Ramnit :
Viruses that inject file. Html,. Exe and. Etc.The
virus is transmitted through a removable disk (UFD) by way of copying
files. Cpl and. Exe is always growing and changing namanya.Yang exact
file is located in the Recycler folder. and the fourth copy of the
shortcut file that will run the file *. Cpl infektor recycler folder contained in the UFD.When
the virus has to infect a computer system, the virus will create and
run the svchost.exe file that will do various things: a. create a file named: watermark.exe located in the folder: C: \ programfiles \ mikrosoft \ watermark.exe. b. becoming
run userinit.exe registry change: watermark.exe, so that the virus has
mastered the system permanently, by infecting files ending in. exe,. dll and. htmlIf the properties, UFD will look much used by the file. Cpl and. Exe in the folder recycler.
The effect:
Ramnit virus will create a program does not run normally, for example: mozilla firefox, winamp, etc.we
can not remove the existing file watermark.exe difolder c: \
programfiles \ microsoft \ watermark.exe, because the file is locked by
svchost.exe file its ramnit virus.
when we delete files / folders that are in the UFD recycler folder, file. cpl and. exe will come back .. and continued to write back.
for a particular file system is infected . wherewith for example: explorer.exe will be replaced explorermgr.exewhen
we clean the virus is not complete (there are not cleared), this virus
will come back when we run the application (eg: right click).
To clean:
Prepare
Anti Virus cleaner (I use NOD32 stand alone) by> download here
<and save it in a zip file / RAR to exe file is not infected.Save the file on the UFD, or copy and paste on an infected computer's hard drive.Use
task manager, select the task / processes tab and end task all the
svchost.exe file and also all that can end task (except for: task
manager)
Open
file cleaner that has been shaped NOD32 zip / RAR, using the file open
in the task manager. change choice program in order to open the file
into allfiles file zip / rar of NOD32 can be seen.after teropen NOD32 with winrar or other application . please
double click the file Nod *. exe after the next. next action, select
the left and right side select Clean delete. Then run Scan & clean after walking close / close winrar / application made to open NOD32 zip / RAR.
Please
be supervised by the task manager when the svchost.exe file in / out
processes appear in the task immediately at the end. and as usual when
there is no display windows warning that the computer will shutdown in
60 seconds / 1 minute. Please type in the file menu open / run: shutdown-a-a meaning that is the shutdown command to cancel the action.
Warning!! ,
While NOD 32 clean file on your computer, not to open / run any file.
because it let alone run the exe file, right-click aja we are meant to
run a virus / her svchost.exe Virus Ramnit.
Remember we need turn off / end task svchost.exe file for NOD32 clean the file on your computer .
Tidak ada komentar:
Posting Komentar