Tak Boleh Scan Virus Pada Pc

[aczan 4]

Salam, semalam aku rasa nak scan pc aku sebab dah lama tak scan..Tapi dalam 1% je scan, pc aku dah heng...acap kali cuba, tetap hal yang sama berlaku..Aku tanya orang yang arif dalam hal ni, dia kata trojan ada dalam pc aku dan dia suruh aku guna comboFix..tapi masalahnya, aku ni bukannya pakar dalam bab-bab ni..jadi minta tolong kawan-kawan yang pakai, bagaimana nak buang trojan yang degil tu.. *sebelum ni aku guna Aviva yang free, kemudian aku buang Aviva dan masuk Kaspersky IS 2010.

[test0123 10]

try guna malwarebytes..buat fullscan..

[keypo 5]

ye ..aku syor guna je MalwareBytes Antimalware Pro Final v1.45 ..setakat ni aku telah guna banyak bulan ..punyer la syok habis ..semuanya dia detect ..percaya lah ...ko leh download free je kat sini , siap dengan keygen nya sekali,janji bila ko install kena off dulu antivirus baru leh komfom ..[url="http://hotfile.com/dl/36097551/8106316/MalwareBytes_Antimalware_Pro_Final_v1.45_with_keygen.rar.html"]http://hotfile.com/dl/36097551/8106316/MalwareBytes_Antimalware_Pro_Final_v1.45_with_keygen.rar.html[/url]
[URL=http://img405.imageshack.us/i/syoknyadownload.png/][IMG]http://img405.imageshack.us/img405/3681/syoknyadownload.png[/IMG][/URL]
ni ada sedikit tentang video nya ..
[media]http://www.youtube.com/watch?v=3TiP5JJHwTE&feature=player_embedded[/media]

[aczan 4]

[quote name='keypo' date='13 August 2010 - 01:26 PM' timestamp='1281677173' post='1044759']
ye ..aku syor guna je MalwareBytes Antimalware Pro Final v1.45 ..setakat ni aku telah guna banyak bulan ..punyer la syok habis ..semuanya dia detect ..percaya lah ...ko leh download free je kat sini , siap dengan keygen nya sekali,janji bila ko install kena off dulu antivirus baru leh komfom ..[url="http://hotfile.com/dl/36097551/8106316/MalwareBytes_Antimalware_Pro_Final_v1.45_with_keygen.rar.html"]http://hotfile.com/dl/36097551/8106316/MalwareBytes_Antimalware_Pro_Final_v1.45_with_keygen.rar.html[/url]
[URL=http://img405.imageshack.us/i/syoknyadownload.png/][IMG]http://img405.imageshack.us/img405/3681/syoknyadownload.png[/IMG][/URL]
ni ada sedikit tentang video nya ..
[media]http://www.youtube.com/watch?v=3TiP5JJHwTE&feature=player_embedded[/media]
[/quote]

Aku dah panggil sifu datang tengok.. (guru pakar komputer yang mengajar kelas membaiki komputer) Dia dah masuk pelbagai perisian anti virus, termasuk malwareBytes..dan tak adapun virus dalam pc aku yang dapat di kesan..Dan dia buat macam mana entah, masa dia buka antivirus..ok..bolehlah scan...tapi bila dia balik dan dia kata pc aku dah ok..hal yang sama berulang...scan je, terus heng..aku hantar meseg kat dia, beritahu hal ni, langsung dia tak balas meseg aku...

Sekarang ni, aku terus guna je pc ni selagi boleh guna dan buat tak tahu jelah pasal masalah ni..(aku malas kalau kena format lagi..sebab pc aku ni baru beberapa bulan lalu aku format)

AH! Baru jap tadi aku try scan ikut MalwareBytes, juga dia heng...!!Agaknya virus tu dah mula mengganas??? Edited August 13, 2010 by aczan

[test0123 10]

ko run hijackthis...pastu post result tu kat sini..

[url="http://free.antivirus.com/hijackthis/"]Download Hijackthis[/url] Edited August 13, 2010 by test0123

[aczan 4]

[quote name='test0123' date='13 August 2010 - 06:52 PM' timestamp='1281696758' post='1044778']
ko run hijackthis...pastu post result tu kat sini..

[url="http://free.antivirus.com/hijackthis/"]Download Hijackthis[/url]
[/quote]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:05:41 PM, on 8/13/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3H2.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBOP.EXE
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [EPSON Stylus Photo R210 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3H2.EXE /P30 "EPSON Stylus Photo R210 Series" /O5 "LPT1:" /M "Stylus Photo R210"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EPSON Stylus Photo R390 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBOP.EXE /FU "C:\WINDOWS\TEMP\E_S2A5.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{7402E11B-F6D3-4A5A-9116-C358E8FED8A1}: NameServer = 202.188.0.133 202.188.1.5
O17 - HKLM\System\CCS\Services\Tcpip\..\{74E5DF2B-307C-4C1B-9C6E-24A4A0457097}: NameServer = 202.188.29.1,202.188.0.133
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - Unknown owner - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (file missing)
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle - C:\Program Files\Java\jre6\bin\jqs.exe

--
End of file - 7247 bytes

[hotfloppy 19]

takde pape yang pelik dengan log HijackThis tu..

mungkin PC berat sgt kot.. sebab tu nampak cam hang masa scan tu..

acu try bior je scan tu berjalan.. tutup semua program pastu baru scan..

