PDA

View Full Version : ANSAV gagal membersihkan virus??

harlezz
06-02-2009, 01:46 AM
http://upload.kapanlagi.com/images/thumb/20090602014426_sample2_4a24218a8967c-t.jpg (http://upload.kapanlagi.com/h/20090602014426_sample2_4a24218a8967c.JPG)
http://upload.kapanlagi.com/images/thumb/20090602014426_sample_4a24218a78591-t.jpg (http://upload.kapanlagi.com/h/20090602014426_sample_4a24218a78591.JPG)
http://upload.kapanlagi.com/images/thumb/20090602014426_sample1_4a24218a848e5-t.jpg (http://upload.kapanlagi.com/h/20090602014426_sample1_4a24218a848e5.JPG)
http://upload.kapanlagi.com/images/thumb/20090602014426_sample3_4a24218a90be3-t.jpg (http://upload.kapanlagi.com/h/20090602014426_sample3_4a24218a90be3.JPG)


a-squared 4.0.0.101 2009.05.30 Trojan-Spy.Win32.BZub!IK AhnLab-V3 5.0.0.2 2009.05.29 Win-Trojan/Xema.variant AntiVir 7.9.0.180 2009.05.29 TR/Crypt.Morphine.Gen Antiy-AVL 2.0.3.1 2009.05.27 Trojan/Win32.Delf Authentium 5.1.2.4 2009.05.29 W32/Trojan2.GLQW Avast 4.8.1335.0 2009.05.29 Win32:Trojan-gen {Other} AVG 8.5.0.339 2009.05.29 Win32/Heur BitDefender 7.2 2009.05.30 Trojan.Generic.1788813 CAT-QuickHeal 10.00 2009.05.29 Trojan.Agent.ATV ClamAV 0.94.1 2009.05.29 - Comodo 1199 2009.05.29 Unclassified Malware DrWeb 5.0.0.12182 2009.05.29 Trojan.Virtumod.1667 eSafe 7.0.17.0 2009.05.27 Suspicious File eTrust-Vet 31.6.6530 2009.05.30 Win32/Vundo.CEH F-Prot 4.4.4.56 2009.05.29 W32/Trojan2.GLQW F-Secure 8.0.14470.0 2009.05.29 Trojan-Clicker.Win32.Delf.cbe Fortinet 3.117.0.0 2009.05.30 W32/Agent.C!tr GData 19 2009.05.30 Trojan.Generic.1788813 Ikarus T3.1.1.57.0 2009.05.30 - K7AntiVirus 7.10.749 2009.05.29 Trojan.Win32.Malware.1 Kaspersky 7.0.0.125 2009.05.30 Trojan-Clicker.Win32.Delf.cbe McAfee 5630 2009.05.29 Vundo McAfee+Artemis 5630 2009.05.29 Vundo McAfee-GW-Edition 6.7.6 2009.05.29 Trojan.Crypt.Morphine.Gen Microsoft 1.4701 2009.05.29 Adware:Win32/Virtumonde.A NOD32 4116 2009.05.29 Win32/Adware.BHO.NGN Norman
2009.05.29 W32/Smalltroj.JVTG nProtect 2009.1.8.0 2009.05.29 Trojan-Clicker/W32.Agent.143872 Panda 10.0.0.14 2009.05.29 Spyware/Virtumonde PCTools 4.4.2.0 2009.05.29 Trojan.Vundo!sd6 Prevx 3.0 2009.05.30 High Risk Fraudulent Security Program Rising 21.31.21.00 2009.05.27 Trojan.DL.Win32.Undef.ahu Sophos 4.42.0 2009.05.30 Troj/Agent-KAG Sunbelt 3.2.1858.2 2009.05.30 Trojan.Crypt.Morphine.Gen Symantec 1.4.4.12 2009.05.30 Trojan.Vundo TheHacker 6.3.4.3.334 2009.05.29 Trojan/Clicker.Delf.cbe TrendMicro 8.950.0.1092 2009.05.29 TROJ_VUNDO.ANL VBA32 3.12.10.6 2009.05.27 Win32.Adware.BHO.NGN ViRobot 2009.5.29.1761 2009.05.29 Trojan.Win32.Vundo.143872 VirusBuster 4.6.5.0 2009.05.29 Trojan.Virtumonde.HVH

tolongin dunk...
itu dah saya scan pk KIS kedeteck jg...
tapi sama aja...
gk isa di deleted...
pas scan full pke KIS...otomatis nge restart kompi...
n msuk ke KIS sruh restart kompi lg...
n berulang2x tapi viruz tetep lom ilank >.<
f3rd1
06-02-2009, 08:53 AM
coba pakai Norman Malware Cleaner (norman.com/downloads/en-us) download versi terbarunya. Sebelum memakai tool ini, sebaiknya System restore dimatikan dulu.
harlezz
06-02-2009, 02:02 PM
coba pakai Norman Malware Cleaner (norman.com/downloads/en-us) download versi terbarunya. Sebelum memakai tool ini, sebaiknya System restore dimatikan dulu.

