zkwan

Assalamualaikum......

Selepas dua tige kali bunyi pop pop pop dan pop terus pop....mungkin ramai antara kita terkene side effect virus ni. Kadang-kadang ada jg verus yg bukan verus manusia menyebabkan psychogenic disturbance + emotional disturbance...hahaa..itulah virus YM....

This idea i got it from translated page of Romanian Guy's Blog....i hope it will work...and i'm not even try it yet....since alhamdulillah...mungkin sy xkene lagi verus tu.....so....for those ppl yg kene verus ala2 H1n1 tuu...buleh mencoba........TRY AT YOUR OWN RISK!

Several hours to travel on Yahoo Messenger a new virus that sends a few links like those below, preceded by a text:

http://ariafotos.com/image.php http://ariafotos.com/image.php

http://zhelefun.com/image.php http://zhelefun.com/image.php

http://tviceimg.com/image.php http://tviceimg.com/image.php

Once this link to access the messaging received from a contact list, you will be offered to download a file with a name similar to the one below:

IM56245.JPG-www.myspace.com.exe IM56245.JPG-www.myspace.com.exe

Most will not see the final extension. Exe because Windows comes by default set to not display the file extension. (Mare greseala dupa parerea mea) (Big mistake in my opinion)

Download Malwarebytes Anti-Malware.

Update Malwarebytes' Anti-Malware si Launch Malwarebytes' Anti-Malware . Install it and finally make sure you check the following: Update Malwarebytes 'Anti-Malware and Launch Malwarebytes' Anti-Malware. After launching the program, select Perform full scan, then click Scan.
After you finish click OK and then Show Results.Make sure everything is checked and click Remove Selected.
Eventually will require restarting the PC.

For those interested in more details, the virus creates the following files:
%Windir%\infocard.exe (acesta va fi si procesul activ) % Windir% \ infocard.exe (it will also be active process)
%Windir%\mds.sys % Windir% \ mds.sys
%Windir%\mdt.sys % Windir% \ mdt.sys
%Windir%\winbrd.jpg % Windir% \ winbrd.jpg

Also belong to the following registry keys:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ [Firewall Administrating = "%Windir%\infocard.exe"] HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Run \ [Firewall Administrating = "% Windir% \ infocard.exe"]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Run\ [Firewall Administrating = "%Windir%\infocard.exe"] HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Terminal Server \ Install \ Software \ Microsoft \ Windows \ CurrentVersion \ Run \ [Firewall Administrating = "% Windir% \ infocard.exe"]
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\ [Firewall Administrating = "%Windir%\infocard.exe"] HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Run \ [Firewall Administrating = "% Windir% \ infocard.exe"]

These registry entries in W and ndows virus ensures his running every time the computer.