BigBurn 0 Report post Posted June 24, 2005 Assalammualaikum w.b.tNi masalah notebook (Dell Latitude c640, Win XP Pro without Service Pack, P4 M, 256 Mb RAM, 20Gb HDD) member aku punye....Notebook ni, penuh ngan spyware, trojan dan yang seangkatan dengannya.So, aku dah install software yang biasa aku guna kat notebook aku;- 1)Spybot Search and Destroy 2)Lavasoft Ad-Aware 3)CWShredder 4)HijackThis 5)Spyblaster 6)PC-Cilin 2002 (preinstalled dalam notebook tu)Aku dah cleankan segala-galanya, tapi ada 3 problem;-Problem 1) IE punye default address page, sentiasa nak pegi www.easypic.com (porn website)Problem 2) Dalam boot C: ada boot virus nama polyboot-bProblem 3) Takleh shutdown dengan properly, sampai je "Windows is shuting down", terus hang.So, ada sesapa leh tolong?....Yang problem 2 tu, aku gi Pc-cilin punye website, dia suruh guna cd win xp...tapi aku takde...Dia suruh masuk recovery console, pastu, type FIXMBR C:....kalau aku guna Win 98 punye startupdisk, untuk fix MBR tu, guna fdisk.exe, boleh ke?!Pastu aku ada pegi ke website www.hijackthis.de untuk analyze log hijackthis tapi tak membantu (atau aku yang tak reti! )ok...thanks. Quote Share this post Link to post Share on other sites
civ3 9 Report post Posted June 24, 2005 (edited) pastekan sini log file hijackthis tu...ttg IE tu kau try fix pakai mende ni dan juga ini Edited June 24, 2005 by civ3 Quote Share this post Link to post Share on other sites
BigBurn 0 Report post Posted June 24, 2005 okeh ini dia punye HijackThis Log fileLogfile of HijackThis v1.99.1Scan saved at 10:01:05 PM, on 24/Jun/05Platform: Windows XP (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 (6.00.2600.0000)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\SYSTEM32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\LEXBCES.EXEC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\LEXPPS.EXEC:\Program Files\Dell\OpenManage\Client\ActionAgent.exeC:\WINDOWS\System32\Ati2evxx.exeC:\DMI\WIN32\bin\DellDmi.exeC:\Program Files\Dell\OpenManage\Client\EventAgt.exeC:\Program Files\Dell\OpenManage\Client\DLT.exeC:\Program Files\Dell\OpenManage\Client\Iap.exeC:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exeC:\WINDOWS\System32\CAPRPCSK.EXEC:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exeC:\dmi\win32\bin\Win32sl.exeC:\WINDOWS\System32\spool\drivers\w32x86\3\CAPPSWK.EXEC:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exeC:\Program Files\Synaptics\SynTP\SynTPLpr.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\WINDOWS\System32\atiptaxx.exeC:\Program Files\Dell\AccessDirect\dadapp.exeC:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exeC:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exeC:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exeC:\WINDOWS\System32\LXSUPMON.EXEC:\WINDOWS\System32\qttask.exeC:\Program Files\FarStone\VirtualDrive\VDTask.exeC:\WINDOWS\vcdplayx.exeC:\WINDOWS\System32\pctspk.exeC:\WINDOWS\System32\cnvf32.exeC:\Program Files\Messenger\msmsgs.exeC:\WINDOWS\System32\win32.exeC:\Program Files\Dell\AccessDirect\DadTray.exeC:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exeC:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\CAPPSWK.EXEC:\WINDOWS\System32\rundll32.exeC:\Program Files\Trend Micro\PC-cillin 2002\WebTrap.EXEC:\Documents and Settings\KPM\Desktop\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.comR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.easypic.org/R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dellnet.comR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://as.starware.com/dp/search?product=s...version=g_4.4.2O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocxO2 - BHO: Loader Class - {2E246FAE-8420-11D9-870D-000C2917DE7F} - C:\WINDOWS\SYSTEM\Loader.dll (file missing)O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO2 - BHO: BHOmodObj Class - {7F6828CA-9E42-462C-BC60-418C8144012C} - c:\windows\system\BHOmod.dll (file missing)O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocxO4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exeO4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exeO4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exeO4 - HKLM\..