You May Be A Victim Of Software Counterfeiting

When you log on to a computer with non-genuine copy of Windows XP, the possible notification error message “This copy of Windows is not genuine” will be pop-up on the logon process..You maybe seen this picture.

Read the rest of this entry »

DAFTAR HARGA PEMANCAR RADIO FM RADIO KAMPUS ITB

Harga Per Kit Pemancar Radio FM:

1. Modulator FM 88 – 108 MHz with PLL (Output Max 1 ) Rp.     900.000,00
2. Stereo Encoder 38Khz (kristal)   Rp.     350.000,00
3. Power Supply (Output Max: 25V 5A)   Rp.     200.000,00
4. Power Supply (Output Max: 25V 25A)   Rp.     500.000,00 Read the rest of this entry »

Linux Command

Aku baru belajar linux nih, kemaren ngulik-ngulik dan udah belakar bebrapa command sederhana

cp

untuk meng-copy file, kalau yang dicopy berupa folder, tambahkan variable cp -r

rm

untuk menghapus file, kalau yang dihapus berupa Read the rest of this entry »

TEKNOLOGI TERBARU

Sekarang coba kita lihat apa yang orang jepang lakukan

Read the rest of this entry »

Tips: 5 Langkah Bersihkan Virus Huhuhaha

1. Putuskan komputer yang akan dibersihkan dari jaringan/internet.
2. Matikan proses virus yang aktif pada memori.

Gunakan Windows Task Manager untuk mematikan proses virus, yaitu dengan nama “wscript.exe”. (wscript.exe merupakan file windows yang digunakan untuk menjalankan file vbscript).

3. Hapus file virus berikut:
• autorun.inf (pada semua root drive)
• huhuhaha.vbs (pada semua root drive)
• C:-WINDOWS-system32-XpWin.vbs

Catatan:
• Sebaiknya tampilkan file yang tersembunyi agar mempermudah dalam proses pencarian file virus. (virus memiliki atribut file Hidden, Archive, System, dan Read-Only). Caranya pada Windows Explorer pilih Tools>>Folder Options>>View>>Show hidden files and folders
• Untuk mempermudah proses pencarian sebaiknya gunakan fasilitas “Search” Windows dengan filter file autorun.inf dan *.vbs yang mempunyai ukuran 6 KB.

