Step 7 eradicate virus' Conficker '

Jakarta - Virus' Conficker.DV 'using the distribution method that is different from preceding. With the powerful, the virus tries to access the network using a slit windows' Default Share '(ADMIN$ \ system32) with the administrator password.

In addition, 'Conficker.DV' also create a file on removable media such as flash, hard drive and card reader to save the file in the hidden root drive.

While the action preceding the same, that is trying mengexploitasi MS08-067 security slit or Windows, or Windows Server Service SVCHOST.exe. Many of the infected user does not activate because Automatic Updates feature and does not do windows patch MS08-067.

If you are like, see step 7 short of the virus analyst Adi Saputra Vaksincom to eradicate the virus' Conficker.DV 'received detikINET, Wednesday (28/1/2009):

1. Disconnect the computer that will be cleared from the network / Internet.
2. Turn off system restore (Windows XP / Vista).
3. Turn off the virus is active in the services. Use Norman's removal tool to clean the virus is active. If you do not have, can be downloaded at the site norman.
4. Delete service svchost.exe enter in a fake virus on the registry. You can search the registry manually.
5. Remove Task Schedule made by the virus. (C: \ WINDOWS \ Tasks)
6. Remove string registry created by the virus. To facilitate the registry can use the script below:

[Version]
Signature="$Chicago$"
Provider=Vaksincom Oyee

[DefaultInstall]
AddReg=UnhookRegKey
DelReg=del

[UnhookRegKey]
HKCU, Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced,
Hidden, 0x00000001,1
HKCU, Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced,
SuperHidden, 0x00000001,1
HKLM,
SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL,
CheckedValue, 0x00000001,1
HKLM, SYSTEM\CurrentControlSet\Services\BITS, Start, 0x00000002,2
HKLM, SYSTEM\CurrentControlSet\Services\ERSvc, Start, 0x00000002,2
HKLM, SYSTEM\CurrentControlSet\Services\wscsvc, Start, 0x00000002,2
HKLM, SYSTEM\CurrentControlSet\Services\wuauserv, Start, 0x00000002,2

[del]
HKCU, Software\Microsoft\Windows\CurrentVersion\Applets, dl
HKCU, Software\Microsoft\Windows\CurrentVersion\Applets, ds
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Applets, dl
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Applets, ds
HKLM, SYSTEM\CurrentControlSet\Services\Tcpip\Parameters, TcpNumConnections

Use notepad, then save with the name 'repair.inf', then 'Save As Type' to 'All Files' so that the error does not occur. Repair.inf run with the right-click and select install.

Meanwhile, for the active file on startup, you can mendisable through 'msconfig' or you can manually delete the string: 'HKLM, SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Run'

7. For cleaning the virus W32/Conficker.DV optimally and prevent re-infection, you should use antivirus and update the virus is able to detect and properly patch your computer with the official patch from Microsoft to prevent re-infection.

Employees stopped 5000 Microsoft 'interrogation in' People's Deputy indonesian

Jakarta - the removal will be done by Microsoft employees to the 5000 invite questions from representatives of the people. Is Charles Grassley, Senator from Iowa, is sending a letter to the Microsoft's plans.


"I fear Microsoft will retain foreign workers rather than citizens of the United States in implementing the same qualifications that plan," said Grassley cited detikINET from Reuters, Tuesday (27/1/2009).

But Microsoft has made the statement that there is no discrimination in the dismissal of the plan.

"We care about our employees at all, so we provide services and support in order to help all workers who are affected, whether they come from United States citizens or foreigners," a statement from the spokesperson for Microsoft.

On the other hand Grassley ask Steve Ballmer, CEO of Microsoft, to provide details concerning the number of employees who will be the ax and, among which is a native U.S. citizen. Grassley also ask the same data for the composition of employees of Microsoft post-firing

Fuel fight, 50 people died roast

Molo - a fuel spill from a truck that reversed immediately pounce huddle people who want to pick it up. As a result, at least 50 people died dikabarkan.

SAR team said, someone may not deliberately throw a cigarette butt into the oil spill. Nevertheless, the suspicion arises that is done intentionally by someone angry because the police when you want to be near the oil spill.

"I have been calculated more than 50 corpses in the vicinity of the truck upside down," said Police Commissioner Rift Valley Province, Hassan Noor Hassan, as quoted Reuters, Sunday (1/2/2009).

Hassan said 82 people also critically injured due to this event.

Eyewitness told, after the oil truck transporter upside near the center of Molo, Kenya, a number of motorcycle rider and the other down the road approaching the vehicle apes to menyerok a gasoline spill.

Not allegedly, in the middle of a dusk-ghostly ghostly suddenly fire trucks and steal a number of people who congregate.

"Two children fled to the home, taking some kapellmeister oil and gasoline to get a run. I have tried to stop, but they do not hear. They say every person to go there for free fuel," said a woman and the sorrow does not want his name is mentioned.

Source : detiknews.com