Tips Membuat Animated Text Warna Berjalan

Animated Text adalah suatu tampilan animasi tulisan per karakter dengan warna yang berjalan dari kiri kekanan dan sebaliknya layaknya seperti marque tapi kalau marque akan menganimsi suatu teks atau kalimat dan untuk sesi ini yang akan kita animasi adalah karakternya. Pasti anda merasa bingung akan penjelasan sayakan? padahal saya juga bingung sama penjelasan saya sendiri HeHeHe, Oke deh langsung aja penerapannya aja dari pada bingung bahas penjelasannya. Contohnya ada disini.


Langkah-langkahnya sbb :

1. Login ke blogger

2. Layout --> Edit HTML

3. Backup dahulu --> Download Full Template

4. Setelah itu Download File ini --> animasi text

5. Kemudian cari kode --> <HEAD>

6. Pastekan hasil download animasi_text dibawahnya --> <HEAD>

<HEAD>
.
.

.

kode script animasi_text

.

.

.

7. Selanjutnya cari kode --> <BODY> dan copy kode dibawah ini dibawahnya <BODY> :

<BODY>

<BODY onLoad="animate('animate', '#FFFFFF');">

<SCRIPT language="JavaScript">

animate('animate', '#FFFFFF');

</SCRIPT>

8. Kemudian gimana penerapannya dalam tulisan animasi? Begini setiap tulisan yang akan di animasi kita beri tanda <span id="animate">.....</span>

contoh : Tanpa animasi..... <SPAN ID="animate">penggunaan teks animasi</SPAN> .....lanjutan yang tidak dianimasi

Maka hasilnya akan seperti contoh diatas.

9. Lihat dahulu hasilnya, kalau jalan --> save template.

n/b : Apabila tidak mau repot, untuk penerapan langsung; langkah nomer 4 dan nomer 7 bisa langsung digabung, kemudian tuangkan ke dalam artikel atau HTML/Javascript.

Tips For Simple Disable Right Click On Your Blogger

This post explains how to disable the right mouse button on blogger (blogspot) or any other web page using HTML (JavaScript) code. It's so annoying if someone copies (thefts) from your blog, articles, pictures and other proprietary information from you saying that they are the original owners of content. But, I think "disable the right mouse button 'is not the right solution for this. Most people come to your site to read the information and very small percentage of people who come to your site to steal their work, images, etc.So, most people feel it insulting and I think it is very little what to do. If you want to protect their images, my suggestion is to add a watermark (logo) sitename his or her name on the images, photos, etc.

Note : The use of this Javascript code, you just disable right click to warn visitors that the content is protected by copyright. That's all my personal opinion, however despirately if you want to add this feauture You may obtain this code here.

Follow this steps :

1. Login blogger

2. Layout --> Page Elements --> Add a Gadget

3. Than copy paste at your HTML/JavaScript

4. Done

Tips Membuat Widget TabView 3 Kolom ( 2 )

Tabview Widget adalah suatu halaman informasi yang multiple, Tabview Widget cocok digunakan pada ruang yang terbatas, karena satu tab dalam tabview sudah dapat mewakili satu halaman. Penggunaan Tabview Widget yang di populerkan oleh Hoctro menggunakan bantuan dari Yahoo! UI Library, menurut Si-OOM sih waktu loading katanya begitu lama ditambah proses pemasangannya yang ribet. Dengan ini disini saya ingin sebagai penyambung lidah untuk mencoba menerapkan inspirasinya si-OOM yang sederhana, mudah di-aplikasikan, dan suport buat blogger, website dan platform lainya, Coding yang digunakan pada penggunaan Html Form, CSS dan Javascript. Sudah support dengan berbagai browser antara lain Opera, Internet Explorer, Firefox dan Flock sudah berjalan dengan baik. Contoh penggunaan Tabview seperti disebelah kanan.


Langsung saja penerapannya seperti berikut :

1. Login Blogger

2. Layout --> Page Elements --> Add a Widget --> HTML/JavaScript

3. Lalu Copy script dibawah ini dan pastekan ke widget ( Tapi sebelumnya di edit dahulu, bisa dengan MS-FrontPage dll).

<style type="text/css">

div.TabTampil div.TTs

{height: 24px; overflow: hidden; }

div.TabTampil div.TTs a:hover, div.TabTampil div.TTs a.Active

{ background-color: #FFE16C; }

div.TabTampil div.Halamans

{ clear: both; border: 1px solid #FFCC00; overflow: hidden; background-color:
#FFFFB7;}

div.TabTampil div.Halamans div.Halaman

{ height: 100%; padding: 0px; overflow: hidden; }

div.TabTampil div.Halamans div.Halaman div.Alas

{ padding: 3px 5px; }

div.TabTampil div.TTs a

{ border-left:1px solid #FFCC00; border-right:1px solid #FFCC00; border-top:1px
solid #FFCC00; border-bottom:0px solid #FFCC00; float: left;

display: block; width: 100px; text-align: center; height: 24px; padding-top:
3px; vertical-align: middle; text-decoration: none; font-family: "Arial", Serif;

font-size: 12px; font-weight: 900; color: #222}

</style>





<form action="tabtampil.html" method="get">

<div class="TabTampil" id="TabTampil">

<div class="TTs" style="width: 330px;"> <a>Tab1</a> <a>Tab2</a> <a>Tab3</a>
</div>

<div class="Halamans" style="width: 330px; height: 250px;">

<div class="Halaman">

<div class="Alas">

Tab1.1

Tab1.2

</div>

</div>

<div class="Halaman">

<div class="Alas">

Tab2.1

Tab2.2

</div>

</div>

<div class="Halaman">

<div class="Alas">

Tab3.1

Tab3.2

</div>

</div>

</div>

</div>

</form>



<script style="text/javascript" src="http://oom.blog.googlepages.com/o-omdotcom_tabview.js"></script>

<script type="text/javascript">tabtampil_inisial('TabTampil');</script>

Catatan :

<div class="Alas">

Tab1.1

Tab1.2

</div>

</div>

<div class="Halaman">

<div class="Alas">

Tab2.1

Tab2.2

</div>

</div>

<div class="Halaman">

<div class="Alas">

Tab3.1

Tab3.2

</div>

Text warna merah diatas dapat diganti dengan image, link atau script dll ( misal : recent post, new post, comment dst ) sesuai dengan selera anda.

4. Kalau dirasa cukup, baru pastekan ke widget dan lihat hasilnya.

Source : Guru Besar OOM, Hoctro, Yahoo! UI Library

Tips Membuat Menu Navigasi Secara Horizontal

Menindak lanjuti artikel tips-make-horizontal-blogger-menus dengan tambahan yang saya baca dari artikelnya
O-OM yang kali ini akan membuat suatu menu navigasi bawaan dari blogger. Dengan menggunakan fasilitas CSS, widget Linklist yang semula sering dipakai sebagai blogroll secara vertikal, kita modifikasi menjadi menu navigasi secara horizontal. Langkah yang kita lakukan sbb :

1. Login Blogger

2. Masuk --> Layout --> Edit HTML

3. Backup dahulu

4. Lalu --> Edit HTML

5. Cari Kode ini --> ]]></b:skin>

6. Setelah ketemu, copy paste kode dibawah ini diatasnya -->]]></b:skin>

/*-- (Menu/Nav) --*/

#nav{background:#222; height:32px; padding:4px 0 0; margin-bottom:0px}

#nav-left{float:left; display:inline; width:600px}

#nav-right{float:right; display:inline; width:100px}

#nav ul{position:relative; overflow:hidden; padding-left:0px; margin:0; font:1.0em Arial,Helvetica,sans-serif}

#nav ul li{float:left; list-style:none}

#nav ul li a, #nav ul li a:visited{display:block; color:#fff; margin:0 5px; padding:5px 4px; text-decoration:none}

#nav ul li a:hover{color:#800000; background-color:#fff; margin:0 5px; padding:5px 4px}

#nav ul li a.current, #nav ul li a.current:visited, #nav ul li a.current:hover{margin:0 8px; background-color:#fff; color:#fff; padding:5px
7px}



/*-- (Search) --*/

#search{background:#f9f9f9 url(http://oom.blog.googlepages.com/search.gif) 6px
2px no-repeat; -moz-border-radius-bottomleft:10px;

-moz-border-radius-bottomright:10px;

-moz-border-radius-topleft:10px;

-moz-border-radius-topright:10px; border:1px solid #b3b3b3; float:right; height:25px; margin:0 0px 0 0; width:180px}

* html #search{margin-right:8px}

#search input{font-family:Verdana,Arial,Helvetica,sans-serif; background:transparent; border:0; color:#555; float:left; font-size:12px;
margin:5px 0 0; padding:0px 2px 2px 27px; width:140px}

]]></b:skin>

7. Kemudian cari kode <div id='outer-wrapper'><div id='wrap2'> biasanya terletak di bawah html tag <body> kemudian copy-paste kode dibawah ini, dan taruh dibawahnya kode --> <div id='outer-wrapper'><div id='wrap2'>. Contohnya seperti dibawah ini :

