Posts Tagged ‘Virus’

Steps To Remove Unwise.exe Virus

Monday, August 31st, 2009

Note: This manual virus removal tips process may be difficult and you run the risk of destroying your computer. We recommend that you use the SpyHunter’s spyware detection tool to check for unwise.exe.

Step 1: Remove unwise.exe Processes using Windows Task Manager

  • To open the Windows Task Manager, use the combination of CTRL+ALT+DEL or CTRL+SHIFT+ESC.
  • Click on the “Image Name” button to search for ” unwise.exe” process by name.
  • Select the ” unwise.exe” process and click on the “End Process” button to kill it.

Step 2: Find unwise.exe Path using Windows File Search Tool

  • Go to Start > Search > All Files or Folders.
  • In the “All or part of the the file name” section, type in ” unwise.exe” file name(s).
  • To get better results, select “Look in: Local Hard Drives” or “Look in: My Computer” and then click “Search” button.
  • When Windows finishes your search, hover over the “In Folder” of ” unwise.exe”, highlight the file and copy/paste the path into the address bar. Save the file’s path on your clipboard because you’ll need the file path to delete unwise.exe in the following manual removal steps.

Step 3: Registry Clearing

Take START then Command Prompt–>Type regedit then Click OK.After one window open .Click on Ctrl+F and type umwise_.exe.Click Search Button and all (unwise_.exe)entries deleted.

Step 4: Detect and Delete Other unwise.exe Files

  • To open the Windows Command Prompt, go to Start > Run > cmd and then press the “OK” button.
  • Type in “dir /A name_of_the_folder” (for example, C:\Spyware-folder), which will display the folder’s content even the hidden files.
  • To change directory, type in “cd name_of_the_folder”.
  • Once you have the file you’re looking for type in del “name_of_the_file”.
  • To delete a file in folder, type in “del name_of_the_file”.
  • To delete the entire folder, type in “rmdir /S name_of_the_folder”.
  • Select the ” unwise.exe” process and click on the “End Process” button to kill it.

Tags: , ,
Posted in Security, Virus | No Comments »

Steps To Kill Full House Viruses

Wednesday, August 19th, 2009

Another virus that threatens the computer users is FullHouse virus. Characteristic of this virus is to create one additional drive with the name FullHouse Drive.

The virus is made using Visual Basic programming language. In the conduct action, it will make the drive in the Desktop, My computer and Control Panel that will show the image “Han Ji Eun” artist in the beautiful series Full House while it’s being opened.

To clean the virus, see the following steps:

Scan virus that is located in the directory C: RECYCLER with antivirus that can detect this virus with both. Vaksincom use Norman Security Suite.

After the scan is completed, there are files with virus deleted files status (defered) means the file will be removed when the windows restart

-Click the Close button Clean ago at the time of the Norman Security Suite also will ask the computer to restart

To renormalize registry that has been created by the virus, open Notepad then copy the script below:

[Version]

Signature=”$Chicago$”
Provider=Vaksincom Oyee
[DefaultInstall]
AddReg=UnhookRegKey
DelReg=del
[UnhookRegKey]
HKCR, batfileshellopencommand,,,”"”%1″” %*”
HKCR, comfileshellopencommand,,,”"”%1″” %*”
HKCR, exefileshellopencommand,,,”"”%1″” %*”
HKCR, piffileshellopencommand,,,”"”%1″” %*”
HKCR, lnkfileshellopencommand,,,”"”%1″” %*”
HKCR, scrfileshellopencommand,,,”"”%1″” %*”
HKCU, SoftwareMicrosoftWindowsCurrentVersionExplorerAdvanced,
HKLM, SOFTWAREClassesexefileDefaultIcon,,,”"%1″”
HKLM, SOFTWAREClassesexefile,,,”Application”
HKLM, SoftwareCLASSESexefileshellopencommand,,,”"”%1″” %*”
HKLM, SoftwareCLASSESregfileshellopencommand,,,”regedit.exe “%1″”

[del]

HKLM, SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorerRun, Task
Manager
HKCU, SoftwareMicrosoftWindowsCurrentVersionPoliciesExplorerRun, Manager Task
HKCR, exefile, NeverShowExt
HKCR, CLSID{10020D75-0000-0000-C000-000000000000}
HKLM, SOFTWAREClassesCLSID{10020D75-0000-0000-C000-000000000000}