\Run: [AtiPTA] atiptaxx.exeO4 - HKLM\..\Run: [DadApp] C:\Program Files\Dell\AccessDirect\dadapp.exeO4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe"O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe"O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe"O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\System32\LXSUPMON.EXE RUNO4 - HKLM\..\Run: [CAPON] C:\WINDOWS\System32\Spool\Drivers\w32x86\3\CAPONN.EXEO4 - HKLM\..\Run: [QuickTime Task] C:\WINDOWS\System32\qttask.exeO4 - HKLM\..\Run: [VirtualDrive] "C:\Program Files\FarStone\VirtualDrive\VDTask.exe" /AutoRestoreO4 - HKLM\..\Run: [vcdplayx] "C:\WINDOWS\vcdplayx.exe"O4 - HKLM\..\Run: [PCTVOICE] pctspk.exeO4 - HKLM\..\Run: [MSUpdSrv] msupdsrv.exeO4 - HKLM\..\Run: [73oi33j] cnvf32.exeO4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /backgroundO4 - HKCU\..\Run: [wupd] C:\WINDOWS\System32\win32.exeO4 - Global Startup: Canon LBP-810 ª¬ºAµøµ¡.LNK = C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\CAPPSWK.EXEO4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXEO4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exeO6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dllO15 - Trusted Zone: *.windupdates.comO15 - Trusted Zone: *.windupdates.com (HKLM)O15 - Trusted IP range: 67.19.178.84O15 - Trusted IP range: 67.19.178.84 (HKLM)O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1069272470863O17 - HKLM\System\CCS\Services\Tcpip\..\{46B15843-4D86-4C99-97F7-CF4482164358}: NameServer = 202.188.0.133,202.188.1.5O17 - HKLM\System\CCS\Services\Tcpip\..\{AD39D2A7-5673-42A1-9149-D5297FD2BC1D}: NameServer = 202.188.0.133,202.188.1.5O23 - Service: ActionAgent - Dell Computer Corporation - C:\Program Files\Dell\OpenManage\Client\ActionAgent.exeO23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exeO23 - Service: DellDmi - Dell Computer Corporation - C:\DMI\WIN32\bin\DellDmi.exeO23 - Service: DEventAgent - Dell Computer Corporation - C:\Program Files\Dell\OpenManage\Client\EventAgt.exeO23 - Service: DLT - Dell Computer Corporation - C:\Program Files\Dell\OpenManage\Client\DLT.exeO23 - Service: Iap - Dell Computer Corporation - C:\Program Files\Dell\OpenManage\Client\Iap.exeO23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXEO23 - Service: PC-cillin PersonalFirewall (PCCPFW) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exeO23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exeO23 - Service: Win32Sl - Intel - C:\dmi\win32\bin\Win32sl.exe Quote Share this post Link to post Share on other sites
civ3 9 Report post Posted June 24, 2005 kau fix benda nie:C:\WINDOWS\System32\win32.exeR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://as.starware.com/dp/search?product=s...version=g_4.4.2O2 - BHO: Loader Class - {2E246FAE-8420-11D9-870D-000C2917DE7F} - C:\WINDOWS\SYSTEM\Loader.dll (file missing)O2 - BHO: BHOmodObj Class - {7F6828CA-9E42-462C-BC60-418C8144012C} - c:\windows\system\BHOmod.dll (file missing)O4 - HKLM\..\Run: [MSUpdSrv] msupdsrv.exe Quote Share this post Link to post Share on other sites
BigBurn 0 Report post Posted June 24, 2005 allright bro Civ3.....aku akan cuba fixkan....thanks....er, lagi satu, pasal nak fix MBR tu, boleh ke kalau guna Win98 punye startup disk?sebab notebook tu running Win XP Pro Without Service Pack dengan NTFS file system.... Quote Share this post Link to post Share on other sites
civ3 9 Report post Posted June 25, 2005 allright bro Civ3.....aku akan cuba fixkan....thanks....er, lagi satu, pasal nak fix MBR tu, boleh ke kalau guna Win98 punye startup disk?sebab notebook tu running Win XP Pro Without Service Pack dengan NTFS file system....←erm...windows 98 running pada FAT32 so kau kene guna startup disk xp gakz....pegi sini nak create xp boot disk...hurm...kau ada spybot kan? kau try masuk safe mode pastu run scan guna spybot....pastu try gakz scan HDD tu dgn mana² AV k? AVG antivirus besh.... Quote Share this post Link to post Share on other sites