Failed to delete file (0x00000005): C:\WINDOWS\system32\winlogon.exe(960) (C:\WINDOWS\system32\oyrjwaxi.dll!0x02FF0000) (Infected with W32/Smalltroj.JVTG)

Failed to delete file (0x00000005): C:\WINDOWS\system32\Explorer.EXE(304) (C:\WINDOWS\system32\oyrjwaxi.dll!0x038D0000) (Infected with W32/Smalltroj.JVTG)

perlu gw upload gk file virusna???
sand
06-02-2009, 03:11 PM
kalo menurut saya mendingan pencet aja terus tuh virusnya dengan menu quarantied,delete,clean...saya juga pernah kayak gitu...tapi lama~kelamaan virus itu gak nongol lagi(yeah!!!:madpisang: )

-eh tapi itu artinya ilang gak ya...huehehehehehe(komen donk!!!)
andretans
06-02-2009, 04:30 PM
Failed to delete file (0x00000005): C:\WINDOWS\system32\winlogon.exe(960) (C:\WINDOWS\system32\oyrjwaxi.dll!0x02FF0000) (Infected with W32/Smalltroj.JVTG)

Failed to delete file (0x00000005): C:\WINDOWS\system32\Explorer.EXE(304) (C:\WINDOWS\system32\oyrjwaxi.dll!0x038D0000) (Infected with W32/Smalltroj.JVTG)

perlu gw upload gk file virusna???




upload donk ah, buat kite analisa bareng
harlezz
06-02-2009, 08:20 PM
http://www.indowebster.com/_viruz.html
f3rd1
06-02-2009, 10:04 PM
Failed to delete file (0x00000005): C:\WINDOWS\system32\winlogon.exe(960) (C:\WINDOWS\system32\oyrjwaxi.dll!0x02FF0000) (Infected with W32/Smalltroj.JVTG)

Failed to delete file (0x00000005): C:\WINDOWS\system32\Explorer.EXE(304) (C:\WINDOWS\system32\oyrjwaxi.dll!0x038D0000) (Infected with W32/Smalltroj.JVTG)

perlu gw upload gk file virusna???




udah coba masuk ke Safe Mode?
kalo bisa, masuk Safe Mode truz baru jalanin Norman Malware Cleaner.
f3rd1
06-02-2009, 10:06 PM
emang sulit kalo nganalisa virus yang bukan executable file.:(
f3rd1
06-02-2009, 10:09 PM
ini hasil analisis dari ThreatExpert.com
(threatexpert.com/report.aspx?md5=a299db7486a2460a12a5554b59e5dae4)
f3rd1
06-02-2009, 10:11 PM
semoga sedikit membantu...
andretans
06-02-2009, 11:03 PM
ini hasil analisis dari ThreatExpert.com
(threatexpert.com/report.aspx?md5=a299db7486a2460a12a5554b59e5dae4)
wah, dah lengkap tuh ulasannya
harlezz
06-03-2009, 11:27 AM
gw mlh gk ngerti:hammer:
f3rd1
06-03-2009, 05:03 PM
MENGATASI VIRUS TERSEBUT
(belajar dari postingan om xerion)
1. stop semua proses C:\WINDOWS\explorer.exe
2. hapus file C:\WINDOWS\system32\oyrjwaxi.dll
3. jalankan lagi C:\WINDOWS\explorer.exe
4. scan komputer anda (gunakan Norman Malware Cleaner)
harlezz
06-04-2009, 03:28 PM
tetep gk ngerti saia:o..
Dann
06-04-2009, 07:33 PM
Wah kalau KIS udah error juga sulit tuh, udah kritis! saran saya di repair pake CD Windowsnya dulu, kalau sudah, langsung install ulang KIS nya en SCAN deh...
harlezz
06-06-2009, 02:21 AM
thnks all dah pada bantuin...

masalah clear~...

closed thread plzzz...

itu saiah pk combofix bisa ^^
thnks all