Also to remember, be careful on the online forum on the Internet that provides links to suspicious or not you believe in its validity.
Especially for companies with computers in a network that many, Vaksincom recommend that you do IP-IP filter suspicious. The results of filtering using Vaksincom NNP conducted on ISP traffic in Indonesia confirms that W32/OnlineGames is a real threat to watch out for the moment.
However, if you are already infected with this trojan, you inevitably have a little struggle to clean viruses OnlineGames, before the critical data you stolen by this Trojan. Here are the steps to remove:
1. Disable System Restore (XP / ME) (when used)
2. Turn off the virus. Use the Windows Task Manager to kill the virus process.
3. Perform End Process on the current virus files (liser.exe)
4. Remove string registry that was created by the virus. To make it easier to use the registry script below.
Provider=Vaksincom Oeyy
HKLM, Software\CLASSES\batfile\shell\open\command,,,"""%1"" %*"
HKLM, Software\CLASSES\comfile\shell\open\command,,,"""%1"" %*"
HKLM, Software\CLASSES\exefile\shell\open\command,,,"""%1"" %*"
HKLM, Software\CLASSES\piffile\shell\open\command,,,"""%1"" %*"
HKLM, Software\CLASSES\regfile\shell\open\command,,,"regedit.exe ""%1"""
HKLM, Software\CLASSES\scrfile\shell\open\command,,,"""%1"" %*"
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs, 0
HKCU, Software\Microsoft\Windows\CurrentVersion\Run, Kell
Use the notepad, then save with the name "repair.inf" (use the Save As Type option to All Files to avoid mistakes).
5. Delete virus files (liser.exe & liser.dll) manually, which is in the folder "C: \ Program Files \ Manson" or can use tools Norman Malware Cleaner. You can download the following link http://normanasa.vo.llnwd.net/o29/public/Norman_Malware_Cleaner.exe
0 comment:
Post a Comment