Impreza_2004 0 Report post Posted June 25, 2005 Assalammualaikum w.b.tNi masalah notebook (Dell Latitude c640, Win XP Pro without Service Pack, P4 M, 256 Mb RAM, 20Gb HDD) member aku punye....Notebook ni, penuh ngan spyware, trojan dan yang seangkatan dengannya.So, aku dah install software yang biasa aku guna kat notebook aku;- 1)Spybot Search and Destroy 2)Lavasoft Ad-Aware 3)CWShredder 4)HijackThis 5)Spyblaster 6)PC-Cilin 2002 (preinstalled dalam notebook tu)Aku dah cleankan segala-galanya, tapi ada 3 problem;-Problem 1) IE punye default address page, sentiasa nak pegi www.easypic.com (porn website)Problem 2) Dalam boot C: ada boot virus nama polyboot-bProblem 3) Takleh shutdown dengan properly, sampai je "Windows is shuting down", terus hang.So, ada sesapa leh tolong?....Yang problem 2 tu, aku gi Pc-cilin punye website, dia suruh guna cd win xp...tapi aku takde...Dia suruh masuk recovery console, pastu, type FIXMBR C:....kalau aku guna Win 98 punye startupdisk, untuk fix MBR tu, guna fdisk.exe, boleh ke?!Pastu aku ada pegi ke website www.hijackthis.de untuk analyze log hijackthis tapi tak membantu (atau aku yang tak reti! )ok...thanks.←berkenaan ngan IE default page cuba try g add/remove program...kalo de yg berkenaan sila la buang mungkin ia boleh menyelesaikan masalah ko...so selamat mencuba.. Quote Share this post Link to post Share on other sites
Balthazor 1 Report post Posted June 25, 2005 kau pakai Sysgate Personal Firewall..............................................benda tu boleh detect benda2 xxx macam tu...................jangan buang tapi kau disable je xxx tu......................Kau punya IE cuba kau tukar ngan MAXTHON browser ke atau ngan morzilla firefox..........................................seingat aku....itu hari pun aku ada kena spyware trojan ETC....pasal aku pi download Striptease kat PC aku............tak pasal aku punya IE aku blank.no home page..........aku takde pkir panjang aku tukar ngan MAXTHON..............terus bleh guna cam biasa...... Quote Share this post Link to post Share on other sites
Impreza_2004 0 Report post Posted June 25, 2005 berkenaan ngan IE default page cuba try g add/remove program...kalo de yg berkenaan sila la buang mungkin ia boleh menyelesaikan masalah ko...so selamat mencuba.. ←try Zonealarm Internet Security v5.5 (editor choice from majalah PC MAG) or F-Secure Internet Security 2005 (majalah PC PRO A List dan PC PRO Labs Winner)..selamat mencuba.. Quote Share this post Link to post Share on other sites
BigBurn 0 Report post Posted June 25, 2005 ok...tadi aku dah jumpa cd win xp pro ([lanun]) ....aku boot up ngan cd tu, than, gi repair dan dia masuk recovery console...so, bila aku type FIXMBR...dia kata, akan hilang partition, dia buat baru....persoalannya, adakah file, windows, akan hilang?!...aku tak berani buat lagi...tak sure...so, ada pandangan?!...susah betul nak ilangkan boot virus POLYBOOT-B nieh!.... aku dah gi Trend Micro utk solution..haaa..dia bagi nih...POLYBOOT-Bp/s:..kalao ilang file-file dalam notebook tu, sebelum TUANNYA backup, gerenti aku kena tembak ngan senapang gajah!.... Quote Share this post Link to post Share on other sites
civ3 9 Report post Posted June 25, 2005 apa² hal try backup dulu..... Quote Share this post Link to post Share on other sites
