CariDotMy

 Forgot password?
 Register

ADVERTISEMENT

View: 3036|Reply: 9

files infected by backdoor.ircbot.qc ... slamat tak kalau delete?

[Copy link]
Post time 11-7-2006 11:51 AM | Show all posts |Read mode
arituh scan ... ada 4 files yg ewido detected kena infect ngan Backdoor.IRCBot.qc :

1 - C:\WINDOWS\system32\p2pnetworking.exe --- nih ok kot delete?
2 - C:\Documents and Setttings\All Users\Start Menu\Programs\Startup\msconfig.exe  
3 - C:\z.rar   ----- yg nih tatau file apa.. try carik tak jumpa plak?
4 - C:\WINDOWS\Setup.exe  --- yg nih xsure ok ka tak kalau delete?

kalau saya nak delete semua files tuh (skrang tgh quarantine) ... agak2 ok ker? tak rosak system ke?

thanks!
Reply

Use magic Report


ADVERTISEMENT


Post time 11-7-2006 03:27 PM | Show all posts

Reply #1 cyra's post

spatutnya search kat google dulu.

1- p2pnetworking.exe ni rasanya leh delete kot.
2- msconfig sepatutnya dok tmpat lain, bukan dlm document & setting, mungkin file tu decoy aje kot.
3- z.rar mungkin akan di extract & run pada bebila masa. tapi taktau apa isi kandungan.
4- setup.exe ni terlalu general. tk brani nk bg suggestion.

infected ni maknanya dijangkiti. kalo file tu penting, takleh delete la. tapi kalo kita kenal file file apa, dan kita tau kalo delete takkan bagi kesan besar pada sistem pc kita, maka... buleh la delete tanpa was-was... :cak:

tapi seeloknya Quarantine la dulu. lepas quarantine baru cek cemanakot2 windows ada efek ke. jadi lembab ke, takleh login internet ke ,,, cemana...
Reply

Use magic Report

 Author| Post time 11-7-2006 05:04 PM | Show all posts
Originally posted by bzzts at 11-7-2006 03:27 PM
spatutnya search kat google dulu.

1- p2pnetworking.exe ni rasanya leh delete kot.
2- msconfig sepatutnya dok tmpat lain, bukan dlm document & setting, mungkin file tu decoy aje kot.
3- z.r ...


thanks bzzts sbb reply...

actuallynya dah search kat google... tp result yg kluar bt lagi pening kepala ja.. tak paham.. huhuhu

skrang nih semua file mmg tgh quarantine... so kiranya kalau lepas nih cam pc takda masalah.. leh slamba delete laa ek? kiranya dia quarantine tuh nak tgk how important the files are to the system ke?
Reply

Use magic Report

Post time 11-7-2006 05:40 PM | Show all posts
Originally posted by cyra at 11-7-2006 05:04 PM


thanks bzzts sbb reply...

actuallynya dah search kat google... tp result yg kluar bt lagi pening kepala ja.. tak paham.. huhuhu

skrang nih semua file mmg tgh quarantine... so kiranya kala ...

lepas quarantine, try restart. kalo ada efek, maknanya file yg dikuarantine tu penting. mungkin file tu salah satu dari windows component. so, takleh delete.

try refer site ni: liteutilities.com

http://www.liutilities.com/products/wintaskspro/processlibrary/
atau masuk sini http://www.liutilities.com/produ ... cesslibrary/msmsgs/
dan isi file.exe tu dan biar library dia cari samada exe tu bahaya ke tidak.

kalo results dia kata threat, delete la.
Reply

Use magic Report

 Author| Post time 11-7-2006 06:01 PM | Show all posts
Originally posted by bzzts at 11-7-2006 05:40 PM

lepas quarantine, try restart. kalo ada efek, maknanya file yg dikuarantine tu penting. mungkin file tu salah satu dari windows component. so, takleh delete.

try refer site ni: liteutilities. ...


ouwh... thanks! :hatdown:
Reply

Use magic Report

Post time 11-7-2006 06:50 PM | Show all posts
hati-hati ngan file names... kadang files yg tipu ni nampak identical ngan system files sebenar.. cftmon.exe (tipu) boleh nampak macam ctfmon.exe (system file)

kalau nak windows tunjukkan semua files termasuk hidden ones, kat windows explorer > tools > folder options  > view... kat advance settings tu cari hidden files and folders, pilih show hidden files and folders... jaga-jaga dengan option ni, jgn salah delete...
Reply

Use magic Report

Follow Us
Post time 11-7-2006 09:51 PM | Show all posts

Reply #6 rienn's post

normally kalao bukak taskmanager dah leh tgk process tu running under system name atau username.
dari situ leh agak ada suspicious process tgh run.

kalo jumpa, elok check dulu startup item dlm msconfig, check BHO dan scan la dgn apa2 yg patut.
Reply

Use magic Report

Post time 26-8-2006 03:49 PM | Show all posts

virus tak boleh quarantine - bitdefender v9

saya baru scan pc saya and discover virus Generic.Zlob.8691e397 kat
C:/Document and Setting/Applicatian Data.......
tapi pelik nye bitdefender tak boleh moved ke quarantine. tolong saya macam mane nak delete virus nie
Reply

Use magic Report


ADVERTISEMENT


Post time 27-8-2006 12:15 AM | Show all posts
Originally posted by pipikanan at 26-8-06 03:49 PM
saya baru scan pc saya and discover virus Generic.Zlob.8691e397 kat
C:/Document and Setting/Applicatian Data.......
tapi pelik nye bitdefender tak boleh moved ke quarantine. tolong saya macam man ...


try gune google n check virus tuh
rasanyer ada cara nak solved nyer
cuma penyelesaiannya based dr forum org lain ......
Reply

Use magic Report

Post time 28-8-2006 06:12 PM | Show all posts
tq very much fly
Reply

Use magic Report

You have to log in before you can reply Login | Register

Points Rules

 

ADVERTISEMENT



 

ADVERTISEMENT


 


ADVERTISEMENT
Follow Us

ADVERTISEMENT


Mobile|Archiver|Mobile*default|About Us|CariDotMy

29-12-2024 08:04 PM GMT+8 , Processed in 0.055565 second(s), 22 queries , Gzip On, Redis On.

Powered by Discuz! X3.4

Copyright © 2001-2021, Tencent Cloud.

Quick Reply To Top Return to the list