[ITCENTER] Virus WORM_OPASERV.AA
Hi ITers Langsung aja neh, salah satu clientku kena virus WORM_OPASERV.AAhttp://www.antivirus.com/vinfo/virusencyclo/default5.asp?VName=WORM_OPASERV.AA, kami pake antri virus trend micro coorporate, dah kedetect, tapi gak bisa clean, coba pake avast tools bisa ngilangin, tapi beberapa jam kemudian muncul lagi, dan hal ini hanya terjadi pada komputer yang sama, tolong dong bagi yang punya removal yang bagus bisa di share. thank u -- Regards Toha --- Tiada kata akhir untuk belajar seperti juga tiada kata akhir untuk kehidupan, dan tugas paling sulit dalam hidup adalahbelajar untuk sabar. [Non-text portions of this message have been removed] -- www.itcenter.or.id - Komunitas Teknologi Informasi Indonesia Info, Gabung, Keluar, Mode Kirim : [EMAIL PROTECTED] :: Hapus bagian yang tidak perlu (footer, dst) saat reply! :: ## Jobs: itcenter.or.id/jobs ## Bursa: itcenter.or.id/bursa ## $$ Iklan/promosi : www.itcenter.or.id/sponsorship $$ [@@] Jaket ITCENTER tersedia di http://shop.itcenter.or.id Yahoo! Groups Links * To visit your group on the web, go to: http://groups.yahoo.com/group/ITCENTER/ * To unsubscribe from this group, send an email to: [EMAIL PROTECTED] * Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
RE: Spam:[ITCENTER] Virus WORM_OPASERV.AA
Perintah2 yang ada di :http://www.antivirus.com/vinfo/virusencyclo/default5.asp?VName=WORM_OPASERV.AA dah dijalanin belon? Termasuk ke registrynya?... Tahap2an harus di jalanin dulu untuk menghilangkan virus/worm nya. Semoga membantu Terminating the Malware Program This procedure terminates the running malware process from memory. 1. Open Windows Task Manager. Masuk ke TASK MANAGER, stop proses speedy.bat On Windows 95/98/ME systems, press CTRL+ALT+DELETE On Windows NT/2000/XP systems, press CTRL+SHIFT+ESC, and click the Processes tab. 2. In the list of running programs*, locate the process: SPEEDY.BAT 3. Select the malware process, then press either the End Task or the End Process button, depending on the version of Windows on your system. 4. To check if the malware process has been terminated, close Task Manager, and then open it again. 5. Close Task Manager. *NOTE: On systems running Windows 95/98/ME, Windows Task Manager may not show certain processes. You may use a third party process viewer to terminate the malware process. Otherwise, continue with the next procedure, noting additional instructions. Removing Autostart Entries from the Registry Removing autostart entries from the registry prevents the malware from executing during startup. To remove the malware autostart entries: 1. Open Registry Editor. To do this, click StartRun, type Regedit, then press Enter. MAsuk ke registry, hapus value Spees2 = %Windows%\SPEEDY.BAT di HKEY_LOCAL_MACHINESoftwareMicrosoftRun WindowsCurrentVersionRun 2. In the left panel, double-click the following: HKEY_LOCAL_MACHINESoftwareMicrosoft WindowsCurrentVersionRun 3. In the right panel, locate and delete the entry or entries: Spees2 = %Windows%\SPEEDY.BAT Note: %Windows% is the default Windows folder, usually C:\Windows or C:\WinNT. 