C-Fu 0 Report post Posted June 25, 2005 1. file windows BOLEH hilang. tak semestinya.die bukannye hilang, cuma secara sempoinye pc ko takleh detect drive c:\ yang ade kat pc ko tuh. file semua ada tapi "kepala" (mbr) die yang rosak so orang taktau samada die masih ade atau tak. so yeah, elok backup habis2an dulu. ke cdr ke dvdr ke.2. buang entry nih dalam hijackthis.R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.easypic.org/R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://as.starware.com/dp/search?product=s...version=g_4.4.2O2 - BHO: Loader Class - {2E246FAE-8420-11D9-870D-000C2917DE7F} - C:\WINDOWS\SYSTEM\Loader.dll (file missing)O2 - BHO: BHOmodObj Class - {7F6828CA-9E42-462C-BC60-418C8144012C} - c:\windows\system\BHOmod.dll (file missing)O4 - HKLM\..\Run: [QuickTime Task] C:\WINDOWS\System32\qttask.exeO4 - HKLM\..\Run: [vcdplayx] "C:\WINDOWS\vcdplayx.exe"O4 - HKLM\..\Run: [MSUpdSrv] msupdsrv.exeO4 - HKLM\..\Run: [73oi33j] cnvf32.exeO4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /backgroundO4 - HKCU\..\Run: [wupd] C:\WINDOWS\System32\win32.exeO15 - Trusted Zone: *.windupdates.comO15 - Trusted Zone: *.windupdates.com (HKLM)O15 - Trusted IP range: 67.19.178.84O15 - Trusted IP range: 67.19.178.84 (HKLM)pastu booot ke safe mode. delete file nih.c:\windows\system\BHOmod.dllC:\WINDOWS\SYSTEM\Loader.dll3. buat SEMUA step nih kat pc ko.first download spybot. http://www.safer-networking.org/en/index.htmldownload, UPDATE, pastu scan. fix, pastu restart. pastu scan balik, takut2 ade problem balik. kalau problem tu asyik kluar balik, pegi terus ke step hijackthis kat bawah.lepas dah update semua, bukak balik spybot. pegi menu mode>advanced mode. kat menu kiri, pegi tools. checkkan semua, so semua setting boleh kite set.then kat menu kiri, pegi spybot>immunize. klik immunize, dan klik enable permanent blocking of bad addresses... dan block all pages silently.pastu gi Tools>IE Tweaks. lock hosts file. kalo nak lock IE start page pon elok gak.pastu gi Tools>Hosts file. add spybot hosts file.pastu gi Tools>Resident. Checkkan option SDHelper.kalo nak software buang file2 yang takde gune kat pc, macam temporary file, gune ccleaner.http://www.ccleaner.com/ccdownload.aspdownload, install, dan bukak ccleaner. analyze, pastu run cleaner. restart pc.FREE4. ako suggest ko gune dell recovery cd je. backup file2 ko ke cdr pastu gune recovery cd, pastu update ke SP2. kalo boleh buat step ni, step kat atas takyah buat dah kecuali step 3.tutup SEMUA window, dan IE. bukak SATU SAHAJA Internet Explorer. Pastu pegi Tools>Windows Update. Kalau tak pernah buat windows update, nanti die akan suruh install something dari Microsoft. pilih Yes, dan mungkin kene restart pastu. Kalau kene restart, just ulang. Nanti akan keluar 2 option - pilih Custom Install. Pastu jangan pilih Service Pack 2, pilih Review Other Updates. Pastu pilih je semua kalau nak senang, dan install. Kalau ada ape2 kotak keluar pilih yes. Restart. Pastu ulang balik kalo nak install Service Pack 2.good luck mate, banyak bende ko kene buat ni Quote Share this post Link to post Share on other sites
Impreza_2004 0 Report post Posted June 25, 2005 Inside Spyware: A Guide to Finding, Removing and Preventing Online PestsMost computer users are aware of the dark side of the Internet. Our online world brings issues of credit card and identity theft, junk mail and seedy content right into our homes and offices. But how many computer users are unwitting accomplices to such activities?Your computer, or those of the people in your organization, is possibly being used to send spam, harvest e-mail addresses for spam, make purchases using stolen credit cards or take part in a denial of service (DoS) attack, where an army of computers shuts down a Web site by flooding its servers with HTTP requests.EarthLink's SpyAudit program, which scanned 1,062,756 PCs, found 29.5 million instances of spyware, an average of nearly 28 spyware items per computer.How does this happen without your knowledge? Examples like those above are usually the work of a trojan, a small program that can be unknowingly installed on a computer and then accessed by another computer over the Internet. Together with programs called spyware, adware and viruses, trojans are a part of a group collectively known as "malware" or "pestware." While the majority of such programs are pests and nothing more, they have the potential to be quite nasty.Trojans: RATS That Can Control Your ComputerLike the horse of old, a trojan carries with it an unexpected