HomePortalFAQSearchRegisterLog in
 :: Science & Technology :: Repair & Troubleshooting :: Virus & Malware
 

virus pe plg jahat skang nie....??????

View previous topic View next topic Go down 
Goto page : Previous  1, 2, 3
AuthorMessage
sandwich complex
Vice General
Vice General


PiscesDragon
Age : 20
Joined : 03 Apr 2008
Posts : 1175
Location : infront of presario
Warning Bar : 
0/1000/1000/100 (0/100)

PostSubject: Re: virus pe plg jahat skang nie....??????   Tue Jun 17, 2008 1:55 am
johnburn wrote:
err, mane log?
kdang2 nmpk cam dh ilang tp still ade g.
kl bleh, bg log hijackthis ngan rapport.txt tuh (C:\rapport.txt)


ala...lupe plak
esok aku bg ek...
Back to top Go down
sandwich complex
Vice General
Vice General


PiscesDragon
Age : 20
Joined : 03 Apr 2008
Posts : 1175
Location : infront of presario
Warning Bar : 
0/1000/1000/100 (0/100)

PostSubject: Re: virus pe plg jahat skang nie....??????   Wed Jun 18, 2008 3:10 pm
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:32:24, on 1/1/2003
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
D:\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
D:\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\USS\USS.exe
D:\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Ares\Ares.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Documents and Settings\user\Application Data\U3\0260D671606099C9\LaunchPad.exe
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R3 - URLSearchHook: Yahoo! ¤u¨ã¦C - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Yahoo! ¤u¨ã¦C - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [tempreg] regsvr32 /s "C:\Program Files\s300\s300_1199809442.dll"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [USS] "C:\Program Files\USS\USS.exe"
O4 - HKLM\..\Run: [avgnt] "D:\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [4473bdaa] rundll32.exe "C:\WINDOWS\system32\gggkhbni.dll",b
O4 - HKLM\..\Run: [BM47408e36] Rundll32.exe "C:\WINDOWS\system32\bxqtmuao.dll",s
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\mwnsp.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.adobe.com/pub/shockwave/cabs/flash/swflash.cab
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - D:\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - D:\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: ewido anti-spyware 4.0 guard - Unknown owner - C:\Program Files\ewido anti-spyware 4.0\guard.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe

--
End of file - 6188 bytes


yg ni ke john???
yg rapport 2 aku tlupe nk ambk lah..
maleh nk on desktop..
Back to top Go down
johnburn
Vice General
Vice General


SagittariusTiger
Age : 21
Joined : 16 Mar 2008
Posts : 378
Location : ░▒▓108▓▒░
Warning Bar : 
0/1000/1000/100 (0/100)

PostSubject: Re: virus pe plg jahat skang nie....??????   Wed Jun 18, 2008 3:40 pm
I need the log. There is still something in there.
_________________

░▒▓ feel the pain until it hurts no more ▓▒░

Back to top Go down
sandwich complex
Vice General
Vice General


PiscesDragon
Age : 20
Joined : 03 Apr 2008
Posts : 1175
Location : infront of presario
Warning Bar : 
0/1000/1000/100 (0/100)

PostSubject: Re: virus pe plg jahat skang nie....??????   Thu Jun 19, 2008 12:08 pm
nah john...mende tah nie..


SmitFraudFix v2.325

Scan done at 10:40:07.71, Mon 06/16/2008
Run from C:\Documents and Settings\user\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in safe mode

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Killing process


»»»»»»»»»»»»»»»»»»»»»»»» hosts


127.0.0.1 localhost

»»»»»»»»»»»»»»»»»»»»»»»» VACFix

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.


»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files


»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» 404Fix

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» DNS

HKLM\SYSTEM\CS2\Services\Tcpip\..\{B2045526-E19A-4717-B60E-20DAE13E4AAA}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1


»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

Registry Cleaning done.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» End
Back to top Go down
johnburn
Vice General
Vice General


SagittariusTiger
Age : 21
Joined : 16 Mar 2008
Posts : 378
Location : ░▒▓108▓▒░
Warning Bar : 
0/1000/1000/100 (0/100)

PostSubject: Re: virus pe plg jahat skang nie....??????   Thu Jun 19, 2008 12:45 pm

  • Download SDFix ke Desktop.
  • Double click file yg di download td dan pilih Install.
  • Reboot ke Safe Mode
  • Pergi ke C:\SDFix\ dan double click RunThis.bat
  • Tekan Y dan Enter untuk proceed
  • Setelah selesai, SDFix akan restart PC tersebut.
  • Satu log akan dipaparkan setelah pc restart
  • Copy dan paste kandungan log tersebut beserta log hijackthis yg baru.