4. Hapus string registry yang dibuat oleh virus. Untuk mempermudah dapat menggunakan script registry di bawah ini :

[Version]
Signature=”$Chicago$”
Provider=Vaksincom Oyee

[UnhookRegKey]
HKLM, SOFTWARE-Microsoft-Security Center, AntiVirusDisableNotify, 0×00000000,0
HKLM, SOFTWARE-Microsoft-Security Center, FirewallDisableNotify, 0×00000000,0
HKLM, SOFTWARE-Microsoft-Security Center, UpdatesDisableNotify, 0×00000000,0
HKLM, SOFTWARE-Microsoft-Windows NT-CurrentVersion, RegisteredOrganization, 0, “Organization”
HKLM, SOFTWARE-Microsoft-Windows NT-CurrentVersion, RegisteredOwner, 0, “Owner”
HKLM, SOFTWARE-Microsoft-Windows NT-CurrentVersion-SystemRestore, DisableSR, 0×00000000,0
HKLM, SYSTEM-ControlSet001-Control-SafeBoot, AlternateShell, 0, “cmd.exe”
HKLM, SYSTEM-ControlSet002-Control-SafeBoot, AlternateShell, 0, “cmd.exe”
HKLM, SYSTEM-ControlSet003-Control-SafeBoot, AlternateShell, 0, “cmd.exe”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot, AlternateShell, 0, “cmd.exe”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-{36FC9E60-C465-11CF-8056-444553540000}, (default), “Universal Serial Bus controller”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-{4D36E965-E325-11CE-BFC1-08002BE10318}, (default), “CD-ROM Drive”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-{4D36E967-E325-11CE-BFC1-08002BE10318}, (default), “DiskDrive”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-{4D36E969-E325-11CE-BFC1-08002BE10318}, (default), “Standar floppy disk controller”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-{4D36E96A-E325-11CE-BFC1-08002BE10318}, (default), “Hdc”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-{4D36E96B-E325-11CE-BFC1-08002BE10318}, (default), “Keyboard”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-{4D36E96F-E325-11CE-BFC1-08002BE10318}, (default), “Mouse”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-{4D36E977-E325-11CE-BFC1-08002BE10318}, (default), “PCMCIA Adapters”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-{4D36E97B-E325-11CE-BFC1-08002BE10318}, (default), “SCSIAdapters”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-{4D36E97D-E325-11CE-BFC1-08002BE10318}, (default), “System”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-{4D36E980-E325-11CE-BFC1-08002BE10318}, (default), “Floppy disk drive”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-{71A27CDD-812A-11D0-BEC7-08002BE2092F}, (default), “Volume”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}, (default), “Human Interfaces Devices”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-AppMgmt, (default), “Service”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-Base, (default), “Driver Group”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-Boot Bus Extender, (default), “Driver Group”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-Boot file system, (default), “Driver Group”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-CryptSvc, (default), “Service”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-DcomLaunch, (default), “Service”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-dmadmin, (default), “Service”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-dmboot.sys, (default), “Driver”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-dmio.sys, (default), “Driver”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-dmload.sys, (default), “Driver”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-dmserver, (default), “Service”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-EventLog, (default), “Service”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-File system, (default), “Driver Group”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-Filter, (default), “Driver Group”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-HelpSvc, (default), “Service”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-Netlogon, (default), “Service”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-PCI Configuration, (default), “Driver Group”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-PlugPlay, (default), “Service”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-PNP Filter, (default), “Driver Group”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-Primary disk, (default), “Driver Group”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-RpcSs, (default), “Service”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-SCSI Class, (default), “Driver Group”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-sermouse.sys, (default), “Driver”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-sr.sys, (default), “FSFilter System Recovery”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-SRService, (default), “Service”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-System Bus Extender, (default), “Driver Group”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-vga.sys, (default), “Driver”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-vgasave.sys, (default), “Driver”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Minimal-WinMgmt, (default), “Service”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-{36FC9E60-C465-11CF-8056-444553540000}, (default), “Universal Serial Bus controller”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-{4D36E965-E325-11CE-BFC1-08002BE10318}, (default), “CD-ROM Drive”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-{4D36E967-E325-11CE-BFC1-08002BE10318}, (default), “DiskDrive”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-{4D36E969-E325-11CE-BFC1-08002BE10318}, (default), “Standar floppy disk controller”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-{4D36E96A-E325-11CE-BFC1-08002BE10318}, (default), “Hdc”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-{4D36E96B-E325-11CE-BFC1-08002BE10318}, (default), “Keyboard”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-{4D36E96F-E325-11CE-BFC1-08002BE10318}, (default), “Mouse”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-{4D36E972-E325-11CE-BFC1-08002BE10318}, (default), “Net”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-{4D36E973-E325-11CE-BFC1-08002BE10318}, (default), “NetClient”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-{4D36E974-E325-11CE-BFC1-08002BE10318}, (default), “NetService”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-{4D36E975-E325-11CE-BFC1-08002BE10318}, (default), “NetTrans”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-{4D36E977-E325-11CE-BFC1-08002BE10318}, (default), “PCMCIA