Optimus07 0 Report post Posted July 2, 2008 (edited) aku pakai jer kaspersky ([lanun])... die dapat detect & hapuskan virus ni kat pc umah aku tu.... hehehe... tapi masalahnye notebook ni pakai antivirus panda yg ori (tapi tak dapat detect virus ni)... sayang pulak nak uninstall & pakai kaspersky [lanun]...Pakai online scanner, pastu manual delete. X salah aku bole scan skali system restore files....X pun lagik satu solution, ko kasik anto malware tuh kt panda Edited July 2, 2008 by Optimus07 Quote Share this post Link to post Share on other sites
jasmanjunid 0 Report post Posted July 3, 2008 Salam untuk semua,Cuba Ahmad2007 cari PC yang guna MAC OSX kemudian masukkan pendrive yang ada autorun yang degil tu. Ahmad2007 akan nampak fail tu dah di lock(ada gambor kunci). open lock dan delete. selesai masalah.Me kaceh. Quote Share this post Link to post Share on other sites
esaterror80 0 Report post Posted July 3, 2008 pakai la Geeks Virus Remover.... mmg brkesan untuk autorun yg mnyerupai virus or worm or spam....cube la try dulu.... Quote Share this post Link to post Share on other sites
iem_5 0 Report post Posted July 5, 2008 (edited) cuba ko tulis bnda ni dlm notepad @echo offstart (nma drive pndrive ko tu f: ker pa² lh)del /a/s/f autorun.inf tskill explorerclosemgkn bly tulngsave dlm file bat file Edited July 5, 2008 by iem_5 Quote Share this post Link to post Share on other sites
yurckk 0 Report post Posted October 9, 2008 ade sape tau process sbnr virus ni? ade org bg aku pndrve soh tlg buangkan. tp aku xske nk buang pakai AV/remover yg dah ade. care manual. thx. Quote Share this post Link to post Share on other sites
yurckk 0 Report post Posted October 9, 2008 (edited) Assalamualaikum,aku dah jumpe care penyelesaian MANUAL.--------------------------------------------------------------------------------------------------------------------------------------1. Backup dulu registry--------------------------------------------------------------------------------------------------------------------------------------- Tekan "windows key + R" atau tekan Start Menu > Run- Taip regedit > tekan enter- *Penting: Tekan "My Computer" yg bwhnya ade byk subtree (Sekarang masih didalam Registry) *Cth subtree yg ade bwh My Computer adalah: -My Computer <------------------------- KLIK INI UTK SELECT MY COMPUTER!!! +HKEY_CLASS_ROOT +HKEY_CURRENT_USER +HKEY_LOCAL_MACHINE +CURRENT_USERS +HKEY_CURRENT_CONFIG- Pegi dkt File menu > Export- Kalau boleh buat "folder" rename sebagai tarikh hari buat backup *Cth: Okt92008 - Save as .reg (Registration File) *Utk senang igt, letak nama virus tu ke ape2 la yg bolehkn korang igt. *Cth ipse32RegBckp.reg- Tekan Button "Save"--------------------------------------------------------------------------------------------------------------------------------------2. Set restoration point dulu---------------------------------------------------------------------------------------------------------------------------------------Tekan Start Menu > All Programs > Accessories > System Tools > System Restore-Select: -Create a restore point > Next-Namakan restore point description *Kalau boleh sekali dgn tarikh dan masa dan nama penting *Cth Okt92008Ispe32exe-Create*Tgk sama ada berjaya atau tidak. Kalau xberjaya, cuba lagi.--------------------------------------------------------------------------------------------------------------------------------------3. Try msuk safe mode (F8 mase booting/pc tgh nk start)----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------4. Serach file S-1-5-21-1482476501-1644491937-682003330-1013 dalam:-------------------------------------------------------------------------------------------------------------------------------------- i. Semua Partitions ii. Registry --------------------------------------------------------------------------------------------------------------------------------------5. Delete semua file tu.----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------6. Try jgk search "ipse32.exe" (Tp aku xjmpe dlm pc aku) dalam:-------------------------------------------------------------------------------------------------------------------------------------- i. Semua Partitions ii. Registry--------------------------------------------------------------------------------------------------------------------------------------7. Delete semua file tu.----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------8. Restart Pc > Check semula-------------------------------------------------------------------------------------------------------------------------------------- *Kalau reti pakai DOS utk check lg bgus, sbb xpayah bukak pendrive. *Nk check pakai DOS, PM aku. Aku ajar lain, sbb aku nk pegi rehat. Lapo..Nk Makan. hehehe..Selamat Mencuba jika kena virus mcm ni. Aku baru try td, aku test pendrive tu kt pc org laindah xde. InsyaAllah jadi. Wallahu'alam.MAAF KALAU MANUAL AKU SALAH. Edited October 9, 2008 by yurckk Quote Share this post Link to post Share on other sites