_________________

░▒▓ feel the pain until it hurts no more ▓▒░

Back to top Go down
sandwich complex
Vice General
Vice General


PiscesDragon
Age : 20
Joined : 03 Apr 2008
Posts : 1175
Location : infront of presario
Warning Bar : 
0/1000/1000/100 (0/100)

PostSubject: Re: virus pe plg jahat skang nie....??????   Fri Jun 20, 2008 11:11 am
john...ni yg rapport

SmitFraudFix v2.325

Scan done at 10:54:38.37, Fri 06/20/2008
Run from C:\Documents and Settings\user\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in safe mode

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Killing process


»»»»»»»»»»»»»»»»»»»»»»»» hosts


127.0.0.1 localhost

»»»»»»»»»»»»»»»»»»»»»»»» VACFix

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files


»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» 404Fix

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» DNS

HKLM\SYSTEM\CS2\Services\Tcpip\..\{B2045526-E19A-4717-B60E-20DAE13E4AAA}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1


»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

Registry Cleaning done.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» End


ni plak log yg hijackthis......
ade pape lg ke???



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:02:41, on 6/20/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
D:\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\QuickTime\qttask.exe
D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
D:\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\USS\USS.exe
D:\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Ares\Ares.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Documents and Settings\user\Application Data\U3\0260D671606099C9\LaunchPad.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R3 - URLSearchHook: Yahoo! ¤u¨ã¦C - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Yahoo! ¤u¨ã¦C - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [tempreg] regsvr32 /s "C:\Program Files\s300\s300_1199809442.dll"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [USS] "C:\Program Files\USS\USS.exe"
O4 - HKLM\..\Run: [avgnt] "D:\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [4473bdaa] rundll32.exe "C:\WINDOWS\system32\gggkhbni.dll",b
O4 - HKLM\..\Run: [BM47408e36] Rundll32.exe "C:\WINDOWS\system32\bxqtmuao.dll",s
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\mwnsp.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.adobe.com/pub/shockwave/cabs/flash/swflash.cab
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - D:\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - D:\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: ewido anti-spyware 4.0 guard - Unknown owner - C:\Program Files\ewido anti-spyware 4.0\guard.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe

--
End of file - 6155 bytes
Back to top Go down
johnburn
Vice General
Vice General


SagittariusTiger
Age : 21
Joined : 16 Mar 2008
Posts : 378
Location : ░▒▓108▓▒░
Warning Bar : 
0/1000/1000/100 (0/100)

PostSubject: Re: virus pe plg jahat skang nie....??????   Fri Jun 20, 2008 2:46 pm
err, ko dh post rapport tu sblom ni. then aku soh ko wat yg sdfix tuh. cek blk atas.
_________________

░▒▓ feel the pain until it hurts no more ▓▒░

Back to top Go down
sandwich complex
Vice General
Vice General


PiscesDragon
Age : 20
Joined : 03 Apr 2008
Posts : 1175
Location : infront of presario
Warning Bar : 
0/1000/1000/100 (0/100)

PostSubject: Re: virus pe plg jahat skang nie....??????   Fri Jun 20, 2008 5:08 pm
nk cek mcm mne?
aku xphm r...
Back to top Go down
johnburn
Vice General
Vice General


SagittariusTiger
Age : 21
Joined : 16 Mar 2008
Posts : 378
Location : ░▒▓108▓▒░
Warning Bar : 
0/1000/1000/100 (0/100)

PostSubject: Re: virus pe plg jahat skang nie....??????   Fri Jun 20, 2008 9:47 pm
Buat camni. jgn penin2. xyah cek, aku yg cek, hehe..
johnburn wrote:


  • Download SDFix ke Desktop.
  • Double click file yg di download td dan pilih Install.
  • Reboot ke Safe Mode
  • Pergi ke C:\SDFix\ dan double click RunThis.bat
  • Tekan Y dan Enter untuk proceed
  • Setelah selesai, SDFix akan restart PC tersebut.
  • Satu log akan dipaparkan setelah pc restart
  • Copy dan paste kandungan log tersebut beserta log hijackthis yg baru.