<div id='outer-wrapper'><div id='wrap2'>


<div id='nav'>

<b:section class='header-tabs' id='header-tabs' preferred='yes' showaddelement='no'>

<b:widget id='LinkList1' locked='true' title='Top Tabs' type='LinkList'>

<b:includable id='main'>

<div class='widget-content'>

<b:if cond='data:title'/>

<div id='nav-left'>

<ul>

<li><a href='/'>Home</a></li>

<b:loop values='data:links' var='link'>

<li><a expr:href='data:link.target'><data:link.name/></a></li>

</b:loop>

</ul>

</div>

</div>

</b:includable>

</b:widget>

<b:widget id='HTML3' locked='true' title='Search' type='HTML'>

<b:includable id='main'>

<div id='nav-right'>

<form expr:action='data:blog.homepageUrl + &quot;search&quot;' id='searchform' method='get' name='searchform'>

<b:if cond='data:title'/>

<div id='search'>

<input class='s' id='s' name='q' onblur='if (this.value == &apos;&apos;) this.value = &apos;Cari artikel disini&apos;;}' onfocus='if (this.value == &apos;Cari artikel disini&apos;) {this.value = &apos;&apos;;}' type='text' value='Cari artikel disini'/>

<input id='searchsubmit' type='hidden' value='Search'/>

<data:content/>

</div>

</form>

</div>

</b:includable>

</b:widget>

</b:section>

</div>

Catatan HTML4 = Bisa menyesuaikan dengan Kode HTML kita dan tidak harus HTML4 seperti milik OOM.

7. Save Templates.

Tips Make Blogger To Reactions

Finally Control Panel ( previous CP) still in draft of blogger really applying also, this can be seen at your CP each. Besides Renewal of appearance, blogger also newest fiture activate at their service that is Blogger Reactions. As usual this facility only can be activated to pass in blogger draft.


Blogger of Reaction ( reactions) can be told newest version of ratings star, making it differ, with reactions we can determine by xself its sentence. Likely I needn't to explain elaborately, friend all surely understand what its intention. For example about this at busanaku.

To try Blogger Reactions, login first in http://draft.blogger.com/ ; then on page Edit Layout click " Edit" then say the word check at " of Reaction.


For template which have been modified, way of above in the reality do not walk successfully, to present reaction blogger we can use the way of manual, follow its way hereunder :


First at Editing HTML ( don't forget to say the word check " Expand Template Widget") code searching hereunder :

<div class='post-footer-line post-footer-line-3'>

</div>

Later;Then code input below/under among code above, the example like this :

<div class='post-footer-line post-footer-line-3'>

<span class='reaction-buttons'>

<b:if cond='data:top.showReactions'>

<table border='0' cellpadding='0' width='100%'><tr>

<td valign='center'><span class='reactions-label'>

<data:top.reactionsLabel/></span>

&#160;</td>

<td><iframe allowtransparency='true' class='reactions-iframe'
expr:src='data:post.reactionsUrl' frameborder='0' name='reactions'
scrolling='no'/></td>

</tr></table>

</b:if>

</span>

</div>

Tips Mengubah Tekstur Warna Background Blogger Dengan Suatu Image

Mengubah warna background agar lebih menarik blogger dengan suatu image. Langkah yang harus ditempuh adalah sebagai berikut :

Untuk Clasic Templates :

1. Login Blog

2. Layout --> Edit HTML

3. Backup dahulu --> " Download Full Template "

4. Cari kode berikut :

body {

background:#fff

5. Kemudian tambahkan URL image-nya seperti ini:

body {

background:#fff url('http://www.geocities.com/dhuwuh/sarung.gif');

6. Save tempaltes

Untuk New Templates :

1. Login Blog

2. Layout --> Edit HTML

3. Backup dahulu --> " Download Full Template "

4. Cari kode berikut :

body {

background:$bgColor;

5. Kemudian tambahkan URL image-nya seperti ini:

body {

background:$bgColor url('http://www.geocities.com/dhuwuh/sarung.gif');

6. Save tempaltes

Tips Make Horizontal Blogger Menus

How to Create horizontal bar menu with descriptions of renewal. Generating a horizontal menu bar with 8 and more links. Each link has a drag effect and a link description appears in a box in the bar.

Just follow this script to copy and paste on your blogs.



Example like this :

Google

dhuwuh

Yahoo

MSN

Altavista

Module 1 : Copy paste this script on your blogs.

a. Layout

b. Page Element

c. Add a Gadget

d. Paste in to --> HTML/JavaScrips

<style>

<!--

A:hover {color:white;background-color:black};

//-->

</style>





<body bgcolor="#FFFFFF">

<form name="form1">

<table width="600" border="0" cellspacing="0" cellpadding="5">

<tr bgcolor="#CCCCCC">

<td width="0"><a href="http://dhuwuh.blogspot.com" target="_blank" onMouseOver="form1.description.value='Keterangan Google';return true" onMouseOut="form1.description.value='';return true">Google</a></td>

<td width="0"><a href="http://www.google.com" target="_blank" onMouseOver="form1.description.value='Keterangan dhuwuh';return true" onMouseOut="form1.description.value='';return true">dhuwuh</a></td>

<td width="0"><a href="http://www.yahoo.com" target="_blank" onMouseOver="form1.description.value='Keterangan Yahoo';return true" onMouseOut="form1.description.value='';return true">Yahoo</a></td>

<td width="0"><a href="http://www.msn.com" target="_blank" onMouseOver="form1.description.value='Keterangan MSN';return true" onMouseOut="form1.description.value='';return true">MSN</a></td>

<td width="0"><a href="http://www.altavista.com" target="_blank" onMouseOver="form1.description.value='Keterangan Altavista';return true" onMouseOut="form1.description.value='';return true">Altavista</a></td>

<td width="0">

<input type="text" name="description" size="25" value="">

</td>

</tr>

</table>

<br>

</form>

Module 2 : Or Menu Code (cut and paste inbetween your <body> tags

Tips Menambah Logo Image atau Text pada " Post a comment " Blogger

Tampilan awal blog biasanya menampilkan suatu tulisan text "Post a Comment" yang letaknya dibawah kolom komentar. Disini kita akan mengubah text tersebut dengan bentuk lain, misalnya dalam gambar, tulisan lain dsb. Fungsinya sendiri sih agar pengunjung dapat mengetahu sisi letak dari tempat komentar sehingga pengunjung tidak akan kesulitan dalam menuangkan komentar-komentarnya.

Adapun langkah-langkah yang harus ditempuh adalah sebagai berikut :

Contoh Logo Image Posting Comment

1. Login blog anda

2. Layout --> Edit Html

3. Sebelum melangkah --> Backup dahulu " Download Full Template "
4. Kemudian centang pada Expand Template Widget

4. Cari Kode ini :

<p class='comment-footer'>

<a expr:href='data:post.addCommentUrl' expr:onclick='data:post.addCommentOnclick'><data:postCommentMsg/></a></p>  

5. Sisipkan logo / image diantara :

<a expr:href='data:post.addCommentUrl' expr:onclick='data:post.addCommentOnclick'>..........<data:postCommentMsg/></a></p>  

Sehingga akan nampak seperti ini :

<p class='comment-footer'><a expr:href='data:post.addCommentUrl' expr:onclick='data:post.addCommentOnclick'><b><img alt=' Posting Your Comment Here. Thanks ' border='0' src='http://www.geocities.com/dhuwuh/post-comment.gif'/><data:postCommentMsg/></b></a></p>

6. Kemudian save template.

How To Get Back Missing Search Option At Your System Windows XP

This is a common tactic of today's malware to disable certain functions of Windows utility that can help get rid of these malicious programs. Some of the functions that are normally the disabled are the Task Manager, Registry Editor, Folder Options, show hidden files and folders, Run dialog from the Start menu and the search function of Windows. Today a friend of mine asked me to their search option was missing its Windows. I did a little research and discovered that usually takes care of malware to disable the search function. Here are some ways to get back the search option missing in Windows XP.


Using the Group Policy Editor :


1. Go to Start –> Run –> gpedit.msc

2. The group policy editor will open. Now go to the following key : User Configuration –> Administrative templates –> Start Menu and Task Bar. In the right hand pane, select “Remove Search menu from Start menu”

Most probably it will be set to enabled. Just disable it once, click Apply and then select “Not Configured” and again click Apply.


Usually the Search function is enabled instantaneously. If it is not enabled, go to Start –> Run –> cmd and issue the following command : C:\>gpupdate /force

This will force the settings to be applied instantaneously.



Using the command REG

Sometimes it is better to add record through command line rather than go through all the manual processes to open the Registry Editor, find the right key and change it. Therefore, I am giving the solution of command line to allow the search function of Windows. To enable the search function, simply go to Start -> Run and copy and paste the following command and press OK to continue.