surprise. Trojans do not replicate like a virus, but they do leave behind a program that can be contacted by another computer. From there, they can do just about anything. While it's possible a trojan can be used to take control of a computer, the most common trojans are dialer programs. Dialers are used without your knowledge to make international or premium calls (900-type numbers) from your PC. That's more than an annoyance; it can get expensive.Trojans are also known as RATS (remote access trojans) and they are most often hidden in games and other small software programs that unsuspecting users download then unknowingly execute on their PCs.Two common trojans are known as Back Orifice and SubSeven. Back Orifice was originally developed as a remote administration tool. But it worked by exploiting holes in Microsoft software, which makes it a popular tool for nefarious applications. Both Back Orifice and SubSeven can be used to capture what is on a computer's screen and what is typed in using the keyboard; they can be use to remotely control devices, such as opening and closing the CD drive; or to set up FTP, HTTP or Telnet servers on an unsuspecting user's machine. Basically, anything that can be done with a computer can be done remotely using a trojan.Spyware: Who's Watching Your Online Moves?Spyware programs range from annoying to the dangerous, including keyboard loggers and screen capture applications that can steal passwords and other sensitive information. The programs are sometimes bundled in with shareware or freeware programs that can be downloaded from the Internet. Often times they claim to be helpful utilities that also carry a more sinister side.Many of the programs are marketed as legitimate tools for keeping tabs on children and spouses online. One program called Activity Logger, for example, connects to the Internet on its own, records the URLs of sites visited and the keystrokes from e-mail and chat applications. It will also capture screenshots that can be made into a slide show. Adware: Caught in a Marketing NightmareAdware is software that displays advertisements to computer users. Some of the most strict definitions of adware include applications that are sponsored for their free use. One of the most popular examples is WeatherBug, which offers a free version of weather software and comes wrapped in a skin that displays advertising. While older versions of WeatherBug had rather significant privacy issues, newer versions are pretty straight forward: you see the ad, but you get the weather. Is this adware? In the most strict sense, many people say it is. But to some computer users, the tradeoff seems fair. Hotmail, Yahoo Mail and AOL's Instant Messenger are among other software programs and services that display ads to their users in exchange for free usage. Many of these programs off advertising-free versions for a price.More infamous among adware watchers is Gator, which now goes by the name Claria Corp. Gator was controversial from the start. It began in 1998 offering e-wallet software. But it reports your Web surfing habits back to its parent company, which then sends you advertisements targeted according to your data. The vast majority of people consider it a pest, especially because the software is often bundled with other, more useful software. As annoying as it is, Gator is not very malicious.As for adware that reports personally identifiable information, once again tolerance varies. Some people don't want any information, such as tracking the sites you visit, revealed. Others draw the line at logging IP addresses.Viruses: Contagious PestsFor all the publicity viruses have gotten, they remain a serious threat. While viruses can potentially destroy a computer's data, most of the widespread viruses have leaned more toward annoyance. The most famous are e-mail viruses that replicate and spread using e-mail addresses stored on a computer. They still cost computer users and their employers