_________________

░▒▓ feel the pain until it hurts no more ▓▒░

Back to top Go down
sandwich complex
Vice General
Vice General


PiscesDragon
Age : 20
Joined : 03 Apr 2008
Posts : 1175
Location : infront of presario
Warning Bar : 
0/1000/1000/100 (0/100)

PostSubject: Re: virus pe plg jahat skang nie....??????   Mon Jun 30, 2008 12:54 am
aku heran la ngan ngan dekstop umah aku.......
die asyk kuar win anonymous...nape ek??
aku pakai anti virus avira free edtion...
ade sape2 ley tlg x????
Back to top Go down
TMUkmkd
General
General


SagittariusCat
Age : 20
Joined : 16 Mar 2008
Posts : 887
Location : Administration Board
Warning Bar : 
0/1000/1000/100 (0/100)

PostSubject: Re: virus pe plg jahat skang nie....??????   Sat Jul 05, 2008 1:08 pm
bila dia keluar? detail sikit terangkan, dekat mana. macam mana dia keluar. apa yang kau install

_________________
Back to top Go down
johnburn
Vice General
Vice General


SagittariusTiger
Age : 21
Joined : 16 Mar 2008
Posts : 378
Location : ░▒▓108▓▒░
Warning Bar : 
0/1000/1000/100 (0/100)

PostSubject: Re: virus pe plg jahat skang nie....??????   Sun Jul 06, 2008 9:27 am
sandwich complex wrote:
aku heran la ngan ngan dekstop umah aku.......
die asyk kuar win anonymous...nape ek??
aku pakai anti virus avira free edtion...
ade sape2 ley tlg x????

ni yg maslh aritu g ke ni?
ko dh follow lom step yg aku suruh tuh?
_________________

░▒▓ feel the pain until it hurts no more ▓▒░

Back to top Go down
arejeeb
1st Year Cadet
1st Year Cadet


CancerTiger
Age : 22
Joined : 31 Mar 2008
Posts : 14
Location : Kat Umah
Warning Bar : 
0/1000/1000/100 (0/100)

PostSubject: Re: virus pe plg jahat skang nie....??????   Thu Jul 17, 2008 4:51 pm
Salam..need help here..
komp aku kat umah x leh nak login.bleh bukak sampai login screen tu jek.
nak masuk window x leh.baru nak login je system trus logoff balik.x sempat nak wat paper pn. aku klik kat user name kat login screen tu pastu die masuk window kejap,then trus logoff balik.dah try kat safe mode pon same jgak.knape eh?sape nak tolong aku??? No
_________________
Back to top Go down
johnburn
Vice General
Vice General


SagittariusTiger
Age : 21
Joined : 16 Mar 2008
Posts : 378
Location : ░▒▓108▓▒░
Warning Bar : 
0/1000/1000/100 (0/100)

PostSubject: Re: virus pe plg jahat skang nie....??????   Sun Jul 20, 2008 11:58 am
bese jd gini di sbbkn virus
ni windows xp kn?
ko cari cd windows xp, boot ke cd tu
kat screen yg kuar ko pilih Recovery Console (tekan R)
pas msk recovery console ko type ni dan tekan enter
Code:
cd system32

pastu ko type ni dan tekan enter
Code:
copy userinit.exe wsaupdater.exe

then type ni dan tekan enter
Code:
exit

lepas pc restart, tngk leh msk ke x
kl bleh, ko update AV dan wat full system scan
_________________

░▒▓ feel the pain until it hurts no more ▓▒░

Back to top Go down
arejeeb
1st Year Cadet
1st Year Cadet


CancerTiger
Age : 22
Joined : 31 Mar 2008
Posts : 14
Location : Kat Umah
Warning Bar : 
0/1000/1000/100 (0/100)

PostSubject: Re: virus pe plg jahat skang nie....??????   Sun Jul 20, 2008 11:13 pm
timekasih la john sebab tolong aku..
tapi terlambat.aku dah format da komp tu.kalo cepat sket mesti sempat.hehe..
_________________
Back to top Go down
johnburn
Vice General
Vice General


SagittariusTiger
Age : 21
Joined : 16 Mar 2008
Posts : 378
Location : ░▒▓108▓▒░
Warning Bar : 
0/1000/1000/100 (0/100)

PostSubject: Re: virus pe plg jahat skang nie....??????   Mon Jul 21, 2008 10:59 am
yup care plng senang, format, hehe..
_________________

░▒▓ feel the pain until it hurts no more ▓▒░

Back to top Go down
Anti-Mods
Master Warrant Officer
Master Warrant Officer



Joined : 20 Jul 2008
Posts : 206
Warning Bar : 
0/1000/1000/100 (0/100)

PostSubject: Re: virus pe plg jahat skang nie....??????   Mon Jul 21, 2008 3:26 pm
slmtlah jugak had dis n madhebod . . . . hahahaha
_________________


"While One Person is Confessing, Another Person is Dumped at the Same Time"
-Harima Kenji-
"Although I've been Dumped, Acting Depressed, and Even Asking for Kindness, the World will Not Give Such a Thing"
-Harima Kenji-
Back to top Go down

virus pe plg jahat skang nie....??????

View previous topic View next topic Back to top 
Page 3 of 3Goto page : Previous  1, 2, 3

Permissions of this forum:You cannot reply to topics in this forum
 :: Science & Technology :: Repair & Troubleshooting :: Virus & Malware-