Save-as “repair.inf” select Save As Type choose All Files

Run-repair.inf with a right click and select install

-Delete the file created by the virus with the following characteristics:
File type “application”
Extension “exe”
Size 168 kb

-To facilitate the process of searching the files of virus use “Search Windows”
with the filter *. exe files that have a size of 168 KB and the date modified
pertanggal 7/8/2008

Next-delete “FullHouse Drive” on the Desktop, My Computer and Control
Panel

Recovery-Folder on the Flash Disk that has been in the Hidden

To re-display the hidden folder on the flash. Use
command “attrib” in the command prompt.
Click “Start”
Click “Run”
Type “CMD”, then press the “Enter”

-Move the directory to position Flash Disk drive, eg the type E
the E: and press “enter”

-Then type the command attrib-s-h-r / s / d and press the
“enter

Tags: , ,
Posted in Applications, Security, Tips And Tricks, Virus | No Comments »

Taking Care Of Malware For Twitter Users

Saturday, July 4th, 2009

Following the occurrence of phishing attacks (online data theft) to the Twitter users through the distribution of spam messages in bulk, Symantec Security Response has detected a false invitation Twitter bring worm email bulk dangerous.

Described Ronnie Ng, Manager of Systems Engineering & Singapore Indonesia Symantec, the name is dangerous insert Invitation Card.zip and identified as W32.Ackantta.B @ mm, which was first found in viruses attack e-card in February.

W32.Ackantta.B @ mm is a mass email worm collects email addresses from computers that are infected and spread with a copy to yourself flash disk / external hard drives and folders that can be accessed by many people.

“Messages are displayed as if sent from Twitter account. However, different from the original Twitter message, there is no URL appears in the body of the invitation email. In fact the user will see the insertion that appears as a. Zip which contains the card, such as invitations, “he said in the caption to detikINET, Tuesday (30/6/2009).

This insertion of a malicious worm that collects bulk email addresses of computers that are infected and spread with a copy to yourself flash disk / external disks and folders that can be accessed by many people.

In May 2009, Symantec observed that spam levels increased to levels approaching 90% of all email, consistent with the level observed in May 2008.

“As Twitter continues to achieve popularity among users of social networks, people routinely receive email updates and invitations from other users. Symantec estimates spammers will continue to use Twitter and social networks as a popular bait in their attacks,” he said.

Tags: , , ,
Posted in Applications, Cyber News, Security, Virus | No Comments »

Six Steps To Kill Virus On Yahoo Messenger

Sunday, February 22nd, 2009

Coutsonif.A, the virus that attacks the Yahoo Messenger and Skype’s users should be. This virus spreads by sending itself to all contacts in the address of the application from the infected computer.

Message at a glance like a message in general. Remember to not click the sent by your friend. The message was not sent by your colleagues, but by viruses that have been successfully infected your friend’s computer.

Well, if already infected, then it will automatically create a random file name with the extension .tmp and. exe that will be stored in the directory C:Documents and SettingsusernameLocal SettingsTemp with the different name different.

(more…)

Tags: , , ,
Posted in Security, Virus | 3 Comments »

20 Most Popular Crash Maker Software

Saturday, February 7th, 2009

Security Kaspersky Network (KSN) displays a list of two of the top 20 malicious programs for the period from January 2009. The first list contains the details of evil, and the ad program “brake” on the computer. While the second list shows the data in general programs, which attacks the evil object in the user’s computer.

(more…)

Tags: , ,
Posted in Security, Virus | No Comments »

“Hopeless” Virus In New Year 2009

Wednesday, January 7th, 2009

Computer users who are whiners ngoprek be careful if you have a folder named “wrong” Credit Card “,” Hack “and” XXX. “Never open when your computer does not want to be” without hope “because the virus infected the latest hopeless.

Virus from Vaksincom analyst Adi Saputra said that the virus actually Hopeless at the end of the year 2007, but this time seems to continue Hopeless previous Part II appear to prey.

(more…)

Tags: , ,
Posted in Security, Virus | No Comments »