» » Folder Options Recovery From Virus Attack

Folder Options Recovery From Virus Attack

Folder Options Recovery From Virus Attack
Beberapa Windows Indonesia saat ini Virus yang dilaporkan telah banyak tersebar di seluruh dunia memiliki karakteristik unik teknik menyerang. Salah satu teknik yang populer tua itu Mengganti (saya suka menyebutnya "Mess membuat sebuah") Windows Folder Options dengan memodifikasi Windows Registry.Beberapa programmer virus Indonesia lebih suka bermain "petak umpet" hanya dengan menyembunyikan file di komputer target tanpa membuat tindakan berbahaya yang merusak sistem komputer. Umumnya, para penyerang berusaha untuk menyembunyikan file dengan mengubah atribut file mereka ke dalam "tersembunyi" dan sistem "", sehingga status file tidak hanya tersembunyi, namun super-disembunyikan sebagai file yang dilindungi hanya sistem Windows.Korban menangis bahwa mereka telah kehilangan file seperti mereka. Beberapa dari mereka telah menyadari bahwa file mereka telah super-tersembunyi, tetapi mereka tidak bisa mendapatkan file tersembunyi mereka kembali karena mereka tidak bisa mengubah setting Folder Options ke kondisi sebelumnya normal setelah programmer virus telah 'membeku' Folder Options Pengaturan. Dan sisanya dari mereka tidak menyadari bahwa file mereka baru saja terlihat dan, sering, diganti dengan file palsu (file yang mengandung skrip jahat - virus itu sendiri). Sebagian besar, dalam kasus Folder Options Pengaturan beku, virus itu telah membuat modifikasi registry di "Checked Value" dan "dicentang Nilai" Periksa Kotak Pilihan.Artikel ini menceritakan tentang Cara:1. Mencairkan yang beku Folder Options2. Recover Folder Options Pengaturan yang telah diubah oleh Virus3. Acara File yang disembunyikan oleh Virus

1. Mencairkan yang beku Folder OptionsAda dua cara untuk mencairkan The Frozen Folder Options. Pertama, Kill The Virus residen dengan AntiVirus terpercaya, dan kedua, Recover Folder Options dengan re-memodifikasi kunci registri yang telah diubah dengan menyerang Virus untuk keadaan normal sebelumnya.
2. Recover Folder Options Pengaturan yang telah diubah oleh Virus
2.1. Download Program: Pemulihan Folder Options untuk Windows v1.0.0folder-options-recovery




