Maka disini akan kami bahas, cara me remove varian dari virus ini yang dapat kita lakukan, walaupun untuk menuju remove yang benar-benar bersih masih dalam penyelidikan perusahaan antivirus terbesar terutama symantec
When you are completely finished with the removal procedure and are satisfied that the threat has been removed, reenable System Restore by following the instructions in the aforementioned documents.
2. Update the virus definitions.
Running LiveUpdate, which is the easiest way to obtain virus definitions.
3. Find and stop the service.
Click Start > Run.
Type services.msc, and then click OK.
Locate and select the service that was detected.
Click Action > Properties.
Change Startup Type to Manual.
Click OK and close the Services window.
Restart the computer.
4. Run a full system scan.
Start your antivirus program and make sure that it is configured to scan all the files. Run a full system scan. If any files are detected, follow the instructions displayed by your antivirus program. After the files are deleted, restart the computer in Normal mode and proceed with the next section. Warning messages may be displayed when the computer is restarted, since the threat may not be fully removed at this point. You can ignore these messages and click OK. These messages will not appear when the computer is restarted after the removal instructions have been fully completed. The messages displayed may be similar to the following : Title: [FILE PATH] Message body: Windows cannot find [FILE NAME]. Make sure you typed the name correctly, and then try again. To search for a file, click the Start button, and then click Search.
5. Delete any values added to the registry.
Click Start > Run.
Navigate to and delete the following registry subkeys :
Note: If the risk creates or modifies registry subkeys or entries under HKEY_CURRENT_USER, it is possible that it created them for every user on the compromised computer. To ensure that all registry subkeys or entries are removed or restored, log on using each user account and check for any HKEY_CURRENT_USER items listed above.