hundreds of millions of dollars annually.The MS Blaster worm that caused havoc in the summer of 2003 exploited a vulnerability in the Remote Procedure Call (RPC) function of the Windows operating system. Anyone who did not install a patch issued by Microsoft was vulnerable, marking a new era in virus prevention for many Internet users. No longer was using care with e-mail attachments enough to keep you safe. Symptoms of Spyware and Other PestsDepending on the type of pest that plagues your computer, it may be very easy to detect an infection. That's the good news. The bad news is some of the most dangerous infections, especially from RATS or spyware, can be very difficult to detect. That's why most of the checking and removing of pests is done with software designed to do just that. Nevertheless, there are some general symptoms you should know.Your Computer Has a Mind of Its OwnSpyware, trojans and other pests contact other computers, and each pest is program of its own, therefore they use system resources such as CPU cycles, memory and an Internet connection.Slow ComputerThere are several reasons your computer may be running slow, but if you use it on a regular basis, then you're familiar with its noises, hang-ups and how it reacts. Older computers tend to run slower. Some applications cause computers to run slower. Computers are machines, they do not have moods. A sudden change in how your computer is running could be a sign of spyware or adware. E-Mail SymptomsIf you're getting a lot of bounced back mail and see evidence of e-mails being sent without your knowledge, then it's possible that trojan spamware has found its way onto your computer. Spamware is a trojan that can turn your computer into a spam launching pad and create headaches for unknowing computer users, especially if a virus is sent. Even if your computer is not being used to send spam, trojans can steal a copy of your e-mail address book and send it back to a spammer.Noises, Bells and WhistlesVictims of some trojans report CD drives opening and shutting, or programs opening and closing. Is your hard drive whirling away when you're not doing anything? Is there an unknown icon in your Windows system tray (lower right corner of your screen)? If you have an external modem, there may be lights indicating data tranfers blinking when you're not doing anything online. These are all signs a program may be up to no good in the background.Offline SymptomsKeyboard loggers can capture passwords and user names, so if the bank, brokerage or credit card accounts you access online appear to have been tampered with, your computer may be a place to start looking for clues. User names and passwords to e-mail and Web-based applications are also vulnerable.If you have any reason to believe someone is interested in tracking what you do online, scan for spyware regularly. Pop-Up Advertisements: Ads or Adware?Unless you use a pop-up blocker (discussed more in Prevention), you are familiar with pop-up and pop-under advertisements, and very likely which sites legitimately serve them. Pop ads are important because not only can they be a symptom of infestation, but clicking on a rogue pop-up can lead to an infection or take you to a site where danger lurks.Most legitimate pop-ups open over your browser when you visit a Web site. If the Web site is legitimate -- The Washington Post, The New York Times and USA Today are all known to serve pop-up ads, for example -- then the advertiser is usually legitimate and well-known as well. If the advertisement doesn't seem to match the content, ask yourself some questions. When You See a Pop-Up Advertisement * Are you online? Do you have a browser open (broadband connection) or have you dialed in to your ISP (dial-up connection)? Ads that pop-up on your desktop or over offline applications such as a word processor are a possible sign of an adware infestation. * Did you just visit a Web site or open a new Web page? Most legitimate pop-up ads