Using commands automated registration

If you are unsure of all the above, I created this script that will allow the search function automatically without user intervention. Copy the script below and save as
repair.reg

When you run this program asks whether you want to add registration information. Please click Yes.

Save as below this script --> Repair.reg :

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoFind"=dword:00000000
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoFind"=dword:00000000

How To Show Hidden Files and Folders For Windows XP

A few days ago, a client came to me and told me he had problems with its Windows XP. The show hidden files and folders did not work at all. If you select the button "Show hidden files and folders", then press Ok .. changes just disappear when opening the dialog box again. It is likely that some virus attack after the Windows registry is not updated correctly. So here's what I did to restore again. There are many methods to restore the record again. If one method does not work, please try another.


Method 1 :

a. Start

b. Run

c. Type --> Regedit

d. Fine this key --> HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced


In the right hand area, double click hidden and change the value to 1. Now you’re all set to go. Check it in your tools menu if the changes have taken effect.


Method 2 :

a. Start

b. Run

c. Type --> Regedit

d. Fine this key :
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL

e. Look at the “CheckedValue” key. This should be a DWORD key. If it isn’t, delete the key.

f. Create a new key called “CheckedValue” as a DWORD (hexadecimal) with a value of 1.

g. The “Show hidden files & folders” check box should now work normally.


Or download this --> Smart Virus Remover ( 589 Kb )

Registry Editing Has Been Disabled by Your Administrator ( Windows XP )

1. Repair From Group Policy Editor

a. Go to Run -> gpedit.msc

b. On the left, go to User Configuration -> Administrative Templates -> System.

c. Now in the right pane, select "prevent access to the registry editing tools." It is likely that not configured or authorized. If activated, disable it and if it is not configured, first as you can, apply the settings and then turn it off. More likely, adjustments have been implemented immediately. If not, then run in GPUpdate commands to implement the policy group.

2. Repair by Run Menu
I received this pinch while surfing the internet. Go to Start -> Run, copy and paste the track in the Run box and press OK

REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /t REG_DWORD /d 0 /f

Enabling Task Manager Windows XP

For Enabling Task Manager from Group Policy Editor :

1. Go to “Start” -> “Run” -> Write “Gpedit.msc” and press on “Enter” button.

2. Navigate to “User Configuration” -> “Administrative Templates” -> “System” -> “Ctrl+Alt+Del Options”

3. In the right side of the screen verity that “Remove Task Manager”" option set to “Disable” or “Not Configured”.

4. Close “Gpedit.msc” MMC.

5. Go to “Start” -> “Run” -> Write “gpupdate /force” and press on “Enter” button.

For Enabling Task Manager from Registry Editor :

1. Go to “Start” -> “Run” -> Write “regedit” and press on “Enter” button.

Warning: Modify your registry can cause serious problems that may require you to reinstall your operating system. Always backup your files before doing this registry hack.

2. Navigate to the following registry keys and verity that following settings set to default : ( save as enable_task.reg )

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]

“DisableTaskMgr”=dword:00000000

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Group Policy
Objects\LocalUser\Software\Microsoft\Windows\CurrentVersion\Policies\System]

“DisableTaskMgr”=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\]

“DisableTaskMgr”=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]

“DisableCAD”=dword:00000000

3. Reboot the computer.


For your convenience, I have created a registry file. Just download, double click it and add the info to your registry. The task manager will be enabled.

Clean and Removing Worm W32.SillyFDC ( Pendekar Blank )Virus

Here is manual tutorial for cleaning and removing " Pendekar Blank Virus " :
1. You must have PROCEXP and run, can be downloaded http://www.sysinternals.com/
2. Right click and choose suspend@blank.doc, empty.jpg, hole.zip, unoccupied.reg, zero.txt
3. Next go to control --> Folder Options, View tab election and advanced settings : option Show hidden files and folders, Uncheck Hide extensions for known file types, Uncheck Hide protected operating system files (Recommended)

W32.SillyFDC [Symantec] is also known as Threat Alias :

W32/Zaflen.a [McAfee]
Worm.VB.FKF [PC Tools]
Worm.Win32.VB.gr [Kaspersky Lab]
Worm.Win32.VB.ck [Kaspersky Lab]
W32/YahLover.worm [McAfee]
WORM_SOHANAD.FI [Trend Micro]
W32/Autorun.worm.h [McAfee]
Generic!atr [McAfee]
VBS_AUTORUN.DMS [Trend Micro]
PE_FLUENZA.ART-O [Trend Micro]
Virus.Win32.AutoRun.as [Kaspersky Lab]
Generic Packed [McAfee]
WORM_SILLY.DQ [Trend Micro]
PE_ABI.A [Trend Micro]
Worm.Win32.VB.fi [Kaspersky Lab]
Worm.VB.GUE [PC Tools]
Generic.dx [McAfee]
Generic VB.b [McAfee]
WORM_ABI.B [Trend Micro]
W32.SillyDC [Symantec]
Worm.VB.FMU [PC Tools]
IM-Worm.Win32.VB.gd [Kaspersky Lab]
Trojan.Hider.G [PC Tools]
Trojan.Win32.VB.atg [Kaspersky Lab]
Worm.Delf!sd5 [PC Tools]
TROJ_AGENT.SAO [Trend Micro]
Worm.VB.FWG [PC Tools]
Worm.Win32.Delf.aj [Kaspersky Lab]
WORM_VB.EIQ [Trend Micro]
Win32.Drowor.Gen [PC Tools]
New Malware.n [McAfee]
WORM_IMAUT.AA [Trend Micro]
Worm.Win32.Agent.ay [Kaspersky Lab]
W32/Dorcrag.worm [McAfee]
W32/Virut.gen [McAfee]
Worm.AutoIt.DQ [PC Tools]
W32/Autorun.worm.cs [McAfee]
Trojan.Win32.Hider.i [Kaspersky Lab]
Trojan-Downloader.Win32.VB.bbl [Kaspersky Lab]
Worm.VB.GIO [PC Tools]
W32/Autorun.worm.f [McAfee]
WORM_VB.CIU [Trend Micro]
WORM_SILLYDC.AL [Trend Micro]
Trojan.VB.ZBW [PC Tools]
Downloader.gen.a [McAfee]
Virus.Win32.VB.bg [Kaspersky Lab]
Hider [McAfee]
W32/Autorun.worm.n [McAfee]
WORM_VB.FKO [Trend Micro]
Worm.Win32.VB.el [Kaspersky Lab]
W32/Autorun.worm.i.gen [McAfee]
Mal_Otorun5 [Trend Micro]
Worm.AutoIt.S [PC Tools]
Worm.AutoRun.PX [PC Tools]
W32/Autorun.worm.u [McAfee]
WORM_VB.CII [Trend Micro]
Worm.Win32.Delf.ca [Kaspersky Lab]
Trojan.VB.EPP [PC Tools]
Worm.AutoRun.AO [PC Tools]
Trojan.DL.Agent.VRX [PC Tools]
W32/Autorun.worm.ch [McAfee]
W32/Generic!worm [McAfee]
Worm.Win32.AutoIt.i [Kaspersky Lab]
WORM_SILLY.EP [Trend Micro]
Virus.Win32.VB.eg [Kaspersky Lab]
W32/Autorun.worm.b [McAfee]
W32/Hooon.worm [McAfee]
Worm.AutoRun.AIP [PC Tools]
Worm.Win32.AutoRun.cwe [Kaspersky Lab]
TROJ_HIDER.I [Trend Micro]
Worm.AutoIT.V [PC Tools]
PE_VIRUT.XL [Trend Micro]
W32/Autorun.worm.g [McAfee]
W32/USBAgent [McAfee]
Trojan.QQPass.Gen [PC Tools]
W32/Cekar [McAfee]
PE_VIRUT.GEN-2 [Trend Micro]
WORM_AUTORUN.BUK [Trend Micro]
Virus.Win32.Virut.q [Kaspersky Lab]
PE_DROWOR.A [Trend Micro]
Virus.Win32.AutoRun.cb [Kaspersky Lab]
Worm.VB!sd5 [PC Tools]
W32/Autorun.worm.j [McAfee]
Worm.VB.EDCS [PC Tools]
WORM_AGENT.ACCD [Trend Micro]
WORM_VB.ERF [Trend Micro]
Backdoor.VB.ESE [PC Tools]
Trojan.Win32.VB.ayo [Kaspersky Lab]
Virus.Win32.AutoRun.aik [Kaspersky Lab]
W32/Autorun.worm.bl [McAfee]
Virus.Win32.AutoRun.abt [Kaspersky Lab]
Worm.Hamweg.Gen [PC Tools]
WORM_BRONTOK.BW [Trend Micro]
WORM_VB.GAY [Trend Micro]
JS.Chir.B [PC Tools]
TROJ_AGENT.ANAR [Trend Micro]
Trojan.QQPass.Gen.4 [PC Tools]
Trojan.QQPass.Gen.7 [PC Tools]
Trojan-Downloader.Win32.AutoIt.x [Kaspersky Lab]
Virus.Win32.AutoRun.gp [Kaspersky Lab]