folder-options-recovery_thumbnaildownload_button.jpg

- Category : Computer\Windows\Recovery Tools
- Program name : Folder Options Recovery for Windows
- Program Type : Portable Application
- Version  : 1.0.0.0
- Supported OS : Microsoft Windows 98/Me/XP/Vista
- License  : Freeware
- Developer : Henry U.S.S.A – Henry Artworks Studio
- File Name  : Folder-Options-Recovery.exe
- File Size : 45.5 KB (46,592 bytes)
- Size On Disk : 48.0 KB (49,152 bytes)
- CRC-32 Checksum : A4B4949B
- MD5 : F1F60B1E84D8F1441AB59B92E347D22E
- SHA1 : 0E4D03F87A809D213C29300CADAFE2942577D80D
- Created : Monday, September 1st, 2008, 1:22:50 AM
2.2. Download Dua Registry Entry File di bawah ini:
- A. Download Show_FolderOptions_and_ControlPanel.reg (download here)
- B. Download Folder_Options_Recovery_-_Show_All_Files.reg (download here)
- Dan "Merge" ke dalam Windows Registry Database Anda, OR2.3. Pemulihan Manual melalui Windows Registry dengan Menciptakan File Registry Dua Entry:- A. Buka Windows Notepad atau Teks Editor lainnya- B. Salin Registry Entry baris ini tertulis di bawah ini:
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
“NoFolderOptions”=dword:00000000
“NoControlPanel”=dword:00000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
“NoControlPanel”==dword:00000000
Namun, jika tetap terlihat Folder Options dan Control Panel tidak cacat, lalu Copy dan Paste ke Notepad Anda:Entry Registry ini baris ditulis di bawah ini:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder]
“Type”=”group”
“Text”=”@shell32.dll,-30498″
“Bitmap”=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,\
00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,53,00,\
48,00,45,00,4c,00,4c,00,33,00,32,00,2e,00,64,00,6c,00,6c,00,2c,00,34,00,00,\
00
“HelpID”=”shell.hlp#51140″
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\ClassicViewState]
“Type”=”checkbox”
“Text”=”@shell32.dll,-30506″
“HKeyRoot”=dword:80000001
“RegPath”=”Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced”
“ValueName”=”ClassicViewState”
“CheckedValue”=dword:00000000
“UncheckedValue”=dword:00000001
“DefaultValue”=dword:00000000
“HelpID”=”shell.hlp#51076″
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\ControlPanelInMyComputer]
“RegPath”=”Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\HideMyComputerIcons”
“Text”=”@shell32.dll,-30497″
“Type”=”checkbox”
“ValueName”=”{21EC2020-3AEA-1069-A2DD-08002B30309D}”
“CheckedValue”=dword:00000000
“UncheckedValue”=dword:00000001
“DefaultValue”=dword:00000001
“HKeyRoot”=dword:80000001
“HelpID”=”shell.hlp#51150″
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\DesktopProcess]
“Type”=”checkbox”
“Text”=”@shell32.dll,-30507″
“HKeyRoot”=dword:80000001
“RegPath”=”Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced”
“ValueName”=”SeparateProcess”
“CheckedValue”=dword:00000001
“UncheckedValue”=dword:00000000
“DefaultValue”=dword:00000000
“HelpID”=”shell.hlp#51079″
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\DesktopProcess\Policy]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\DesktopProcess\Policy\SeparateProcess]
@=”"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\DisableThumbCache]
“Type”=”checkbox”
“Text”=”@shell32.dll,-30517″
“HKeyRoot”=dword:80000001
“RegPath”=”Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced”
“ValueName”=”DisableThumbnailCache”
“CheckedValue”=dword:00000001
“UncheckedValue”=dword:00000000
“DefaultValue”=dword:00000000
“HelpID”=”shell.hlp#51155″
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\FolderSizeTip]
“Type”=”checkbox”
“Text”=”@shell32.dll,-30514″
“HKeyRoot”=dword:80000001
“RegPath”=”Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced”
“ValueName”=”FolderContentsInfoTip”
“CheckedValue”=dword:00000001
“UncheckedValue”=dword:00000000
“DefaultValue”=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\FriendlyTree]
“Type”=”checkbox”
“Text”=”@shell32.dll,-30511″
“HKeyRoot”=dword:80000001
“RegPath”=”Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced”
“ValueName”=”FriendlyTree”
“CheckedValue”=dword:00000001
“UncheckedValue”=dword:00000000
“HelpID”=”shell.hlp#51149″
“DefaultValue”=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden]
“Text”=”@shell32.dll,-30499″
“Type”=”group”
“Bitmap”=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,\
00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,53,00,\
48,00,45,00,4c,00,4c,00,33,00,32,00,2e,00,64,00,6c,00,6c,00,2c,00,34,00,00,\
00
“HelpID”=”shell.hlp#51131″
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN]
“RegPath”=”Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced”
“Text”=”@shell32.dll,-30501″
“Type”=”radio”
“CheckedValue”=dword:00000002
“ValueName”=”Hidden”
“DefaultValue”=dword:00000002
“HKeyRoot”=dword:80000001
“HelpID”=”shell.hlp#51104″
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]
“RegPath”=”Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced”
“Text”=”@shell32.dll,-30500″
“Type”=”radio”
“CheckedValue”=dword:00000001
“ValueName”=”Hidden”
“DefaultValue”=dword:00000002
“HKeyRoot”=dword:80000001
“HelpID”=”shell.hlp#51105″
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\HideFileExt]
“Type”=”checkbox”
“Text”=”@shell32.dll,-30503″
“HKeyRoot”=dword:80000001
“RegPath”=”Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced”
“ValueName”=”HideFileExt”
“CheckedValue”=dword:00000001
“UncheckedValue”=dword:00000000
“DefaultValue”=dword:00000001
“HelpID”=”shell.hlp#51101″
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\NetCrawler]