launch when you open a new page. * What site are you visiting? Who is the advertiser? As mentioned earlier, several major newspaper Web sites use pop-up ads. If you're treading in the dangerous waters of the Web, such as penggodam sites and pornography, the pop-ups are more likely to be shady and deceptive and could lead to a site where spyware or adware lurks. * Do the ads you see seem to be targeting you based on terms you have searched for recently or sites you have been visiting? Sometimes this is good marketing when done within a Web site, but if you keep seeing ads that seem close to your most recent online search, it may be the result of adware or spyware. If the ad seems suspicious to you, or if it was delivered while you were offline, not surfing the Web or advertises pornography, work at home or get rich quick-type messages, then stay away. In the title bar of a pop-up advertisement on USAToday.com, for example, usually starts with "USAToday.com advertisement" so you know where the ad originated.If you are getting pop-up advertisements and they remain a mystery after you answer these questions, some type of spyware or adware may be to blame. Quote Share this post Link to post Share on other sites
joetbg_x 0 Report post Posted June 25, 2005 adoiii.. paste panjang2 pun bukan ada yg nak baca.. Quote Share this post Link to post Share on other sites
BigBurn 0 Report post Posted June 25, 2005 aduuhhhh ponin kepala aku!... yang lelain tu semua dah settle......tinggal yang virus POLYBOOT-B tu aje....aku surfing internet, "satu dunia" aku round, takde solution.....pc-cilin punye solution cam hampeh lak tu.....hmmm...agak-agak kena format, nanti aku bagitaulah member aku tu....eh...nanti sat...kalo buat image guna Ghost, POLYBOOT-B tu, ikut sekali ke masuk dalam image tu?! Quote Share this post Link to post Share on other sites
BigBurn 0 Report post Posted June 26, 2005 EEEEAAAYAAAHOOOOOO!!!!!!...... dah settle dah masalah POLYBOOT-B aku tu....aku jumpa satu website yang telah di translatekan oleh google....nie dia....POLYBOOT-B solutionterima kasih pada semua yang membantu...civ3Impreza_2004[email protected]C-Fu Quote Share this post Link to post Share on other sites
C-Fu 0 Report post Posted June 26, 2005 ako still suggest ko buat step2 kat atas yang ako soh buat tu, pasal bukan takat boot virus tapi bejuta spyware kat pc ko. Quote Share this post Link to post Share on other sites
civ3 9 Report post Posted June 26, 2005 (edited) EEEEAAAYAAAHOOOOOO!!!!!!...... dah settle dah masalah POLYBOOT-B aku tu....aku jumpa satu website yang telah di translatekan oleh google....nie dia....POLYBOOT-B solutionterima kasih pada semua yang membantu...civ3Impreza_2004[email protected]C-Fu ←sama²...dan tahniah krn berjaya jumpa solution tuh..... Edited June 26, 2005 by civ3 Quote Share this post Link to post Share on other sites
BigBurn 0 Report post Posted June 26, 2005 ako still suggest ko buat step2 kat atas yang ako soh buat tu, pasal bukan takat boot virus tapi bejuta spyware kat pc ko.←yup!...aku dah buat dalam normal mode dan safe mode....cuma pc-cillin aje yang tak leh running dalam safe mode!.... Quote Share this post Link to post Share on other sites
Impreza_2004 0 Report post Posted June 29, 2005 adoiii.. paste panjang2 pun bukan ada yg nak baca..←terpulang pada individu sendiri..kalo menghargai ilmu pasti dia akan tau pe yg di lakukan..jadi up to yourself,, ..aku cuma ingin membantu rakan rakan PC seperjuangan ku ngan aku lakukakn kebajikan sebegini (paste)..sori kalo ia merimaskan inbox putera.com.. Quote Share this post Link to post Share on other sites
Impreza_2004 0 Report post Posted June 29, 2005 EEEEAAAYAAAHOOOOOO!!!!!!...... dah settle dah masalah POLYBOOT-B aku tu....aku jumpa satu website yang telah di translatekan oleh google....nie dia....POLYBOOT-B solutionterima kasih pada semua yang membantu...civ3Impreza_2004[email protected]C-Fu ←kasih di terima.. Quote Share this post Link to post Share on other sites