cixent 0 Report post Posted October 9, 2008 Dah try Guna CLAV ? http://www.cixentcentral.cjb.net Quote Share this post Link to post Share on other sites
yurckk 0 Report post Posted October 9, 2008 Dah try Guna CLAV ? http://www.cixentcentral.cjb.netxde try lg, tp aku ske buang care manual. sbb byk bnde/mslh kte leh xplore. kalo btol2 da tdesak bru le aku mencari remover/av yg sedia ada. btw thx aa Cixnet. Quote Share this post Link to post Share on other sites
matthew.says 0 Report post Posted October 9, 2008 Kalau nak prevent, guna Autorun Eater. Kalau message keluar berulang2, baca ayat huruf besar kat bawah msg box...Senang cam baca ABC. Quote Share this post Link to post Share on other sites
yurckk 0 Report post Posted October 9, 2008 Kalau nak prevent, guna Autorun Eater. Kalau message keluar berulang2, baca ayat huruf besar kat bawah msg box...Senang cam baca ABC.xpenah pakai autorun eater, aku cume tau bedasarkan apa yg org post dlm ni. jd aku buang manual je. bagi aku xssh mn kalo nk dibandingkn yg aku penah jmpe sblm ne. sbb few steps je. tp tatau la kalo de lg virus tu wallahu'alam. Quote Share this post Link to post Share on other sites
matthew.says 0 Report post Posted October 9, 2008 Autorun Eater boleh prevent semua ini berlaku, dari mula lagi Quote Share this post Link to post Share on other sites
yurckk 0 Report post Posted October 9, 2008 Autorun Eater boleh prevent semua ini berlaku, dari mula lagi haha.. leh la aku try nanti.. leh aku blaja cmne die prevent. aku try la improvekn lagi kalo aku rajin buat software lg. Quote Share this post Link to post Share on other sites
dzul89 0 Report post Posted October 9, 2008 ok yurck .. kau nak buang pakai manual kan... ni aku ajarkan .. heheh ni apa yg aku tahu lah ... sebab aku dah buat ujikaji dekat 3 hari untuk buang virus utk add dlm antivirus aku . virus nie beroperasi bersama-sama dengan file windows... bila pc kau dah terkena dia akan on sekali bila pc open ... cara nak operasi n buang :1. mula-mula kau kena kill file explorer.exe tu ... yg penting jangan buka apa2 folder atau software sebab bila kau delete explorer.exe semua yang on akan ilang kejab (ctrl+alt+del then kill explorer )2. yang nie masalah skit .. sebab sebenarnya file dlm recycler ni dia sebenarnya operasi sama ngan explorer.exe nie .. bila kau dpt bunuh explorer then terus padam file dlm recycler mcm ipse.exe, isee.exe ker maka dia akan ilang.. tapi aku dah try byk kali takleh , jadi guna dlm antivirus baru boleh sebab dia terus sekali buang file tu ...harap-harap dapat membantu ... Quote Share this post Link to post Share on other sites
yurckk 0 Report post Posted October 9, 2008 ok yurck .. kau nak buang pakai manual kan... ni aku ajarkan .. heheh ni apa yg aku tahu lah ... sebab aku dah buat ujikaji dekat 3 hari untuk buang virus utk add dlm antivirus aku . virus nie beroperasi bersama-sama dengan file windows... bila pc kau dah terkena dia akan on sekali bila pc open ... cara nak operasi n buang :1. mula-mula kau kena kill file explorer.exe tu ... yg penting jangan buka apa2 folder atau software sebab bila kau delete explorer.exe semua yang on akan ilang kejab (ctrl+alt+del then kill explorer )2. yang nie masalah skit .. sebab sebenarnya file dlm recycler ni dia sebenarnya operasi sama ngan explorer.exe nie .. bila kau dpt bunuh explorer then terus padam file dlm recycler mcm ipse.exe, isee.exe ker maka dia akan ilang.. tapi aku dah try byk kali takleh , jadi guna dlm antivirus baru boleh sebab dia terus sekali buang file tu ...harap-harap dapat membantu ...ok thx utk info2 tu. aku akan kaji lg sbb org atas aku (bos gak la) aku pnjm pndrv die, de gak virus ni. jd aku akan try lagi utk kajian. aku baru tadi kaji. then aku dpt yg tu je la. tp thx la sbb bgtau cmne prosess virus ni. Quote Share this post Link to post Share on other sites