Adapters”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-{4D36E97B-E325-11CE-BFC1-08002BE10318}, (default), “SCSIAdapters”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-{4D36E97D-E325-11CE-BFC1-08002BE10318}, (default), “System”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-{4D36E980-E325-11CE-BFC1-08002BE10318}, (default), “Floppy disk drive”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-{71A27CDD-812A-11D0-BEC7-08002BE2092F}, (default), “Volume”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}, (default), “Human Interfaces Devices”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-AFD, (default), “Service”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-AppMgmt, (default), “Service”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-Base, (default), “Driver Group”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-Boot Bus Extender, (default), “Driver Group”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-Boot file system, (default), “Driver Group”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-Browser, (default), “Service”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-CryptSvc, (default), “Service”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-DcomLaunch, (default), “Service”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-Dhcp, (default), “Service”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-dmadmin, (default), “Service”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-dmboot.sys, (default), “Driver”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-dmio.sys, (default), “Driver”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-dmload.sys, (default), “Driver”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-dmserver, (default), “Service”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-DnsCache, (default), “Service”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-EventLog, (default), “Service”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-File system, (default), “Driver Group”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-Filter, (default), “Driver Group”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-HelpSvc, (default), “Service”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-ip6fw.sys, (default), “Driver”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-ipnat.sys, (default), “Driver”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-LanmanServer, (default), “Service”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-LanmanWorkstation, (default), “Service”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-LmHosts, (default), “Service”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-Messenger, (default), “Service”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-NDIS, (default), “Driver Group”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-NDIS Wrapper, (default), “Driver Group”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-Ndisuio, (default), “Service”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-NetBIOS, (default), “Service”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-NetBIOSGroup, (default), “Driver Group”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-NetBT, (default), “Service”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-NetDDEGroup, (default), “Driver Group”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-Netlogon, (default), “Service”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-NetMan, (default), “Service”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-Network, (default), “Driver Group”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-NetworkProvider, (default), “Driver Group”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-NtLmSsp, (default), “Service”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-PCI Configuration, (default), “Driver Group”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-PlugPlay, (default), “Service”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-PNP Filter, (default), “Driver Group”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-PNP_TDI, (default), “Driver Group”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-Primary disk, (default), “Driver Group”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-rdpcdd.sys, (default), “Driver”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-rdpdd.sys, (default), “Driver”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-rdpwd.sys, (default), “Driver”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-rdsessmgr, (default), “Service”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-RpcSs, (default), “Service”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-SCSI Class, (default), “Driver Group”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-sermouse.sys, (default), “Driver”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-SharedAccess, (default), “Service”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-sr.sys, (default), “FSFilter System Recovery”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-SRService, (default), “Service”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-Streams Drivers, (default), “Driver Group”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-System Bus Extender, (default), “Driver Group”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-Tcpip, (default), “Service”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-TDI, (default), “Driver Group”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-tdpipe.sys, (default), “Driver”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-tdtcp.sys, (default), “Driver”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-termservice, (default), “Service”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-vga.sys, (default), “Driver”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-vgasave.sys, (default), “Driver”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-WinMgmt, (default), “Service”
HKLM, SYSTEM-CurrentControlSet-Control-SafeBoot-Network-WZCSVC, (default), “Service”