W32.SillyFDC [Symantec] is known to be created as :

%AllUsersProfile%\desktop.exe
%AllUsersProfile%\documents.exe
%AllUsersProfile%\drm.exe
%AllUsersProfile%\favorites.exe
%AllUsersProfile%\fotitoella.exe
%AllUsersProfile%\templates.exe
%AppData%\cftmon.exe
%AppData%\flexiblesoft\spirit.exe
%AppData%\microsoft\cd burning\auto.exe
%AppData%\microsoft\cd burning\coolworld.exe
%AppData%\microsoft\cd burning\protector.exe
%AppData%\rocket.exe
%AppData%\spool.exe
%AppData%\spooll.exe
%AppData%\waultc.exe
%AppData%\waults.exe
%CommonAppData%\microsoft.exe
%CommonAppData%\microsoft\crypto.exe
%CommonAppData%\microsoft\crypto\dss.exe
%CommonAppData%\microsoft\crypto\dss\fondo1024x768.exe
%CommonAppData%\microsoft\crypto\dss\machinekeys.exe
%CommonAppData%\microsoft\crypto\dss\machinekeys\img00002.exe
%CommonAppData%\microsoft\crypto\fotocote.exe
%CommonAppData%\microsoft\crypto\rsa.exe
%CommonAppData%\microsoft\crypto\rsa\machinekeys.exe
%CommonAppData%\microsoft\crypto\rsa\mariajose.exe
%CommonAppData%\microsoft\crypto\rsa\s-1-5-18.exe
%CommonAppData%\microsoft\ctfmon.exe
%CommonAppData%\microsoft\fotocote.exe
%CommonAppData%\microsoft\media index\fotomj.exe
%CommonAppData%\microsoft\media player\fondo1024x768.exe
%CommonAppData%\microsoft\network.exe
%CommonAppData%\microsoft\network\connections.exe
%CommonAppData%\microsoft\network\connections\cm.exe
%CommonAppData%\microsoft\network\connections\cm\fotomj.exe
%CommonAppData%\microsoft\network\connections\img000152.exe
%CommonAppData%\microsoft\network\connections\pbk.exe
%CommonAppData%\microsoft\network\scs000132.exe
%CommonAppData%\microsoft\spirit.exe
%CommonAppData%\microsoft\user account pictures\bro_act.exe
%CommonAppData%\microsoft\user account pictures\yoppp_playa.exe
%CommonAppData%\vb.net.exe
%CommonAppData%\vmware.exe
%CommonAppData%\vmware\fotitoella.exe
%CommonAppData%\vmware\vmware tools\fondo1024x768.exe
%CommonDesktopDir%\desktop.exe
%CommonDesktopDir%\files.exe
%CommonDesktopDir%\foto_ella_bikini.exe
%CommonDesktopDir%\newfolder.exe
%CommonDesktopDir%\notepad.exe
%CommonDocuments%\bro_act.exe
%CommonDocuments%\my music\accounting.exe
%CommonDocuments%\my music\bro_act.exe
%CommonDocuments%\my music\fotowena.exe
%CommonDocuments%\my music\my playlists\fotocote.exe
%CommonDocuments%\my music\sample music\bro_act.exe
%CommonDocuments%\my music\sample music\lastscan.exe
%CommonDocuments%\my music\sample playlists\00090beb.exe
%CommonDocuments%\my music\sample playlists\lastscan.exe
%CommonDocuments%\my pictures\bro_act.exe
%CommonDocuments%\my pictures\sample pictures\bro_act.exe
%CommonDocuments%\my pictures\sample pictures\fotitoella_10.exe
%CommonDocuments%\my videos\bro_act.exe
%CommonDocuments%\my videos\fotitoella_10.exe
%CommonFavorites%\img000152.exe
%CommonPrograms%\accessories.exe
%CommonPrograms%\accessories\accessibility.exe
%CommonPrograms%\accessories\accessibility\img000152.exe
%CommonPrograms%\accessories\communications.exe
%CommonPrograms%\accessories\entertainment.exe
%CommonPrograms%\accessories\entertainment\fotitoella.exe
%CommonPrograms%\accessories\system tools\foto_respaldo1.exe
%CommonPrograms%\administrative tools\img000152.exe
%CommonPrograms%\fotobikini.exe
%CommonPrograms%\programs.exe
%CommonPrograms%\startup.exe
%CommonPrograms%\startup\avp.exe
%CommonPrograms%\startup\bro_act.exe
%CommonPrograms%\startup\folderwiz.com
%CommonPrograms%\startup\lsass.exe
%CommonPrograms%\startup\msconfig.exe
%CommonPrograms%\startup\osa.exe
%CommonPrograms%\startup\plus.exe
%CommonPrograms%\startup\setup.exe
%CommonPrograms%\startup\startup.exe
%CommonPrograms%\startup\svchots.exe
%CommonPrograms%\startup\systemil2.exe
%CommonPrograms%\startup\tati.exe
%CommonPrograms%\startup\winlogon.exe
%CommonPrograms%\startup\winsys2.exe
%CommonStartMenu%\programs.exe
%CommonStartMenu%\yoppp_playa.exe
%CommonTemplates%\img00002.exe
%CommonTemplates%\spss.exe
%DesktopDir%\desktop.exe
%DownloadedProgramFiles%\svchost.exe
%Favorites%\links.exe
%FontsDir%\fonts.exe
%FontsDir%\nwlnkfwd.exe
%FontsDir%\nwlnkipx.exe

4. Search and delete file contain of the virus :

c:\aut0exec.bat
c:\windows\system32\dllcache\Regedit32.com
c:\windows\system32\dllcache\Shell32.com
c:\windows\system32\dllcache\rund1132.exe
c:\windows\system32\dllchache.exe
c:\windows\system32\M5VBVM60.exe
c:\(Read Me)Pendekar Blank.txt
c:\windows\system32\dllchache\blank.doc
c:\windows\system32\dllchache\empty.jpg
c:\windows\system32\dllchache\hole.zip
c:\windows\system32\dllchache\msvbvm60.dll
c:\windows\system32\dllchache\unoccupied.reg
c:\windows\system32\dllchache\zero.txt
c:\windows\system32.exe

5. Clean and Repair registry

Delete HKEY_CURRENT_USER, Software\Microsoft\Windows\CurrentVersion\Run, Secure32
Delete HKEY_CURRENT_USER, Software\Microsoft\Windows\CurrentVersion\Run, Secure64
Delete HKEY_LOCALMACHINE, Software\Microsoft\Windows\CurrentVersion\Run, Blank Antiviri
CHANGE & MODIFY @ HKCR, comfile\shell\open\command,,,”””%1″” %*”
CHANGE & MODIFY @ HKLM, SYSTEM\ControlSet001\Control\SafeBoot, AlternateShell,0, “cmd.exe”
CHANGE & MODIFY @ HKLM, SYSTEM\CurrentControlSet\Control\SafeBoot, AlternateShell,0, “cmd.exe”
CHANGE & MODIFY @ HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, Userinit,0, “C:\Windows\system32\userinit.exe,”
CHANGE & MODIFY @ HKCU, Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced, ShowSuperHidden,0×00010001,1
CHANGE & MODIFY @ HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, Userinit.,0, “userinit.exe”

6. Than Restart yout computer

Tausiyah Menjelang Ramadhan dan Jadual Imsakiyah Puasa Ramadhan

Do'a malaikat Jibril menjelang Ramadhan "Ya Allah tolong abaikan puasa umat Muhammad, apabila sebelum memasuki bulan Ramadhan dia tidak melakukan hal-hal yang berikut :

1. Tidak memohon maaf terlebih dahulu kepada kedua orang tuanya (jika masih ada);

2. Tidak berma'afan terlebih dahulu antara suami isteri (itupun jika sudah nikah);

3. Tidak bermaafan terlebih dahulu dengan orang-orang sekitarnya.


Maka Rasulullah pun mengatakan Amiin sebanyak 3 kali. Dapatkah kita bayangkan, yang berdo'a adalah Malaikat dan yang meng-amiinkan adalah Rasullullah dan para sahabat , serta dilakukan pada hari Jum`at.



Oleh itu SAYA TERLEBIH DAHULU MEMOHON MAAF jika saya ada berbuat kesalahan, baik yang tidak di sengaja maupun yang di sengaja.

NASIHAT RASULULLAH JELANG RAMADHAN

Diriwayatkan Oleh Ibnu Huzaimah, Rasulullah memberikan nasihat menjelang Ramadhan :



“Wahai manusia! Sungguh telah datang pada kalian bulan Allah dengan membawa berkah rahmat dan maghfirah. Bulan yang paling mulia disisi Allah. Hari-harinya adalah hari-hari yang paling utama. Malam-malamnya adalah malam-malam yang paling utama. Jam demi jamnya adalah jam-jam yang paling utama.