matthew.says 0 Report post Posted October 9, 2008 (edited) Malware ini takkan nampak proses dia dalam task manager. Kalau tak silap saya malware ini lah yg inject proses dia masuk proses 'services.exe', oleh itu tidak nampak ia berjalan.Saya guna AVG Free utk scan laptop kawan saya, dia detect proses itu dalam proses 'services.exe'. Edited October 9, 2008 by matthew.says Quote Share this post Link to post Share on other sites
dzul89 0 Report post Posted October 9, 2008 tak pasti pulak services.exe ... sebab dzul try kat explorer.exe dapat ... baru leh padam.. tak pasit lak services.exe tu ... tak try lagi .. ok thx for the info Quote Share this post Link to post Share on other sites
☺■Ç 0 Report post Posted October 9, 2008 (edited) hehehekepada pembuat antivirus yang menggunakan MD5 sebagai detector/compare/scanner... korang leh masukan data MD5 virus ni lam database korang....0x7457A5DF1FF47C957ACF1FA000D7D9ADdan0x009DBC6C5D876B3F88DF2439A8120A57Kalau yang guna crc32 algorithm... convert ler dari MD5 ke CRC32 hehehehe banyak dah calculator sekarang ni.. untuk rujukan sepenuhnyer disini..hehehehe http://www.threatexpert.com/report.aspx?ui...d4-5719e16cc395 Edited October 9, 2008 by ☺■Ç Quote Share this post Link to post Share on other sites
yurckk 0 Report post Posted October 10, 2008 Malware ini takkan nampak proses dia dalam task manager. Kalau tak silap saya malware ini lah yg inject proses dia masuk proses 'services.exe', oleh itu tidak nampak ia berjalan.Saya guna AVG Free utk scan laptop kawan saya, dia detect proses itu dalam proses 'services.exe'.Inject, dlu aku penah gak nk try kaji2 mcm mn file2 ni die inject file lain. ade 1 software nk tau process yg kne inject. ade sp2 tau x? aku dah xigt nma software tu, dlu aku penah pakai. mmm.. processxp ke? Quote Share this post Link to post Share on other sites
☺■Ç 0 Report post Posted October 10, 2008 (edited) Inject, dlu aku penah gak nk try kaji2 mcm mn file2 ni die inject file lain. ade 1 software nk tau process yg kne inject. ade sp2 tau x? aku dah xigt nma software tu, dlu aku penah pakai. mmm.. processxp ke?Dapatkan avg anti rootkit di sini... ianya free.. http://www.pcworld.com/downloads/file_down...y/download.htmlDownload ler.. Install dan Reboot PC.. kemudian Search for rootkit pakai AVG anti rootkit tu...Ni plak sophos anti rootkit... free juga.. download ler...http://www.sophos.com/products/free-tools/...ti-rootkit.html Edited October 10, 2008 by ☺■Ç Quote Share this post Link to post Share on other sites
yurckk 0 Report post Posted October 10, 2008 Dapatkan avg anti rootkit di sini... ianya free.. http://www.pcworld.com/downloads/file_down...y/download.htmlDownload ler.. Install dan Reboot PC.. kemudian Search for rootkit pakai AVG anti rootkit tu...Ni plak sophos anti rootkit... free juga.. download ler...http://www.sophos.com/products/free-tools/...ti-rootkit.htmlall rise. thx. nanti aku try.. isaw gk pc ni kne inject..mau ketagih nanti..hehe.. Quote Share this post Link to post Share on other sites
matthew.says 0 Report post Posted October 10, 2008 tak pasti pulak services.exe ... sebab dzul try kat explorer.exe dapat ... baru leh padam.. tak pasit lak services.exe tu ... tak try lagi .. ok thx for the infoTak digalakkan kill proses services.exe kalau tak pasti kerana ia akan menyebabkan system instability, kemungkinan besar akan crash. Quote Share this post Link to post Share on other sites
yurckk 0 Report post Posted October 10, 2008 Tak digalakkan kill proses services.exe kalau tak pasti kerana ia akan menyebabkan system instability, kemungkinan besar akan crash.crash tros ke? atau ms session tu je? Quote Share this post Link to post Share on other sites
matthew.says 0 Report post Posted October 10, 2008 Tak pasti, tak cuba lagi. Kemungkinan Windows tak akan benarkan. Tapi kamu boleh cuba kalau tak kisah...haha. Quote Share this post Link to post Share on other sites
yurckk 0 Report post Posted October 10, 2008 Tak pasti, tak cuba lagi. Kemungkinan Windows tak akan benarkan. Tapi kamu boleh cuba kalau tak kisah...haha.tu la aku ase cm2 gak, windows will block kte kill process tu. maybe. btw. malas aku nk try.hahaha..jap g kt tmpt keje sangap aku nk re-format pe lak..hahaha. Quote Share this post Link to post Share on other sites
tokputih 0 Report post Posted November 18, 2008 tula komputer tok semua dah pakai.... yang ada recycler to ialah services.exe... benda ni duduk dalam sistem .. semua antivirus yang dicadangkan masih tak dapat nak selesai.... Quote Share this post Link to post Share on other sites