4. Close Registry Editor. -Original Message- From: ITCENTER@yahoogroups.com [mailto:[EMAIL PROTECTED] Behalf Of Toha Sent: Tuesday, February 07, 2006 4:04 PM To: ITCENTER@yahoogroups.com Subject: Spam:[ITCENTER] Virus WORM_OPASERV.AA Hi ITers Langsung aja neh, salah satu clientku kena virus WORM_OPASERV.AAhttp://www.antivirus.com/vinfo/virusencyclo/default5.asp?VName=WORM_OPASERV.AA, kami pake antri virus trend micro coorporate, dah kedetect, tapi gak bisa clean, coba pake avast tools bisa ngilangin, tapi beberapa jam kemudian muncul lagi, dan hal ini hanya terjadi pada komputer yang sama, tolong dong bagi yang punya removal yang bagus bisa di share. thank u -- Regards Toha --- Tiada kata akhir untuk belajar seperti juga tiada kata akhir untuk kehidupan, dan tugas paling sulit dalam hidup adalahbelajar untuk sabar. [Non-text portions of this message have been removed] -- www.itcenter.or.id - Komunitas Teknologi Informasi Indonesia Info, Gabung, Keluar, Mode Kirim : [EMAIL PROTECTED] :: Hapus bagian yang tidak perlu (footer, dst) saat reply! :: ## Jobs: itcenter.or.id/jobs ## Bursa: itcenter.or.id/bursa ## $$ Iklan/promosi : www.itcenter.or.id/sponsorship $$ [@@] Jaket ITCENTER tersedia di http://shop.itcenter.or.id Yahoo! Groups Links [Non-text portions of this message have been removed] -- www.itcenter.or.id - Komunitas Teknologi Informasi Indonesia Info, Gabung, Keluar, Mode Kirim : [EMAIL PROTECTED] :: Hapus bagian yang tidak perlu (footer, dst) saat reply! :: ## Jobs: itcenter.or.id/jobs ## Bursa: itcenter.or.id/bursa ## $$ Iklan/promosi : www.itcenter.or.id/sponsorship $$ [@@] Jaket ITCENTER tersedia di http://shop.itcenter.or.id Yahoo! Groups Links * To visit your group on the web, go to: http://groups.yahoo.com/group/ITCENTER/ * To unsubscribe from this group, send an email to: [EMAIL PROTECTED] * Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
Re: [ITCENTER] Virus WORM_OPASERV.AA
Virus ini tergolong virus yang lama dan Micrsoft sudah mengeluarkan patch untuk virus ini; bisa di download: http://www.microsoft.com/technet/security/bulletin/MS00-72.asp Download sesuai dengan OS anda; XP, Win2000 atau server 2003 Virus ini beranak pinak bisa melalui Drive yang di share oleh sebab itu; salah satu policy yang masih relevan adalah memutus kompie yang terinfeksi dari network terlebih dahulu; setelah itu baru scan dengan AV dan dilanjutkan dengan install patch yang sudah di download tersebut. Semoga membantu anda... Salam, 354 BenQ On 2/7/06, Toha [EMAIL PROTECTED] wrote: Hi ITers Langsung aja neh, salah satu clientku kena virus WORM_OPASERV.AA http://www.antivirus.com/vinfo/virusencyclo/default5.asp?VName=WORM_OPASERV.AA , kami pake antri virus trend micro coorporate, dah kedetect, tapi gak bisa clean, coba pake avast tools bisa ngilangin, tapi beberapa jam kemudian muncul lagi, dan hal ini hanya terjadi pada komputer yang sama, tolong dong bagi yang punya removal yang bagus bisa di share. thank u -- Regards Toha --- Tiada kata akhir untuk belajar seperti juga tiada kata akhir untuk kehidupan, dan tugas paling sulit dalam hidup adalahbelajar untuk sabar. [Non-text portions of this message have been removed] -- www.itcenter.or.id - Komunitas Teknologi Informasi Indonesia Info, Gabung, Keluar, Mode Kirim : [EMAIL PROTECTED] :: Hapus bagian yang tidak perlu (footer, dst) saat reply! :: ## Jobs: itcenter.or.id/jobs ## Bursa: itcenter.or.id/bursa ## $$ Iklan/promosi : www.itcenter.or.id/sponsorship $$ [@@] Jaket ITCENTER