Now present a new virus called "Sandra Dewi"

Now present a new virus called "Sandra Dewi" which carried the name of one of the campus computer in East Kalimantan. Following list of virus Sandra Dewi made of visual basic programming language:
It seems very ill when we love being rejected by someone,
at the time of the first facilities to use as traditional media to get the love
Along with the development of information technology,
the use of media to get love is VIRUS

The characteristics of the virus file by Sandra Dewi Vaksin.com:

* There is the file size of 132 kb
* There is a file Application
There are files with the extension exe
There are icon images (JPEG image)
* There Sandra Dewi Bugil.exe file in the root of all drives
* There is a file C: \ Documents and Settings \% username% \ Start Menu \ Programs \ Startup \ Sandra Dewi Bugil.exe
* C: \ WINDOWS \ Sandra Dewi Bugil.exe
* C: \ WINDOWS \ system32 \ Sandra Dewi Bugil.exe
* Create a duplicate file in every folder the virus is in a removable drive / usb.

How to clean the virus Sandra Dewi Vaksin.com:
1. Release the cable from the computer network
2. Turn off "System Restore" during the process of cleaning the virus (for Windows XP / Vista)
3. Use tools for task managers, such as Process Explorer (download it http://www.sysinternals.com/utils/index.html) to kill the virus active in memory, namely:

* C: \ Documents and Settings \% username% \ Start Menu \ Programs \ Startup \ Sandra Dewi Bugil.exe
* C: \ WINDOWS \ Sandra Dewi Bugil.exe

4. Copy this script in the registry notepad with the name "repair.inf" on a clean computer to delete the registry string that has been created by the virus.
[Version]
Signature = "$ Chicago $"
Provider = Vaksincom Oyee
; & Nbsp; & n bsp; & nb sp; & nbs p;
[DefaultInstall]
AddReg = UnhookRegKey
DelReg = del
[UnhookRegKey]
HKCR, batfile \ shell \ open \ command ,,,"""% 1 ""% * "
HKCR, comfile \ shell \ open \ command ,,,"""% 1 ""% * "
HKCR, exefile \ shell \ open \ command ,,,"""% 1 ""% * "
HKCR, piffile \ shell \ open \ command ,,,"""% 1 ""% * "
HKCR, lnkfile \ shell \ open \ command ,,,"""% 1 ""% * "
HKCR, scrfile \ shell \ open \ command ,,,"""% 1 ""% * "
HKLM, SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion, RegisteredOrganization, 0, "Organization"
HKLM, SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion, RegisteredOwner, 0, "Owner"
HKLM, SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Explor er \ Advanced \ Folder \ Hidden \ SHOWALL, CheckedValue, 0x00010001, 1
HKLM, SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Explor er \ Advanced \ Folder \ Hidden \ SHOWALL, DefaultValue, 0x00010001, 2
[del]
HKCU, Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Syst em, DisableRegistryTools
HKCU, Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Syst em, DisableMsConfig
HKCU, Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Syst em, DisableTaskMgr
HKCU, Software \ Policies \ Microsoft \ Windows \ system, DisableCMD
HKCU, Software \ Microsoft \ Internet Explorer \ Main, Window Title
HKCU, Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Expl orer, NoFolderOptions
HKCU, Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Expl orer, NoFind
HKCU, Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Expl orer, NoClose
HKCU, Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Expl orer, NoControlPanel
HKCU, Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Expl orer, NoRun
HKCU, Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Expl orer, NoStartMenuMorePrograms
HKCU, Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Expl orer, NoViewContextMenu
HKCU, Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Expl orer, NoViewOnDrive
HKCU, Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Expl orer, StartMenuLogoff

5. Repair.inf click the file to install it.
6. Delete the file that the virus has characteristics as follows, can use the search function:

* Icon images (JPEG Image)
* Extension exe
* Size 132 kb

7. For optimal cleaning and prevent re-infection, anti-virus or update use Norman Malware Cleaner (http://normanasa.vo.llnwd.net/o29/public/Norman_Ma lware_Cleaner.exe)