Inilah bulan ketika kamu diundang menjadi tamu Allah dan dimuliakan oleh-NYA. Di bulan ini nafas-nafasmu menjadi tasbih, tidurmu ibadah, amal-amalmu diterima dan doa-doamu diijabah. Bermohonlah kepada Allah Rabbmu dengan niat yang tulus dan hati yang suci agar Allah membimbingmu untuk melakukan shiyam dan membaca Kitab-Nya.



Celakalah orang yang tidak mendapat ampunan Allah di bulan yang agung ini. Kenanglah dengan rasa lapar dan hausmu di hari kiamat. Bersedekahlah kepada kaum fuqara dan masakin. Muliakanlah orang tuamu, sayangilah yang muda, sambungkanlah tali persaudaraanmu, jaga lidahmu, tahan pandanganmu dari apa yang tidak halal kamu memandangnya dan pendengaranmu dari apa yang tidak halal kamu mendengarnya. Kasihilah anak-anak yatim, niscaya dikasihi manusia anak-anak yatimmu.



Bertaubatlah kepada Allah dari dosa-dosamu. Angkatlah tangan-tanganmu untuk berdoa pada waktu shalatmu karena itulah saat-saat yang paling utama ketika Allah Azza wa Jalla memandang hamba-hamba- Nya dengan penuh kasih; Dia menjawab mereka ketika mereka menyeru-Nya, menyambut mereka ketika mereka memanggil-Nya dan mengabulkan doa mereka ketika mereka berdoa kepada-Nya.



Wahai manusia! Sesungguhnya diri-dirimu tergadai karena amal-amalmu, maka bebaskanlah dengan istighfar. Punggung-punggungmu berat karena beban (dosa) mu, maka ringankanlah dengan memperpanjang sujudmu.



Ketahuilah! Allah ta’ala bersumpah dengan segala kebesaran-Nya bahwa Dia tidak akan mengazab orang-orang yang shalat dan sujud, dan tidak akan mengancam mereka dengan neraka pada hari manusia berdiri di hadapan Rabb al-alamin.



Wahai manusia! Barang siapa di antaramu memberi buka kepada orang-orang mukmin yang berpuasa di bulan ini, maka di sisi Allah nilainya sama dengan membebaskan seorang budak dan dia diberi ampunan atas dosa-dosa yang lalu. (Sahabat-sahabat lain bertanya: “Ya Rasulullah! Tidaklah kami semua mampu berbuat demikian.”



Rasulullah meneruskan: “Jagalah dirimu dari api neraka walaupun hanya dengan sebiji kurma. Jagalah dirimu dari api neraka walaupun hanya dengan seteguk air.”



Wahai manusia! Siapa yang membaguskan akhlaknya di bulan ini ia akan berhasil melewati sirathol mustaqim pada hari ketika kai-kaki tergelincir. Siapa yang meringankan pekerjaan orang-orang yang dimiliki tangan kanannya (pegawai atau pembantu) di bulan ini, Allah akan meringankan pemeriksaan- Nya di hari kiamat. Barangsiapa menahan kejelekannya di bulan ini, Allah akan menahan murka-Nya pada hari ia berjumpa dengan-Nya. Barang siapa memuliakan anak yatim di bulan ini, Allah akan memuliakanya pada hari ia berjumpa dengan-Nya. Barang siapa menyambungkan tali persaudaraan (silaturahmi) di bulan ini, Allah akan menghubungkan dia dengan rahmat-Nya pada hari ia berjumpa dengan-Nya.



Barang siapa memutuskan kekeluargaan di bulan ini, Allah akan memutuskan rahmat-Nya pada hari ia berjumpa dengan-Nya. Barangsiapa melakukan shalat sunat di bulan ini, Allah akan menuliskan baginya kebebasan dari api neraka. Barangsiapa melakukan shalat fardu baginya ganjaran seperti melakukan 70 shalat fardu di bulan lain. Barangsiapa memperbanyak shalawat kepadaku di bulan ini, Allah akan memberatkan timbangannya pada hari ketika timbangan meringan. Barangsiapa di bulan ini membaca satu ayat Al-Quran, ganjarannya sama seperti mengkhatam Al-Quran pada bulan-bulan yang lain.



Wahai manusia! Sesungguhnya pintu-pintu surga dibukakan bagimu, maka mintalah kepada Tuhanmu agar tidak pernah menutupkannya bagimu. Pintu-pintu neraka tertutup, maka mohonlah kepada Rabbmu untuk tidak akan pernah dibukakan bagimu. Setan-setan terbelenggu, maka mintalah agar ia tak lagi pernah menguasaimu. Amirul mukminin k.w. berkata :

“Aku berdiri dan berkata: “Ya Rasulullah! Apa amal yang paling utama di bulan ini?” Jawab Nabi: “Ya Abal Hasan! Amal yang paling utama di bulan ini adalah menjaga diri dari apa yang diharamkan Allah”.



Wahai manusia! sesungguhnya kamu akan dinaungi oleh bulan yang senantiasa besar lagi penuh keberkahan, yaitu bulan yang di dalamnya ada suatu malam yang lebih baik dari seribu bulan; bulan yang Allah telah menjadikan puasanya suatu fardhu, dan qiyam di malam harinya suatu tathawwu’.”



“Barangsiapa mendekatkan diri kepada Allah dengan suatu pekerjaan kebajikan di dalamnya, samalah dia dengan orang yang menunaikan suatu fardhu di dalam bulan yang lain.”



“Ramadhan itu adalah bulan sabar, sedangkan sabar itu adalah pahalanya surga. Ramadhan itu adalah bulan memberi pertolongan (syahrul muwasah ) dan bulan Allah memberikan rizqi kepada mukmin di dalamnya.”



“Barangsiapa memberikan makanan berbuka seseorang yang berpuasa, adalah yang demikian itu merupakan pengampunan bagi dosanya dan kemerdekaan dirinya dari neraka. Orang yang memberikan makanan itu memperoleh pahala seperti orang yang berpuasa tanpa sedikitpun berkurang.”



Para sahabat berkata, “Ya Rasulullah, tidaklah semua kami memiliki makanan berbuka puasa untuk orang lain yang berpuasa. Maka bersabdalah Rasulullah saw, “Allah memberikan pahala kepada orang yang memberi sebutir kurma, atau seteguk air, atau sehirup susu.”



“Dialah bulan yang permulaannya rahmat, pertengahannya ampunan dan akhirnya pembebasan dari neraka. Barangsiapa meringankan beban dari budak sahaya (termasuk di sini para pembantu rumah) niscaya Allah mengampuni dosanya dan memerdekakannya dari neraka.”



“Oleh karena itu banyakkanlah yang empat perkara di bulan Ramadhan; dua perkara untuk mendatangkan keridhaan Tuhanmu, dan dua perkara lagi kamu sangat menghajatinya.“



“Dua perkara yang pertama ialah mengakui dengan sesungguhnya bahwa tidak ada Tuhan selain Allah dan mohon ampun kepada-Nya . Dua perkara yang kamu sangat memerlukannya ialah mohon surga dan perlindungan dari neraka.”



“Barangsiapa memberi minum kepada orang yang berbuka puasa, niscaya Allah memberi minum kepadanya dari air kolam-Ku dengan suatu minuman yang dia tidak merasakan haus lagi sesudahnya, sehingga dia masuk ke dalam surga.”

Jadual Imsakiyah Puasa Ramadhan

Safety Best Browser For Internet Surfing

A browser is a program that lets you view the Web on the Internet. If you need to see a site like this to your reading and then with a browser. You can not tell what your browser using! Well, that is usually little blue "e" icon click on the search for things. This particular browser is called "Internet Explorer". This browser is the most common browser used and there are many people who are still using Internet Explorer thinking there is no other! But there! and better! You can use as many browsers as you want simultaneously.

Browsers are like cars! You want to travel safely! fast! with a lot of cool features! and the like! You will find below (including links) all browsers currently on the market, but I will talk about the top 3! He used 13 browsers, but now solved with 6, which includes the top 3. Firefox, Opera and Internet Explorer. No matter how good your car is, will any other feature, styles add-ons, etc., that's better! So here is my quick review. I could have written 1000 words to describe all the differences between each and the pros and cons, but it would be pointless as browsers and is regularly updated with new features and tricks. My advice is, try and see which you prefer.

Download Best Browser 2008 For Internet Surfing

Antisipasi Modus Pencurian Lewat Anjungan Tunai Mandiri ( ATM ) atau Automated Teller Machine

Baru-baru ini modus pencurian uang lewat ATM ( Anjungan Tunai Mandiri ) atau Automated Teller Machine lagi booming lagi, tapi kali ini modusnya terbilang lebih canggih, rapi, bersih dan terkoordinasi. Ya mungkin saya yang ketinggalan beritanya nih HeHeHe. Tadi pagi pas lihat SCTV Polisi Batam membongkar sindikat pencurian lewat ATM yang ternyata Warga Negara Sebelah. Mungkin bagi rekan-rekan yang belum tahu, dengan membaca artikel ini diharapkan bisa lebih berhati-hati dalam melakukan transaksi lewat ATM.

