Aku biasane ngresiki manual, carane: 1. Buting nggawe sef mot 2. Bua'en program-program sing kiro-kiro viruse, ati-ati soale a. biasane ga siji loro program koyok fluburung.b (mr_coolface) b. biasane nggawe jeneng file sing koyok file-e windows (svchost.exe, services.exe lan liyo-liyane) c. sing mesti windows task manager diblokir, dadi kudu nggawe pengintip program liyane task manager (aku nggawe we'e visual studio: program viewer)
3. Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Hidden"=dword:00000001 "ShowCompColor"=dword:00000001 "HideFileExt"=dword:00000000 "ShowInfoTip"=dword:00000001 "HideIcons"=dword:00000000 "SuperHidden"=dword:00000001 "Start_ShowControlPanel"=dword:00000001 "Start_EnableDragDrop"=dword:00000001 "StartMenuFavorites"=dword:00000001 "Start_ShowHelp"=dword:00000001 "Start_ShowMyComputer"=dword:00000001 "Start_ShowMyDocs"=dword:00000001 "Start_ShowMyMusic"=dword:00000001 "Start_ShowMyPics"=dword:00000001 "Start_ShowPrinters"=dword:00000001 "Start_ShowRun"=dword:00000001 "Start_ShowSearch"=dword:00000001 "Start_ShowRecentDocs"=dword:00000001 "Start_AutoCascade"=dword:00000001 "Start_NotifyNewApps"=dword:00000000 "Start_AdminToolsRoot"=dword:00000001 "StartMenuAdminTools"="YES" "FolderContentsInfoTip"=dword:00000001 "FriendlyTree"=dword:00000001 "WebViewBarricade"=dword:00000001 "DisableThumbnailCache"=dword:00000001 "ShowSuperHidden"=dword:00000001 "ClassicViewState"=dword:00000000 "PersistBrowsers"=dword:00000001 "Start_ShowNetPlaces_ShouldShow"=dword:00000041 "StartMenuRun"=dword:00000001 "StartMenuChange"=dword:00000001 "CascadeControlPanel"="YES" "CascadeMyDocuments"="YES" "CascadeMyPictures"="YES" "CascadeNetworkConnections"="YES" "CascadePrinters"="YES" "StartMenuScrollPrograms"="YES" "IntelliMenus"="YES" "Start_ShowNetConn"=dword:00000001 "EnableBalloonTips"=dword:00000000 "StartMenuLogoff"=dword:00000001 [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows] "load"="" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoRun"=dword:00000000 "NoFind"=dword:00000000 "DisableCurrentUserRun"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoRun"=dword:00000000 "NoFind"=dword:00000000 "DisableCurrentUserRun"=dword:00000000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder] "Type"="group" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\ClassicViewState] "Type"="checkbox" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\ControlPanelInMyComputer] "Type"="checkbox" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\DesktopProcess] "Type"="checkbox" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\DisableThumbCache] "Type"="checkbox" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\FolderSizeTip] "Type"="checkbox" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\FriendlyTree] "Type"="checkbox" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden] "Type"="group" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] "Type"="radio" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "Type"="radio" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\HideFileExt] "Type"="checkbox" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\NetCrawler] "Type"="checkbox" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\PersistBrowsers] "Type"="checkbox" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\ShowCompColor] "Type"="checkbox" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\ShowFullPath] "Type"="checkbox" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\ShowFullPathAddress] "Type"="checkbox" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\ShowInfoTip] "Type"="checkbox" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SimpleSharing] "Type"="checkbox" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden] "Type"="checkbox" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Thickets] "Type"="group" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Thickets\AUTO] "Type"="radio" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Thickets\NOHIDE] "Type"="radio" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Thickets\NONE] "Type"="radio" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\WebViewBarricade] "Type"="checkbox" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WinUp"="" "RsWin"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "LegalNoticeCaption"="" "LegalNoticeText"="" "PowerdownAfterShutdown"="1" "Shell"="Explorer.exe" "System"="" "Userinit"="C:\\windows\\system32\\userinit.exe," [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot] "AlternateShell"="" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot] "AlternateShell"="" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\Windows] "load"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ANSAV.exe] "Debugger"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ANSAV32.exe] "Debugger"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\calc.exe] "Debugger"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccapp.exe] "Debugger"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CClaw.exe] "Debugger"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cmd.exe] "Debugger"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\freecell.exe] "Debugger"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mshearts.exe] "Debugger"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Nip.exe] "Debugger"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Nipsvc.exe] "Debugger"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Niu.exe] "Debugger"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Njeeves.exe] "Debugger"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\notepad.exe] "Debugger"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Nvccf.exe] "Debugger"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Nvcoas.exe] "Debugger"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Nvcod.exe] "Debugger"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Nvcsched.exe] "Debugger"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PCMAV.exe] "Debugger"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedit.exe] "Debugger"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sol.exe] "Debugger"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\spider.exe] "Debugger"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskkill.exe] "Debugger"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tasklist.exe] "Debugger"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe] "Debugger"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\URemovalCRC32.exe] "Debugger"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winamp.exe] "Debugger"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winmine.exe] "Debugger"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Your Image File Name Here without a path] "Debugger"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Zanda.exe] "Debugger"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Zlh.exe] "Debugger"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msconfig.exe] "Debugger"="" [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "Shell"="Explorer.exe" -- ----------------------------------------- El Harun Affandy Jl. Ade Irma Suryani II / 509 Malang 65119 0341.70.90.256 http://friendster.com/elharun ----------------------------------------- Senyum adalah shadaqah [Non-text portions of this message have been removed] ================> HAPUS IKLAN DIATAS DAN FOOTER INI JIKA ME-REPLY <================ Posting : [email protected] Archive : http://www.mail-archive.com/[email protected]/ www.mitek.unibraw.ac.id || himamitek.brawijaya.ac.id ************************************************************************************ Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/mitek/ <*> Your email settings: Individual Email | Traditional <*> To change settings online go to: http://groups.yahoo.com/group/mitek/join (Yahoo! ID required) <*> To change settings via email: mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
