Save As dalam bentuk *.inf misalnya antivirus2.inf
  • Apabila proses diatas telah selesai, anda akan mendapatkan dua icon yang akan digunakan untuk membunuh virus yang nyerang aplikasi exe. 
  • Untuk menjalankan dua icon tersebut silahkan anda ikuti cara dibawah ini !

Cara kerja adalah:
1. Klik kanan pada ikon yang berextensi *.inf
2. Cari Install dengan klik kanan pada icon ekstensi *.inf
3. Klik Install
4. Lakukan keduanya (File tadi)
5. Selamat mencoba
tanda tangan

Ditulis Oleh : Coretan BoWo ~ Tips dan Trik Blogspot

Christian angkouw Sekarang ini anda sedang membaca artikel tentang Mengatasi Virus Yang Menyerang File Exe. Jika artikel ini bermanfaat untuk anda, anda diperbolehkan mengcopy paste atau menyebar luaskan artikel ini. Namun diharapkan anda jangan sampai lupa untuk meletakkan link dibawah ini sebagai sumbernya.

:: Get this widget ! ::

0 komentar:

Phil Backlink Free PageRank Checker Add URL Suggest Link USA Backlinks Free Backlinks Service at USABacklinks.com! BritBlog Top Link Indo My Ping in TotalPing.com Free Auto Backlink Exchange Service Auto Backlink Florists Links ping.sg - the community meta blog for singapore bloggers TopBlogIndonesia.com