[del]
HKCU, Software-Microsoft-Windows-CurrentVersion-RunMRU, a
HKCU, Software-Microsoft-Internet Explorer-Main, Window Title
HKLM, SOFTWARE-Microsoft-Windows-CurrentVersion-Run, Ageia
HKLM, SOFTWARE-Microsoft-Windows-CurrentVersion-Run, Systemdir
HKLM, SOFTWARE-Microsoft-Windows-CurrentVersion-Policies-system, EnableLUA
HKLM, SOFTWARE-Microsoft-Windows-CurrentVersion-Winlogon

Copy paste script tersebut ke dalam notepad kemudian simpan dengan nama “repair.inf” (gunakan pilihan Save As Type menjadi All Files agar tidak terjadi kesalahan).

5. Buka file repair.inf kemudian jalankan dengan cara klik kanan file tersebut kemudian pilih install.

Sumber: Vaksincom

Hati-hati Virus Huhuhaha

Windows Vista yang diklaim jauh lebih aman dari Windows XP ternyata menjadi tak berarti saat diserang virus ini. Virus Huhuhaha yang saat ini sedang marak menyebar di Indonesia berhasil menembus salah satu gerbang keamanan Windows Vista sehingga rentan serangan masuk.

Target serangan virus ini adalah UAC (User Account Control), salah satu fitur yang digunakan untuk mencegah program tidak diinginkan berjalan secara otomatis tanpa persetujuan pengguna komputer. Dengan melumpuhkan fungsi ini, komputer tak lagi meminta persetujuan untuk melakukan perintah.

Virus ini menyebar melalui USB (Flash maupun Drive) dan dilaporkan telah menyerang sejumlah instansi Pemerintah, BUMN, Perusahaan Swasta, Instansi Pendidikan, serta warnet-warnet di Indonesia.

Pembuat virus VBS (visual basic script) ini menamainya virus “HUHUHAHA”. Namun, Norman Security Suite mendeteksi varian virus tersebut sebagai VBS/Autorun.AO.

Ciri File Virus

Virus Huhuhaha dibuat dengan menggunakan bahasa pemrograman VBScript. File virus berukuran 6 kb, dan agar dapat menyebar secara otomatis ia akan membuat file pendamping yaitu “autorun.inf” yang berisi script untuk menjalankan file virus.

Jika virus berhasil menginfeksi, ia akan membuat beberapa file virus diantaranya :

• autorun.inf (pada semua root drive)
• huhuhaha.vbs (pada semua root drive)
• C:-WINDOWS-system32-XpWin.vbs

Virus juga akan mengcopy file “autorun.inf” dan “huhuhaha.vbs” pada setiap usb (flash/drive) yang ditancapkan/dicolokkan pada komputer yang terinfeksi. Semua file virus tersebut memiliki atribut file RHSA (Read, Hidden, System, Archive), sehingga tidak terlihat jika user tidak memunculkan menu hidden.

Gejala/Efek Virus

Jika sudah terinfeksi virus huhuhaha, akan menimbulkan gejala/efek berikut :

• Memunculkan text virus pada menu “Run”. (Lihat Gambar 3)
• Menonaktifkan system restore. Hal ini dilakukan agar user tidak dapat mengembalikan setingan system windows kembali seperti sebelum terinfeksi virus ini.
• Menambah header text virus pada Internet Explorer.
• Disable fungsi UAC (User Account Control) Windows Vista.
• Merubah nama registrasi computer dengan text virus.
• Menonaktifkan fungsi “safe mode” dan membuat “blue screen” windows. Saat user berusaha masuk melalui fitur safe mode, maka akan muncul blue screen. (Lihat Gambar 7)
• Mematikan fungsi Security Center Windows. Fitur ini digunakan untuk memastikan kondisi komputer dari 3 aspek keamanan yaitu Automatic Updates, Firewall dan Software Antivirus.

Metode Penyebaran

Sama seperti virus lokal lainnya, virus huhuhaha masih menggunakan media USB (flash/drive) sebagai penyebarannya. Virus akan membuat file “autorun.inf” dan “huhuhaha.vbs” pada setiap usb (flash/drive) yang ditancapkan/dicolokkan pada komputer yang terinfeksi. Kedua file tersebut akan aktif secara otomatis dengan hanya mengkases usb (drive/flash) tersebut.

Modifikasi Registry

Agar dapat aktif saat komputer dijalankan, virus membuat string berikut :

• HKEY_LOCAL_MACHINE-SOFTWARE -Microsoft-Windows-CurrentVersion-Run
Ageia = C:-WINDOWS-system32-XpWin.vbs
• HKEY_LOCAL_MACHINE-SOFTWARE-Microsoft-Windows-CurrentVersion-Run
Systemdir = C:-WINDOWS-huhuhaha.vbs
Agar dapat muncul pada menu Run, virus membuat string berikut :
• HKEY_CURRENT_USER-Software-Microsoft-Windows-CurrentVersion-RunMRU
a = huhuhaha

Walau tidak men-disable fungsi windows seperti task manager, folder options, regedit, dll, virus men-disable system restore dengan membuat string berikut :
• HKEY_LOCAL_MACHINE-SOFTWARE- Microsoft-Windows NT-CurrentVersion-SystemRestore
DisableSR = 1
Serta men-disable fungsi UAC (User Account Control) dengan membuat string berikut :
• HKEY_LOCAL_MACHINE-SOFTWARE- Microsoft-Windows-CurrentVersion-Policies-System
EnableLUA = 0×00000000