[test0123 10]

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3H2.EXE
C:\Program Files\Common Files\Java\JavaUpdate\jusched.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBOP.EXE
C:\ProgramFiles\Skype\Toolbars\Shared\SkypeNames2.exe
C:\Program Files\MozillaFirefox\plugin-container.exe
O2 - BHO: SkypeIEPluginBHO -{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -C:\Program Files\Skype\Toolbars\InternetExplorer\skypeieplugin.dll
O2 - BHO: link filter bho -{E33CF602-D945-461A-83F0-819F76A199F8} -C:\Program Files\Kaspersky Lab\Kaspersky InternetSecurity 2010\klwtbbho.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\ProgramFiles\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [EPSON Stylus Photo R210 Series]C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3H2.EXE /P30 "EPSON Stylus Photo R210Series" /O5 "LPT1:" /M "Stylus Photo R210"
O4 - HKLM\..\Run: [avp] "C:\ProgramFiles\Kaspersky Lab\Kaspersky Internet Security2010\avp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\ProgramFiles\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [EPSON Stylus Photo R390 Series]C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBOP.EXE /FU "C:\WINDOWS\TEMP\E_S2A5.tmp"/EF "HKCU"
O8 - Extra context menu item: Add to Anti-Banner -C:\Program Files\Kaspersky Lab\Kaspersky InternetSecurity 2010\ie_banner_deny.htm
O8 - Extra context menu item: E&xport to MicrosoftExcel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Skype add-on for InternetExplorer - {898EA8C8-E7FF-479B-
O9 - Extra 'Tools' menuitem: Skype add-on forInternet Explorer -{898EA8C8-E7FF-479B-
8935-AEC46303B9E5}- C:\Program Files\Skype\Toolbars\InternetExplorer\skypeieplugin.dll
O18 - Protocol: skype-ie-addon-data -{91774881-D725-4E58-B298-07617B9B86A8} -C:\Program Files\Skype\Toolbars\InternetExplorer\skypeieplugin.dll
O23 - Service: Java Quick Starter(JavaQuickStarterService) - Oracle - C:\ProgramFiles\Java\jre6\bin\jqs.exe

removed semua logfile ni..reboot...

[aczan 4]

[quote name='test0123' date='14 August 2010 - 11:55 AM' timestamp='1281758136' post='1044828']
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3H2.EXE
C:\Program Files\Common Files\Java\JavaUpdate\jusched.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBOP.EXE
C:\ProgramFiles\Skype\Toolbars\Shared\SkypeNames2.exe
C:\Program Files\MozillaFirefox\plugin-container.exe
O2 - BHO: SkypeIEPluginBHO -{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -C:\Program Files\Skype\Toolbars\InternetExplorer\skypeieplugin.dll
O2 - BHO: link filter bho -{E33CF602-D945-461A-83F0-819F76A199F8} -C:\Program Files\Kaspersky Lab\Kaspersky InternetSecurity 2010\klwtbbho.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\ProgramFiles\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [EPSON Stylus Photo R210 Series]C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3H2.EXE /P30 "EPSON Stylus Photo R210Series" /O5 "LPT1:" /M "Stylus Photo R210"
O4 - HKLM\..\Run: [avp] "C:\ProgramFiles\Kaspersky Lab\Kaspersky Internet Security2010\avp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\ProgramFiles\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [EPSON Stylus Photo R390 Series]C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBOP.EXE /FU "C:\WINDOWS\TEMP\E_S2A5.tmp"/EF "HKCU"
O8 - Extra context menu item: Add to Anti-Banner -C:\Program Files\Kaspersky Lab\Kaspersky InternetSecurity 2010\ie_banner_deny.htm
O8 - Extra context menu item: E&xport to MicrosoftExcel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Skype add-on for InternetExplorer - {898EA8C8-E7FF-479B-
O9 - Extra 'Tools' menuitem: Skype add-on forInternet Explorer -{898EA8C8-E7FF-479B-
8935-AEC46303B9E5}- C:\Program Files\Skype\Toolbars\InternetExplorer\skypeieplugin.dll
O18 - Protocol: skype-ie-addon-data -{91774881-D725-4E58-B298-07617B9B86A8} -C:\Program Files\Skype\Toolbars\InternetExplorer\skypeieplugin.dll
O23 - Service: Java Quick Starter(JavaQuickStarterService) - Oracle - C:\ProgramFiles\Java\jre6\bin\jqs.exe

removed semua logfile ni..reboot...
[/quote]


Removed macam mana tu..??? Boleh perjelaskan lagi..? Tak berapa faham!!

[KeH 15]

tick kat kotak belah kiri pastu click fix

[test0123 10]

ya betul..ikut cara bro keh bagtaw tu...run balik hijack tu..dah siap fix..reboot:48:

[MenCaRi 10]

cuba scan melalui boot cd
http://www.softpedia.com/get/Antivirus/Kaspersky-Rescue-Disk.shtml

aku berjaya buang brontok pc customer dgn cara ni

tumpang tanya
boleh tak guna kav + malwarebytes
tak konflik ke

[test0123 10]

tak..no problem..

[696 9]

[quote name='test0123' date='12 August 2010 - 02:21 AM' timestamp='1281550904' post='1044598']
try guna malwarebytes..buat fullscan..
[/quote]

test,malwarebytes ni ok ke?

pada pendapat ko antivirus pe yg best skit skg ni?
avast 5 ok tak?

[test0123 10]

malwarebytes ok jgk..byk kotoran degil boleh keluar..

AV apa yg ok setakat ni...bg aku Mcafee dan eset..dah guna memang ok la..

tapi skrng sya tak pakai AV langsung...so far no prob la..

[696 9]

malas aku nak buka topik baru,celah kat sini je la..

software pe nak oc proc?