How to remove new (local) virus called JoniEzz.exe

Yesterday my friend came to my room, he complaint about virus on his computer, then ask me to clean it. He bring his usb memory with full infected documents in it. With no suspicious, I plugged in it on My lovely computer. I'm no worries at all, because I have scan it with Norton antivirus (with virus def. update on 13/6/08) before. No malware found so I'm sure that it is clean and save. Well until lastnight, I didn't realize that I am infected too. major change in my computer make me distrustful, so I began to use Ice Sword to monitor what processes were running. I use it because usually the virus proceses do not appear on the list. Then I found it, the process called smss.exe but with Word icon. This is weird, cause the real smss process is not with word icon. Until this, I realize that I've been infected.


So I wanna to share my experience, how to remove the virus and get back your hidden documents. First we need this tools :

1. Ice Sword, to monitor the processes, the virus won't recognize it, cause the title was randomly change.
3. Toggle hidden explorer stuff, a vbscript, good tool to show system files with super hidden attribute or You can set the DWORD value to 1 of HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowSuperHidden in registry. Note, some antivirus will block this script, just allow it.
2. Attribute Changer, great tool to change files attribute, even with super hidden attribute. You need to install this tool first.

thats it all we need, you can get them on my blog Download box (on right sidebar) or just google them.
Now lets do the best thing,
- Fire up Ice sword, find processes called smss with word icon and kill them. Remember only processes with word icon!
- after that, use the toggle show super hidden file script to show all the system file. Go to C:\Windows\System32 and find folder named LoLOxz (or some thing like that). Inside the folder is smss.exe and msvbm60.dll. Just delete the folder. Now You have removed the virus procesess.
- to get back your hidden documents, just find out the documents, select all hidden documents and right click. Select Change Attributes from menu appear, uncheck the Hidden and System. Now you document back to normal.


- This virus also create the msvbm60.dll in same folder with the infected files, and autorun.inf in every drive which command the JoniEzz.exe in every drive. Remove both files too.
Just for information, this virus only infected files in first level directory. So if you files located deep in directory, You dont have to be worry. Maybe this is only remove the main virus and the processes, I really have no idea how much the virus create other files in Windows directory or somewhere else. I think it is wiser for you to back up all your important data and update your antivirus definition file right now. If you have any information about this virus, fell free for comment.. thats all. I hope this is useful..

Read More..

Many post delayed..

Well, for this several days, looks like I can't satisfied my passion for posting. This because of my project in INAICTA (Indonesian ICT Awards) 2008. My project is like a sequel of my Interactive Map of Semarang Tourism. I can't tell you more for now, but I hope later I will post some basic tutorial in creating that in Flash. wait for my next post...be patient.

Read More..

Header and title changed

It's been a few weeks that I'm planning to change my blog header and title. I'm thinking for suitable title and represented header for my blog, this because I think the title "It's all about creativity" is no more suitable with the content of my blog. This blog content is containing more experiences then result of my work or study (although it will still here / posted).
I decided to change my blog title become "My Explorations :: A Geek Experiences" which is more represent this blog content. I think this title clear enough to what it is mean.
For the header background, I use part of a wallpaper called chroma wallpaper, which I found somewhere in ndesign-studio.com links..(I forgot where exactly I found it...you can google it).There is lot of resource and tutorial in graphic design there. For you who new in Illustrator or PS I suggest to visit it. And I added my little artwork I call Gunungan (modified), which is part of Wayang Kulit. Thats all... Feel free for comment...Enjoy..

Read More..

First experience use MacOS.. but cannot install on my real computer

I've been dreaming on using MacOS for long time. Now I got chance to run it, altough it only using Virtual Machine. Yesterday I finished download OSx-86 image for VMware. It works fine, but run slowly, even when I increase the memory size. Actually, I'm planning to install MacOS on my real computer. I already have the Kalway 10.5.2 and iAtkos 2.0i DVDs, and also read some installation tutorials, but until now I still cannot install Mac on my real computer. It seems like I have unsupported nforce chipset on my Mobo. I got no idea how can I install it well. Somebody can help me? for information, I'm using the nforce 610 chipshet, gforce 7 series (7050) onboard graphic card on my Mobo, Intel Dual core Processor (D-920, it is supported well on some tutorial I've read), 2Gb of RAM, 160Gb SATA disk, IDE DVD drive.

Well for now, I'm glad enough using MacOS on Virtual machine, and what I need now is keep trying to install on my real computer, asking on some forums, read more tutorials and of course.. keep blogging... If you have any informations about installing Mac on general PC please comment...

Read More..

Big Buck Bunny.... You better watch it...!!!

Today I'm just download the second open movie made by the BBB project team, yeah, it's Big Buck Bunny... I got it from torrent. My opinion is that this movie is kind of wow...!!! It's much different than the previous Elephant Dream.. Many funny things there, me and my friends very much enjoy this movie... I just wanna say great job guys.. for all o you in BBB team.. I wish I had much money and give a little help by donating...( ahh.. I even not graduated yet..) but may be it is not to late for say that all of you are Awesome.. And for you readers... You better watch it..!!!

here is the BBB site, you can download various format of the movie and also the production files..
Enjoy...

Read More..