Modus yang digunakan dalam aksi ini adalah :

Modus A :

1. Para oknum memasukan suatu plastik tipis, bening sisi bawah di mesin ATM sebelah bawah tempat pemasukkan kartu ATM

2. Korban memasukan kartu ATM, mesin ATM mendeteksi ada kartu masuk dan menjalankan program dan menampilkan 'Enter PIN'

3. Karena data Nomor Kartu (di magnetic stripe) tidak terbaca terhalang plastik, sistem akan terus berusaha membaca data stripe itu terus menerus.

4. Korban menunggu karena sistem lama / hang atau kejadian seperti kartu tertelan, maka korban akan keluar dari ruang ATM

5. Oknum masuk kembali dan menarik plastik tersebut keluar

6. Mesin ATM akan membaca kartu dan meneruskan data ke ATM Data Center proses 'Approve' / 'Valid'

7. Oknum tinggal memasukkan jumlah uang yang mau diambil dan setelah transaksi selesai mengambil kartu Korban.

8. Komplain ke Bank juga tidak berguna, karena kartu ATM dan PIN 'Benar' secara sistem dan tidak ada bukti kartu tertelan.

Modus B :

1. Oknum Memasang Kamera CCTV tersembunyi disekitar ATM, fungsinya untuk mendeteksi gerakan penekanan tombol PIN.

2. Disamping itu, si-oknum mendeteksi keypad ATM dengan alat sejenis infra-red sidik jari untuk menentukan sidik terbaru dan mencocokannya dengan motion gerakan pada kamera CCTV-nya.

3. Setelah korban pergi, maling tersebut akan memasukkan kartu magnetik elektrik kedalam ATM, yang berfungsi untuk mengambil sidik data terakhir kartu magnetik si korban.

4. Setelah itu para penjahat akan pergi sebentar untuk menterjemahkan kartu magnetik tersebut untuk diubah menjadi kartu ATM Korban.

5. Baru mereka akan mengambil dan menguras isi uang korban.

(Sumber : Berita TV tadi pagi, penuturan tersangka yang tertangkap)

Antisipasi dini yang mungkin bisa berguna untuk menanggulangi kehilangan uang kita adalah :

1. Periksa dahulu sebelum memasukkan kartu ATM anda, apakah di slot pemasukan kartu ATM ada sesuatu yang mencurigakan.

2. Apakah ada Oknum yang mengawasi / menunggu ATM bahkan mempersilahkan Anda duluan ke ATM tapi menunggu anda keluar.

3. Periksa disekeliling box ATM, apa ada kamera CCTV lain selain kamera CCTV milik Bank bersangkutan.

4. Gunakan ATM lain untuk mengacak PIN kita sebelum memasukkan Kartu ATM bersangkutan.

Contoh : Box ATM Bank A --> Masukkan ATM selain Bank A dahulu dan tekan2 sembarang PIN untuk menghapus jejak dan mengelabuhi kamera CCTV, setelah itu masukkan ATM Bank A untuk memulai transaksi anda. Dan sesudah transaksi selesai, gunakan ATM Bank lain lagi dan tekan2 PIN sembarang untuk menghapus jejak PIN ATM Bank A. Memang ribet sih tapi kan demi keamanan harta kita sendiri kan, kenapa harus mengeluh dari pada milik kita hilang percumakan HeHeHe.

Namun sarankan ini bukan berarti kita harus over protektif terhadap orang yang mau secara ikhlas memberikan gilirannya kepada anda dan sebaiknya untuk melakukan transaksi di ATM anda bisa mengajak teman anda berdua masuk kedalam ruang ATM. Semoga
artikel ini bisa juga berguna untuk kita semua, Amien. Dan mungkin teman-teman punya solusi lain selain solusi diatas? Apalah arti sebuah ilmu kalau tidak kita tularkan kepada orang lain, mungkin ini
juga bisa terjadi juga pada kita-kita dan anda-anda semua, ayo berbagi ilmu pada sesama kita.

How to Remove and Fixed Dangerous Trojan Horse

I recently set a machine that was infected by a virus that works like this : Each time you click on a directory, an error message is displayed that goes like this : BQ. Attention, [name]! Some dangerous Trojans detected in his system. Microsoft Windows XP corrupted files. This can lead to the destruction of important files in C: \ WINDOWS. Download the software protection now!


This error message is followed by a dialog. Clicking on it takes you to the website http://free-viruscan.com/id/4912933/4/1/ (warning: The site is a fake intended to deceive the visitor into downloading and executing a program that create more virii. Do not interact with it).

Normally leads me 5 minutes to find a kill a virus, but today I am stumped. The manner in which the virus was operated unusual. Do not load any memory-resident programs. There are loaded at boot. It does not run a service.


Finally convinced that this was beyond my own power, I downloaded and ran
HijackThis. Still nothing. Now things were getting really interesting. I did not want to resort to the use of a virus. That would be too easy. He wanted to know what exactly does the virus and how.


After what seemed hours of research that eventually came to the FixIEDef program developed by ShadowPuterDude of Malwareteks. Ran was bye bye virus. The records showed the following entries :

Files that have been deleted!!!

C:\WINDOWS\system32\dadef.dll

C:\WINDOWS\system32\dapol.dll

C:\WINDOWS\system32\tmp.reg

C:\WINDOWS\system32\tmp.txt

Registry entries that have been removed!!!

HKEY_CURRENT_USER\SOFTWARE\Microsoft\bind “comment”

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BhoNew.BhoApp

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BhoNew.BhoApp.1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2FF811E6-8925-4084-A649-C159955E67E8}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CAF9D798-C659-4B9B-8E19-EE27C3D04EE7}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2FF811E6-8925-4084-A649-C159955E67E8}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run “KernelFaultCheck”

I would like to know more about how it worked, but I suppose that should be happy and satisfied for the moment that the virus se ha ido.


Addendum : It seems that a new strain of this "Trojan horses dangerous virus comes out almost every week, if running the program does not solve the problem, or if you have any support requests, please visit the official website at http://www.malwareteks.com/

Setting Internet WAP GPRS Ponsel GSM - CDMA

FREN

Setting Wap Fren
Type *#2769737#

Minibrowser menu --> Set Enable

Change server address :

● Server 1 type 010.021.005.201:08088

● Server 2 type 0.0.0.0:0000

Set URL

Tekan tombol “0″ agak lama atau Pilih menu“Minibrowser”, biasanya akan muncul
“error” terlebih dahulu

Pilih “menu”

Pilih “advanced”

Pilih “setting”

Pilih “homepage”

Ketik http://wap.mobile-8.net

Simpan

IM3

Setting GPRS OTA :

Ketik SMS: GPRS‹spasi›MerkHP‹spasi›TypeHP Kirim Ke: 3939

Contoh: GPRS NOKIA N73 Kirim ke 3939



Setting GPRS Manual :

Profile Name: gprs

User name

APN: www.indosat-m3.net

Password: im3

Gateway IP: 010.019.019.019

Homepage: http://wap.m3-access.com

Data Bearer: GPRS

Proxy port number: 9201 atau 8080

MATRIX

Setting GPRS OTA :

Ketik SMS : GPRS‹spasi›MerkHP‹spasi›TypeHP Kirim Ke: 3939

Contoh: GPRS NOKIA N73 Kirim ke 3939

Setting GPRS Manual :

Profile Name satelindo

Homepage : www.satelindogprs.com

User name:

APN:

Password:

Gateway IP: 202.152.162.250

Homepage: http://wap.matrix-centro.com

Data Bearer: GPRS

Proxy port number: 9201

TELKOMSEL

Setting GPRS OTA :

Ketik SMS : S‹spasi›MerkHP‹spasi›TypeHP Kirim Ke: 5432

Contoh: S NOKIA 7650



Setting

GPRS Manual :

Profile Name :TSEL GPRS

APN : Telkomsel

User name : wap

Prompt Password : No

Password : wap123

Authentication : Normal

Gateway IP address : 10.1.89.130

Homepage : http://wap.telkomsel.com

Connection Security : Off

Session Mode : Permanent

XL

Setting GPRS OTA :

Ketik SMS:

GPRS‹spasi›MerkHP‹spasi›TypeHP Kirim Ke: 9667

Contoh: GPRS NOKIA 7650



Setting GPRS Manual :

Profile Name: XL GPRS

User name: xlgprs

APN: www.xlgprs.net

Password: proxl

IP Address: 202.152.240.50

Homepage: http://wap.lifeinhand.com

Data Bearer: GPRS

Proxy port number: 8080

MENTARI

Connection name: INDOSATGPRS

Data Bearer: GPRS

Access point name : indosatgprs ,

User name: indosat

Prompt password: No

Homepage: http://www.klub-mentari.com

Gateway IP address: 010.019.019.019

THREE-3

Settings’ Name : 3-GPRS

Homepage : http://wap.three.co.id/

Proxies : Enable

Proxy address : 10.4.0.10

Port : 3128

GPRS access point : 3gprs

Authentication type : Normal

Login type : Automatic

Username : 3gprs

Password : 3gprs

FLEXI

Ketik *#2769737#

• Server address Server 1 ; 10.177.7.7:8088

• Server address Server 2 ; 0.0.0.0:0000



SETTING URL

Tekan tombol 0 agak lama atau Pilih menu Minibrowser, Biasanya akan muncul error terlebih dahulu