Selain itu, virus menambah caption text pada Internet Explorer dengan membuat string berikut :
• HKEY_CURRENT_USER-Software-Microsoft-Internet Explorer-Main
Window Title = huhuhaha
Kemudian, virus juga merubah registrasi komputerdengan membuat string berikut :
• HKEY_LOCAL_MACHINE-SOFTWARE- Microsoft-Windows NT-CurrentVersion
RegisteredOrganization = huhuhaha
RegisteredOwner = huhuhaha

Agar dapat muncul text virus saat login windows, virus membuat string berikut :
• HKEY_LOCAL_MACHINE-SOFTWARE- Microsoft-Windows NT-CurrentVersion
LegalNoticeCaption = huhuhaha virus
LegalNoticeText = huhuhaha

Untuk men-disable fungsi safe mode, virus men-”delete” string berikut :
• HKEY_LOCAL_MACHINE-SYSTEM-ControlSet001-Control-SafeBoot, AlternateShell
• HKEY_LOCAL_MACHINE-SYSTEM-ControlSet002-Control-SafeBoot, AlternateShell
• HKEY_LOCAL_MACHINE-SYSTEM-ControlSet003-Control-SafeBoot, AlternateShell
• HKEY_LOCAL_MACHINE-SYSTEM-CurrentControlSet-Control-SafeBoot, AlternateShell

Serta men-”delete” key berikut :
• HKEY_LOCAL_MACHINE-SYSTEM- CurrentControlSet-Control-SafeBoot-Minimal
• HKEY_LOCAL_MACHINE-SYSTEM-CurrentControlSet-Control-SafeBoot-Network
Terakhir, virus berusaha mematikan fungsi Security Center dengan membuat string berikut :
• HKEY_LOCAL_MACHINE-SOFTWARE-Microsoft-Security Center
AntivirusDisableNotify = 1
FirewallDisableNotify = 1
UpdatesDisableNotify = 1

Sumber: Vaksincom

Tune Up Utilities 2009

lagi iseng2 ngeliat list software-software baru, aku nemuin ini

Softwarenya

Serialnya

Reviewnya :

Fast, Effective Windows Optimization

• One-click overview of your PC performance
• Quick analysis of your PC’s hardware, operating system, and programs
• Real performance increases, real fast
• Easy-to-understand help functions

Safe Windows Optimization

• Provides you with safe and effective optimization results
• Corrects all mistakes created from previous tuning attempts
• Comprehensive and easy rollback ability for any changes made to your PC

Intelligent Windows Optimization Built in for Every PC

• Intelligent recommendations for your unique PC optimization
• Identifies your personal settings and protects them
• Highlights your PC’s optimization potential, including unused programs and resource-draining settings
• Recommends options and explains performance results before taking any action

Perfectly Designed for Your Windows Operating System

• Automatically detects and configures for your operating system
• Ideal for XP and Vista (32/64 bit) users
• Designed to leverage the unique features within each operating system

Serial Number AVG 8 for 10 years

ni buat temen2 yang make antivirus AVG 8, aku punya serial numbernya buat ngaktifin license AVG 8 selama 10 tahun. expired tahun 2018

download here

Membasmi sebuah Virus (aku belum tau namanya,hahahaha)

gila…

aku udah ketemu dua kali virus ini, kayaknya ni virus buatan orang thailand. ciri2nya dia nyerang langsung ke yahoo messenger. langsung ngirim ym ke list messenger kamu dengan bahasa2 aneh (kayaknya bahasa Thailand) yang diselipin sebuah alamat situs yang kalo dibuka dari ITb bakal ke blok, bisa dibilang itu situs berbahaya atau situs terlarang,ckckckck…

virus ini belum terdeteksi di PC MAV 1.93, kemungkinan ini virus baru banget. hal-hal yang terjadi kalo kamu kena virus ini adalah folder option komputer ke blok, ga bisa ngakses ke task manager dan regedit. aplikasi YM kamu jadi ngaco, suka ngirim pesan2 berbahasa aneh ke list messenger kamu.

gimana cara ngatasinnya???