tersedia di http://shop.itcenter.or.id Yahoo! Groups Links -- Salam, 354 BenQ [Non-text portions of this message have been removed] -- www.itcenter.or.id - Komunitas Teknologi Informasi Indonesia Info, Gabung, Keluar, Mode Kirim : [EMAIL PROTECTED] :: Hapus bagian yang tidak perlu (footer, dst) saat reply! :: ## Jobs: itcenter.or.id/jobs ## Bursa: itcenter.or.id/bursa ## $$ Iklan/promosi : www.itcenter.or.id/sponsorship $$ [@@] Jaket ITCENTER tersedia di http://shop.itcenter.or.id Yahoo! Groups Links * To visit your group on the web, go to: http://groups.yahoo.com/group/ITCENTER/ * To unsubscribe from this group, send an email to: [EMAIL PROTECTED] * Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
RE: [ITCENTER] Virus WORM_OPASERV.AA
-Original Message- From: ITCENTER@yahoogroups.com [mailto:[EMAIL PROTECTED] On Behalf Of Toha Sent: Tuesday, February 07, 2006 4:04 PM To: ITCENTER@yahoogroups.com Subject: [ITCENTER] Virus WORM_OPASERV.AA Hi ITers Langsung aja neh, salah satu clientku kena virus WORM_OPASERV.AAhttp://www.antivirus.com/vinfo/virusencyclo/de fault5.asp?VName=WORM_OPASERV.AA, kami pake antri virus trend micro coorporate, dah kedetect, tapi gak bisa clean, coba pake avast tools bisa ngilangin, tapi beberapa jam kemudian muncul lagi, dan hal ini hanya terjadi pada komputer yang sama, tolong dong bagi yang punya removal yang bagus bisa di share. thank u -- Regards Toha Anda belum kenal sama anti-virus yang namanya patches? Googling dulu pakai kata kunci Microsoft Windows patches. Salam Albert -- www.itcenter.or.id - Komunitas Teknologi Informasi Indonesia Info, Gabung, Keluar, Mode Kirim : [EMAIL PROTECTED] :: Hapus bagian yang tidak perlu (footer, dst) saat reply! :: ## Jobs: itcenter.or.id/jobs ## Bursa: itcenter.or.id/bursa ## $$ Iklan/promosi : www.itcenter.or.id/sponsorship $$ [@@] Jaket ITCENTER tersedia di http://shop.itcenter.or.id Yahoo! Groups Links * To visit your group on the web, go to: http://groups.yahoo.com/group/ITCENTER/ * To unsubscribe from this group, send an email to: [EMAIL PROTECTED] * Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
Re: Spam:[ITCENTER] Virus WORM_OPASERV.AA
terimakasih teman2 atas bantuannya,senang sekali ikut gabung dengan millis seperti ini, Pada tanggal 2/7/06, Makatal [IT - HQ] [EMAIL PROTECTED] menulis: Perintah2 yang ada di : http://www.antivirus.com/vinfo/virusencyclo/default5.asp?VName=WORM_OPASERV.AAdah dijalanin belon? Termasuk ke registrynya?... Tahap2an harus di jalanin dulu untuk menghilangkan virus/worm nya. Semoga membantu Terminating the Malware Program This procedure terminates the running malware process from memory. 1. Open Windows Task Manager. Masuk ke TASK MANAGER, stop proses speedy.bat On Windows 95/98/ME systems, press CTRL+ALT+DELETE On Windows NT/2000/XP systems, press CTRL+SHIFT+ESC, and click the Processes tab. 2. In the list of running programs*, locate the process: SPEEDY.BAT 3. Select the malware process, then press either the End Task or the End Process button, depending on the version of Windows on your system. 4. To check if the malware process has been terminated, close Task Manager, and then open it again. 