Pilih menu paling bawah advanced

Pilih menu no. 1 setting

Pilih menu no. 1 homepage

Isi dengan http://wap.telkomflexi.com

Simpan

AXIS

Parameter Umum GPRS

Connection Name : AXIS

Data Bearer : GPRS atau PS

Access Point Name (APN) : AXIS

Username : AXIS

Prompt Password : No

Password : 123456

Authentication : Normal

Gateway/Proxy IP Address : 10.8.3.8

Gateway/Proxy Port : 9201 atau 8080

Homepage : http://wap.axisworld.co.id

Connection Security : Off

Session Mode : Permanent

Comment Report Broken Link

I try to check all links myself on a regular basis. However, this is a big task, because the site is constantly changing. If you find a link that does not work or if it is aimed at something completely different then the link here is to suggest that really appreciate if you tell me about it. Please tell me the name of the link and what here on page search engine index have found the broken link. You can use the website to contact me about the broken / dead link. Thanks in advance - Your help is appreciated.

Alhamdulillah Page Rank Alexa Naik Drastis Selama 2 Minggu

Gak sangka dan Allahamdulillah semula Page Rank 25 juta-an jadi 11 Juta-an dan hari ini bisa tembus 3,725,969 dalam 2 minggu ini, itupun kata Mbak Alexa loh HeHeHe. Ternyata tembus juga dan jitu juga artikel yang saya pasang nih HaHaHa, Amien. Semoga saja bisa tembus Ranking 1 HiHiHi meskipun cuman sekedar mimpi lah, kan namanya berusaha dan juga berkat dukungan teman-teman blogger sejagad juga nih. Mungkin juga tips-tips didalam ini ini bisa juga di tiru ama temen-temen yang haus akan Page Ranking dan atau PR nya masih baru ya minimal sebagai permulaan ajalah dan masih banyak senior-senior yang PR nya udah pada yahud. Dan mungkin juga sobat-sobat master-master blogger ada masukkan dan sarannya untuk lebih melejitkan PR nih blogger khususnya dan blogger-blogger lainnya umumnya.

How To Manual Remover Worm Virus With REPAIR.INF and REPAIR.VBS

This is my collection about how to manual remover virus with repair.inf or repair.vbs. Just copy and save in your computer, than right click files to the execution. But before execution that repair.inf or repair.vbs, you must know what is files execute needed to repair virus on your system windows xp.

This is my collection repair.inf or repair.vbs to remove manual virus :

Just Free Share Trial 30 Days

● To Active Your Right Click

● Remove Virus Amburadul

● Remove Virus Amora

● Remove Virus Sohadah_AH

● Remove Virus Anti Pacaran

● Remove Virus Bandot

● Remove Virus Bangle js

● Remove Virus Banten

● Remove Virus Blue Fantasi W32/VBWorm.MYE

● Remove Virus Brontok 2007

● Remove Virus Dago

● Remove Virus Face cool W32/FaceCool

● Remove Virus Flue Burung

● Remove Virus Grogotix A

● Remove Virus Jahil

● Remove Virus Kespo v2

● Remove Virus Kill AV

● Remove Virus Moontox Bro

● Repair menu winlogin

● Remove Virus My Rose VB Worm A

● Remove Virus Nale A

● Remove Virus Brontok

● Remove Virus Renova

● Remove Virus Flue Ikan

● Remove Virus Gultung

● Remove Virus Revenge

● Remove Virus RontokbroEQ

● Remove Virus Tepa MM

● Can`t Save Mode

● Remove Virus UnHookExec

● Remove Virus Hysra Genmm Warteg

● Remove Virus VB Worm SS

● Remove Virus Viking

● Remove Virus VIndika

● Remove Virus Kere

● Remove Virus Warteg

● Remove Virus AVG

● Remove Virus W32 VBTroj CZA

● Remove Virus W32 VBWorm MNG

● Remove Virus W32 Gedug

● Remove Virus Kell AV XF

● Remove Virus W32 Naki G Grogoti zip

● Remove Virus W32 VBTroj FJA

● Remove Virus W32 VBWorm MPT

Note : Don`t forget after that to installing Anti Virus Recommended Up To Date

Remove Virus " Antivirus XP 2008 "

Not all anti-virus program today will help eliminate the virus from their problem, in this case antivirus XP 2008 is spyware that try to make your computer as spam zombie. Be careful when opening e-mails from someone you do not know, especially daily Top 10 to CNN.com Press Top 10 this message which asks you to update your flash player but in reality this file is the virus.

If you've downloaded and run this file becomes master of viruses and files downloaded from the Internet automatically then run it.

C:\WINDOWS\system32\CbEvtSvc.exe

C:\Documents and Settings\Your User Name\Local Settings\Temp\lfq0kzgs.exe

C:\Documents and Settings\Your User Name\Local Settings\Temp\.xx1.tmp.vbs

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\smss.exe

C:\WINDOWS\system32\lphc7nvj0e52e.exe

C:\WINDOWS\system32\phc7nvj0e52e.bmp

C:\WINDOWS\system32\phc7nvj0e52e.bmp

C:\WINDOWS\system32\blphc7nvj0e52e.scr

C:\WINDOWS\system32\phc7nvj0e52e.bmp

C:\windows\system32\drivers\xxx.sys

C:\Documents and Settings\LocalService\Application Data\584289103.exe

C:\Program Files\rhc3nvj0e52e

C:\Windows\system32\pphc7nvj0e52e.exe

C:\Documents and Settings\LocalService\Application Data\rhc3nvj0e52e

C:\Documents and Settings\Your User Name\Application Data\rhc3nvj0e52e.exe

C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus XP 2008

C:\Documents and Settings\Your User Name\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus XP 2008.lnk

C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus XP 2008.lnk

C:\Documents and Settings\All Users\Desktop\Antivirus XP 2008.lnk

This virus will also make your registry changes :

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CbEvtSvc

DisplayName = CbEvtSvc

ImagePath = %SystemRoot%\System32\CbEvtSvc.exe -k netsvcs

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\CbEvtSvc

DisplayName = CbEvtSvc

ImagePath = %SystemRoot%\System32\CbEvtSvc.exe -k netsvcs

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\CbEvtSvc

DisplayName = CbEvtSvc

ImagePath = %SystemRoot%\System32\CbEvtSvc.exe -k netsvcs

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\6127a5e3

ImagePath = \SystemRoot\System32\drivers\6127a5e3.sys

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\6127a5e3

ImagePath = \SystemRoot\System32\drivers\6127a5e3.sys

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\6127a5e3

ImagePath = \SystemRoot\System32\drivers\6127a5e3.sys

KEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

lphc7nvj0e52e = C:\WINDOWS\system32\lphc7nvj0e52e.exe

SMrhc3nvj0e52e = C:\Program Files\rhc3nvj0e52e\rhc3nvj0e52e.exe

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\software notifier

HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Uninstall\rhc3nvj0e52e

DisplayName = AntivirXP08

UninstallString = “C:\Program Files\rhc3nvj0e52e\uninstall.exe”

HKEY_LOCAL_MACHINE\software\rhc3nvj0e52e

HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion

rhc3nvj0e52e = 8b 6e 99 48 (bynary)

HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Internet
Settings\User Agent\Post Platform

AntivirXP08 = AntiVirXP08 SV1

This virus also will remove your “screen saver” and “desktop” tab on display properties and change your desktop with file %systemroot%\system32\phc7nvj0e52e.bmp and change your screensaver with executed file %systemroot%\\system32\blphc7nvj0e52e.scr to make you panic by showing fake blue screen of death (BSOD) on your screen.