Cara pertama dan yang paling gampang kalo kamu mau ngebenerin virus ini adalah instal ulang aja komputer kamu,hahaha…

ga dink,ada cara yang bisa kamu kerjain buat ngebersihin virus ini kok.

1.  unistall dulu YM kamu.

2. kalo kamu punya Tune Up Utilities atau software apapun yang bisa digunain buat ngakses registri editor, pake software itu. kalo kamu mau download Tune Up Utilities 2009.

3. kamu jalanin program tune up nya, pilih additional tool. klik di tune up registry editor.

4. masuk ke semua list berikut ini
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\

delete line Yahoo Messengger nya.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\policies\system

Delete line

“DisableTaskMgr“=dword:00000000

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Policies\System

delete line

"DisableRegistryTools"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Policies\System]

delete line

“DisableRegistryTools”=dword:00000000

5. lalu pilih start pilih my computer. di bagian tab tools pilih folder option, kalo udah ada berarti 1 langkahj lebih baik. kalo belum..

klik lagi start klik run, ketikkan msconfig.

6. klik tab start up, hilangkan check di RVHOST, lalu klik ok.

7. klik start lagi, pilih run kembali, ketik gpedit.msc.

8. masuk ke

User Configuration -> Administrative Templates -> System

set “Prevent access to Registry editing tools” menjadi Not Configured atau Disabled.

kemudian

User Configuration->Administrative Templates->System

cari Ctrl+Alt+Delete option, pilih Remove Task Manager

Double-click the Remove Task Manager option

bisa dilihat keteranngannya jika opsi ini akan me- Remove Task Manager, dengan memilih disabling the policy, artinya kita meng-enabling the Task Manager.

9. lalu kembali pilih start pilih my computer. di bagian tab tools pilih folder option, masuk ke tab view kemudian check bagian ini.

show hidden files and folders

hide protected operating system files(recommended)

pas mau buat check di bagian kedua, akan muncul peringatan, pilih aja ok.

10. masuk ke

C:\WINDOWS\Tasks\ delete  file At1.job

C:\WINDOWS\ delete file RVHOST.exe

C:\WINDOWSsystem32\ delete file RVHOST.exe

11. tinggal restart komputer kamu, beres…

maaf ya kalo kepanjangan..

hehehe..

created by: Andri Haryono

(dibuat setelah mengalami 2 kali kasus yang sama di komputer orang)

7 don’ts after a meal

nih buat teman2, hari sabtu&minggu, 22-23 nov ini, aku ikut “Pelatihan Pribadi Efektif” dari WRMA ITB, nih salah satu selingan menarik yang dikasih pas training..

here we go..

Don't smoke

 
- Experiment from experts proves that smoking a cigarette after meal is
comparable to smoking 10 cigarettes (chances of   cancer is higher).
 
Don't eat fruits immediately 
- Immediately eating fruits after meals will cause stomach to be bloated with air. Therefore take fruit 1-2 hr after meal or 1hr before meal.
 
Don't drink tea 
- Because tea leaves contain a high content of acid. This substance will cause the Protein content in the food we consume to be hardened thus difficult to digest.
 
Don't loosen your belt 
- Loosening the belt after a meal will easily cause the intestine to be twisted & blocked.
 
Don't bathe 
- Bathing will cause the increase of blood flow to the hands, legs &  body thus the amount of blood around the stomach will therefore decrease. This will  weaken the digestive system in our stomach.
 
Don't walk about 
- People always say that after a meal walk a hundred steps and you will live till 99. In actual fact this is not true. Walking will cause the digestive system to be unable to absorb the nutrition from the food we intake.
 
Don't sleep immediately 
- The food we intake will not be able to digest properly.  Thus will lead to gastric & infection in our intestine.
 

> > PLEASE FORWARD IT TO YOUR FRIENDS. LET THEM BE AWARE!!