5. Close Task Manager. *NOTE: On systems running Windows 95/98/ME, Windows Task Manager may not show certain processes. You may use a third party process viewer to terminate the malware process. Otherwise, continue with the next procedure, noting additional instructions. Removing Autostart Entries from the Registry Removing autostart entries from the registry prevents the malware from executing during startup. To remove the malware autostart entries: 1. Open Registry Editor. To do this, click StartRun, type Regedit, then press Enter. MAsuk ke registry, hapus value Spees2 = %Windows%\SPEEDY.BAT di HKEY_LOCAL_MACHINESoftwareMicrosoftRun WindowsCurrentVersionRun 2. In the left panel, double-click the following: HKEY_LOCAL_MACHINESoftwareMicrosoft WindowsCurrentVersionRun 3. In the right panel, locate and delete the entry or entries: Spees2 = %Windows%\SPEEDY.BAT Note: %Windows% is the default Windows folder, usually C:\Windows or C:\WinNT. 4. Close Registry Editor. -Original Message- From: ITCENTER@yahoogroups.com [mailto:[EMAIL PROTECTED] Behalf Of Toha Sent: Tuesday, February 07, 2006 4:04 PM To: ITCENTER@yahoogroups.com Subject: Spam:[ITCENTER] Virus WORM_OPASERV.AA Hi ITers Langsung aja neh, salah satu clientku kena virus WORM_OPASERV.AA http://www.antivirus.com/vinfo/virusencyclo/default5.asp?VName=WORM_OPASERV.AA , kami pake antri virus trend micro coorporate, dah kedetect, tapi gak bisa clean, coba pake avast tools bisa ngilangin, tapi beberapa jam kemudian muncul lagi, dan hal ini hanya terjadi pada komputer yang sama, tolong dong bagi yang punya removal yang bagus bisa di share. thank u -- Regards Toha --- Tiada kata akhir untuk belajar seperti juga tiada kata akhir untuk kehidupan, dan tugas paling sulit dalam hidup adalahbelajar untuk sabar. [Non-text portions of this message have been removed] -- www.itcenter.or.id - Komunitas Teknologi Informasi Indonesia Info, Gabung, Keluar, Mode Kirim : [EMAIL PROTECTED] :: Hapus bagian yang tidak perlu (footer, dst) saat reply! :: ## Jobs: itcenter.or.id/jobs ## Bursa: itcenter.or.id/bursa ## $$ Iklan/promosi : www.itcenter.or.id/sponsorship $$ [@@] Jaket ITCENTER tersedia di http://shop.itcenter.or.id Yahoo! Groups Links [Non-text portions of this message have been removed] -- www.itcenter.or.id - Komunitas Teknologi Informasi Indonesia Info, Gabung, Keluar, Mode Kirim : [EMAIL PROTECTED] :: Hapus bagian yang tidak perlu (footer, dst) saat reply! :: ## Jobs: itcenter.or.id/jobs ## Bursa: itcenter.or.id/bursa ## $$ Iklan/promosi : www.itcenter.or.id/sponsorship $$ [@@] Jaket ITCENTER tersedia di http://shop.itcenter.or.id Yahoo! Groups Links -- Regards Toha --- Tiada kata akhir untuk belajar seperti juga tiada kata akhir untuk kehidupan, dan tugas paling sulit dalam hidup adalahbelajar untuk sabar. [Non-text portions of this message have been removed] -- www.itcenter.or.id - Komunitas Teknologi Informasi Indonesia Info, Gabung, Keluar, Mode Kirim : [EMAIL PROTECTED] :: Hapus bagian yang tidak perlu (footer, dst) saat reply! :: ## Jobs: itcenter.or.id/jobs ## Bursa: itcenter.or.id/bursa ## $$ Iklan/promosi : www.itcenter.or.id/sponsorship $$ [@@] Jaket ITCENTER tersedia di http://shop.itcenter.or.id Yahoo! Groups Links * To visit your group on the web, go to: http://groups.yahoo.com/group/ITCENTER/ * To unsubscribe from this group, send an email to: [EMAIL PROTECTED] * Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