Then this steps to remove virus " Antivirus XP 2008 " :

1. Run computer on "safe Mode"

2. Start --> run --> services.msc ( to stop activity virus )



3. Fine CbEvtSvc then Disable it.

4. Just Copy this code and save as repair.inf, then right click
intall.

[Version]

Signature=”$Chicago$”

Provider=nobody

[DefaultInstall]

AddReg=UnhookRegKey

DelReg=del

[UnhookRegKey]

HKLM, Software\CLASSES\batfile\shell\open\command,,,”"”%1″” %*”

HKLM, Software\CLASSES\comfile\shell\open\command,,,”"”%1″” %*”

HKLM, Software\CLASSES\exefile\shell\open\command,,,”"”%1″” %*”

HKLM, Software\CLASSES\piffile\shell\open\command,,,”"”%1″” %*”

HKLM, Software\CLASSES\regfile\shell\open\command,,,”regedit.exe “%1″”

HKLM, Software\CLASSES\scrfile\shell\open\command,,,”"”%1″” %*”

HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, Shell,0,
“Explorer.exe”

HKCU, Control Panel\Desktop, ConvertedWallpaper,0, “”

HKCU, Control Panel\Desktop, OriginalWallpaper,0, “”

HKCU, Control Panel\Desktop, SCRNSAVE.EXE,0, “”

HKCU, Control Panel\Desktop, Wallpaper,0, “”

HKCU, Software\Microsoft\Internet Explorer\Desktop\General, BackupWallpaper,0,
“”

HKCU, Software\Microsoft\Internet Explorer\Desktop\General, Wallpaper,0, “”

[del]

HKLM, Software\Microsoft\Windows\CurrentVersion\Run, lphc7nvj0e52e

HKLM, Software\Microsoft\Windows\CurrentVersion\Run, services

HKLM, Software\Microsoft\Windows\CurrentVersion\Run, SMrhc3nvj0e52e

HKLM, Software\Microsoft\Windows\CurrentVersion\Run, rhc3nvj0e52e.exe

HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System,
NoDispBackgroundPage

HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System,
NoDispScrSavPage

HKLM, SYSTEM\CurrentControlSet\Services\6127a5e3

HKLM, SYSTEM\ControlSet002\Services\6127a5e3

HKLM, SYSTEM\ControlSet001\Services\6127a5e3

HKLM, SYSTEM\ControlSet001\Services\CbEvtSvc

HKLM, SYSTEM\ControlSet002\Services\CbEvtSvc

HKLM, SYSTEM\CurrentControlSet\Services\CbEvtSvc

HKLM, SYSTEM\ControlSet001\Services\CbEvtSvc

HKLM, SYSTEM\CControlSet002\Services\CbEvtSvc

HKLM, SOFTWARE\Microsoft\software notifier

HKLM, software\Microsoft\Windows\CurrentVersion\Uninstall\rhc3nvj0e52e

HKLM, software\rhc3nvj0e52e

HKLM, software\Microsoft\Windows\CurrentVersion, rhc3nvj0e52e

HKLM, software\Microsoft\Windows\CurrentVersion\Internet Settings\User
Agent\Post Platform

HKLM, SOFTWARE\Microsoft\Software Notifier

HKLM, SYSTEM\ControlSet001\Services\125c1fb5

HKLM, SYSTEM\ControlSet002\Services\125c1fb5

HKLM, SYSTEM\CurrentControlSet\Services\125c1fb5

5. Delete the file list like :

C:\WINDOWS\system32\CbEvtSvc.exe

C:\Documents and Settings\Your User Name\Local Settings\Temp\lfq0kzgs.exe

C:\Documents and Settings\Your User Name\Local Settings\Temp\.xx1.tmp.vbs
(xx=random).

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\smss.exe

C:\WINDOWS\system32\lphc7nvj0e52e.exe

C:\WINDOWS\system32\phc7nvj0e52e.bmp

C:\WINDOWS\system32\phc7nvj0e52e.bmp

C:\WINDOWS\system32\blphc7nvj0e52e.scr

C:\WINDOWS\system32\phc7nvj0e52e.bmp

C:\windows\system32\drivers\xxx.sys (xxx random with size 108 KB)

C:\Documents and Settings\LocalService\Application Data\584289103.exe

C:\Program Files\rhc3nvj0e52e

C:\Windows\system32\pphc7nvj0e52e.exe

C:\Documents and Settings\LocalService\Application Data\rhc3nvj0e52e

C:\Documents and Settings\Your User Name\Application Data\rhc3nvj0e52e.exe

C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus XP 2008

C:\Documents and Settings\Your User Name\Application Data\Microsoft\Internet
Explorer\Quick Launch\Antivirus XP 2008.lnk

C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus XP 2008.lnk

C:\Documents and Settings\All Users\Desktop\Antivirus XP 2008.lnk

6. Don`t forget to intall antivirus up to date recommended like kaspersky, avg, mcafee etc.

7. I hope that is help you.

Remove Virus Amburadul ( W32/Amburadul or W32/Agent.EQXM )

He never ceases to disseminate their knowledge and never leave them alive forever. This article is how to remove the virus amburadul Varian for all without antivirus program can be cleaned simply by using the technical manual.

The easy way to tell if your computer infected by this virus will be JPEG files with the extension application. Now let's start removing!

1. Unplug your computer infected its network to stop the spread of this virus.

2. Turn off "System Restore" when in the cleaning process.

3. Killing the virus process using power tools "currprocess" kill all processes with JPG icon.

4. Repair registration that has already changed by the virus using this code and save as
repair.inf :

[Version]

Signature="$Chicago$"

Provider=Vaksincom



[DefaultInstall]

AddReg=UnhookRegKey

DelReg=del





[UnhookRegKey]

HKLM, Software\CLASSES\batfile\shell\open\command,,,"""%1"" %*"

HKLM, Software\CLASSES\comfile\shell\open\command,,,"""%1"" %*"

HKLM, Software\CLASSES\exefile\shell\open\command,,,"""%1"" %*"

HKLM, Software\CLASSES\piffile\shell\open\command,,,"""%1"" %*"

HKLM, Software\CLASSES\regfile\shell\open\command,,,"regedit.exe "%1""

HKLM, Software\CLASSES\scrfile\shell\open\command,,,"""%1"" %*"

HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, Shell,0,
"Explorer.exe"

HKLM,
SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\HideFileExt,
UncheckedValue,0x00010001,0

HKLM,
SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\HideFileExt,CheckedValue,0x00010001,1

HKLM,
SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\HideFileExt,DefaultValue,0x00010001,1

HKLM,
SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden,
UncheckedValue,0x00010001,1

HKLM,
SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden,
CheckedValue,0x00010001,0

HKLM,
SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden,
DefaultValue,0x00010001,0

HKCU, Software\Microsoft\Internet Explorer\Main, Start Page,0, "about:blank"

HKLM,
SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\HideFileExt,
type,0, "checkbox"

HKLM,
SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden,
type,0, "checkbox"

HKCU, Control Panel\International, s1159,0, "AM"

HKCU, Control Panel\International, s2359,0, "PM"

HKLM, SYSTEM\ControlSet001\Control\SafeBoot, AlternateShell,0, "cmd.exe"

HKLM, SYSTEM\CurrentControlSet\Control\SafeBoot, AlternateShell,0, "cmd.exe"

HKCU, Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced,
ShowSuperHidden,0x00010001,1

HKCU, Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced,
SuperHidden,0x00010001,1

HKCU, Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced,
HideFileExt,0x00010001,0



[del]

HKCU, Software\Microsoft\Internet Explorer\Main, Window Title

HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution
Options\kspoold.exe

HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution
Options\kspool.exe

HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution
Options\msconfig.exe

HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution
Options\rstrui.exe

HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution
Options\wscript.exe

HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution
Options\mmc.exe

HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution
Options\HokageFile.exe

HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution
Options\Rin.exe

HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution
Options\cmd.exe

HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution
Options\SMP.exe

HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution
Options\taskkill.exe

HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution
Options\tasklist.exe

HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution
Options\Obito.exe

HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution
Options\KakashiHatake.exe

HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution
Options\PCMAV-CLN.exe

HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution
Options\PCMAV-RTP.exe

HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution
Options\boot.exe

HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution
Options\HOKAGE4.exe

HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution
Options\PCMAV

HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution
Options\PCMAV

HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution
Options\Ansav.exe

HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution
Options\Setup.exe,debugger

HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution
Options\Instal.exe, debugger

HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution
Options\Install.exe,debugger

HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution
Options\procexp.exe

HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution
Options\msiexec.exe

HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution
Options\taskmgr.exe

HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution
Options\Ansavgd.exe

HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System,
DisableRegistryTools

HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\Explorer, NoFind

HKLM, SOFTWARE\Policies\Microsoft\Windows\Installer, DisableMSI

HKLM, SOFTWARE\Policies\Microsoft\Windows\Installer,
LimitSystemRestoreCheckpointing

HKCR, exefile, NeverShowExt

HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Run, PaRaY_VM

HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ConfigVir

HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Run, NviDiaGT

HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Run, NarmonVirusAnti

HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Run, AVManager

HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System, EnableLUA

HKLM, SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore

5. Remove virus captain in %systemroot%\system32\~A~m~B~u~R~a~D~u~L~ before doing so you have to make hidden files are made visible.

Then, delete the file from this list:

csrcc.exe

smss.exe

lsass.exe

services.exe

winlogon.exe

Paraysutki_VM_Community.sys

msvbvm60.dll

Drive: \ autorun.inf

Drive: \ FoToKu xx-x-*. exe, where "x" indicates the date on which the virus
active

Drive: \ Friendster Community.exe

Drive: \ J3MbataN K4HaYan.exe

Drive: \ MyImages.exe

Drive: \ PaLMa.exe

Drive: \ Images

6. Don`t forget to install anti virus up to date.