“Type”=”checkbox”
“Text”=”@shell32.dll,-30509″
“HKeyRoot”=dword:80000001
“RegPath”=”Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced”
“ValueName”=”NoNetCrawling”
“CheckedValue”=dword:00000000
“UncheckedValue”=dword:00000001
“DefaultValue”=dword:00000000
“HelpID”=”shell.hlp#51147″
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\NetCrawler\Policy]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\NetCrawler\Policy\NoNetCrawling]
@=”"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\PersistBrowsers]
“Type”=”checkbox”
“Text”=”@shell32.dll,-30513″
“HKeyRoot”=dword:80000001
“RegPath”=”Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced”
“ValueName”=”PersistBrowsers”
“CheckedValue”=dword:00000001
“UncheckedValue”=dword:00000000
“HelpID”=”shell.hlp#51152″
“DefaultValue”=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\ShowCompColor]
“Type”=”checkbox”
“Text”=”@shell32.dll,-30512″
“HKeyRoot”=dword:80000001
“RegPath”=”Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced”
“ValueName”=”ShowCompColor”
“CheckedValue”=dword:00000001
“UncheckedValue”=dword:00000000
“DefaultValue”=dword:00000001
“HelpID”=”shell.hlp#51130″
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\ShowFullPath]
“Type”=”checkbox”
“Text”=”@shell32.dll,-30504″
“HKeyRoot”=dword:80000001
“RegPath”=”Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\CabinetState”
“ValueName”=”FullPath”
“CheckedValue”=dword:00000001
“UncheckedValue”=dword:00000000
“DefaultValue”=dword:00000000
“HelpID”=”shell.hlp#51100″
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\ShowFullPathAddress]
“Type”=”checkbox”
“Text”=”@shell32.dll,-30505″
“HKeyRoot”=dword:80000001
“RegPath”=”Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\CabinetState”
“ValueName”=”FullPathAddress”
“CheckedValue”=dword:00000001
“UncheckedValue”=dword:00000000
“DefaultValue”=dword:00000001
“HelpID”=”shell.hlp#51107″
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\ShowInfoTip]
“Type”=”checkbox”
“Text”=”@shell32.dll,-30502″
“HKeyRoot”=dword:80000001
“RegPath”=”Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced”
“ValueName”=”ShowInfoTip”
“CheckedValue”=dword:00000001
“UncheckedValue”=dword:00000000
“DefaultValue”=dword:00000001
“HelpID”=”shell.hlp#51102″
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden]
“Type”=”checkbox”
“Text”=”@shell32.dll,-30508″
“WarningIfNotDefault”=”@shell32.dll,-28964″
“HKeyRoot”=dword:80000001
“RegPath”=”Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced”
“ValueName”=”ShowSuperHidden”
“CheckedValue”=dword:00000000
“UncheckedValue”=dword:00000001
“DefaultValue”=dword:00000000
“HelpID”=”shell.hlp#51103″
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]
@=”"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Thickets]
“Text”=”Managing pairs of Web pages and folders”
“Type”=”group”
“Bitmap”=”C:\\WINDOWS\\System32\\\\SHELL32.DLL,4″
“HelpID”=”TBD”
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Thickets\AUTO]
“RegPath”=”Software\\Microsoft\\Windows\\CurrentVersion\\Explorer”
“Text”=”Show and manage the pair as a single file”
“Type”=”radio”
“CheckedValue”=dword:00000000
“ValueName”=”NoFileFolderConnection”
“DefaultValue”=dword:00000000
“HKeyRoot”=dword:80000001
“HelpID”=”TBD”
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Thickets\NOHIDE]
“RegPath”=”Software\\Microsoft\\Windows\\CurrentVersion\\Explorer”
“Text”=”Show both parts but manage as a single file”
“Type”=”radio”
“CheckedValue”=dword:00000002
“ValueName”=”NoFileFolderConnection”
“DefaultValue”=dword:00000000
“HKeyRoot”=dword:80000001
“HelpID”=”TBD”
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Thickets\NONE]
“RegPath”=”Software\\Microsoft\\Windows\\CurrentVersion\\Explorer”
“Text”=”Show both parts and manage them individually”
“Type”=”radio”
“CheckedValue”=dword:00000001
“ValueName”=”NoFileFolderConnection”
“DefaultValue”=dword:00000000
“HKeyRoot”=dword:80000001
“HelpID”=”TBD”
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\WebViewBarricade]
“Type”=”checkbox”
“Text”=”@shell32.dll,-30510″
“HKeyRoot”=dword:80000001
“RegPath”=”Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced”
“ValueName”=”WebViewBarricade”
“CheckedValue”=dword:00000001
“UncheckedValue”=dword:00000000
“HelpID”=”shell.hlp#51148″
“DefaultValue”=dword:00000000
- 2.3. Simpan Teks Lines di atas sebagai Registry Entry File (format file:. Reg): "Fix_Folder_Options.reg"- 2,4. "Merge" ke dalam Windows Registry Database:
3. Acara File yang disembunyikan oleh VirusSetelah Registry Entry File telah dilebur dengan baik ke dalam Windows Registry Database, Folder Options akan 'Anda sendiri', dan Semua File Tersembunyi (termasuk Tersembunyi Sistem File) akan ditampilkan dengan atribut file tidak berubah mereka (tersembunyi dan atribut sistem).Lalu, akhirnya Anda hanya dapat mengubah secara manual file mereka kembali ke atribut atribut asli mereka dengan perangkat lunak bebas yang direkomendasikan bernama Atribut Changer yang dapat didownload dari sini atau langsung dari sini.
CATATAN:Resident Virus harus dibunuh terlebih dahulu dengan AntiVirus dipercaya (sebagai cara termudah) sebelum Anda dapat menggabungkan Registry Entry File di atas ke dalam Windows Registry Database untuk Recover Folder Options, atau itu tidak akan Kerja sejak Virus akan menempatkan Setting Folder Options kembali ke cara yang salah ...

0 Response to "Folder Options Recovery From Virus Attack"

Post a Comment

Subscribe to: Post Comments (Atom)
Powered by Blogger.