zack037
-
Content Count
21 -
Joined
-
Last visited
Posts posted by zack037
-
-
dah tau, hehe. dah habis sumer basic hehe
-
camne nak tgk password file? n camne nak tau itu password file?
-
http://rs312.rapidshare.com/files/11163457...0.66_Modded.rar
Nie link terbaru, link kat page 1 tue cam x boleh pakai jek. Bukan main lama loading.
-
Okay, Thanks.
Tu la, dah terkena nie sabar je la. Kejap2 down, kejap2 down jek GoDaddy nie.
-
Assalammualaikum dan salam sejahtera,
Saya kini sedang mencari sebuah dedicated server yang bagus, tapi bukan dari malaysia.
Sebelum nie saya guna GoDaddy dari US, tak stabil langsung asyik connection lost.
Harap kepada yang pro, boleh bantu saya. Kalau boleh nak cari yang area Canada atau Asia.
Selain Malaysia.
Spek server yang bagus,
Contoh :
Intel Pentium Quad/Dual 2.0 ke atas
Memory 2gb ke atas.
100mb dedicated line.
Uptime 24/7
Harap korang leh bantu.
p/s : Saya tak tau nie bahagian yang betul sy post tajuk, kalau salah mod tolong pindahkan ek.
-
Ini hari kedua, takde ape2 masalah lagi.
Kalau sesapa ada masalah cam aku nie. Try la buat step2 di atas, InsyaAllah berjaya.
Thanks again kepada baok
=============
TOPIC CLOSED
=============
-
Ok dah buat, terima kasih banyak2.
Kalau la ko nie pompuan, pastu kat tempat aku, aku dah peluk2 cium dah ko.
Memang penyelamat, kene amik kursus komputer ngan ko la nie huhu.
-
Ok, terima kasih banyak2. Sangat2 membantu, ko memang pro. Kalau ada apa2 terjadi lagi dalam 2,3 hari lepas dah wat smua nie.. aku post kat sini k.
Kalau xde ape2, aku close topic nie.
-
ok dah, nie lognyer :
Explorer killed successfully
C:\WINDOWS\System32\drivers\gzberq.sys moved successfully.
Explorer started successfully
OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 09072008_210631
ape yang kita tengah buat sebenarnya, sy tahu buat tp tak tau aper maknanya...
Nak faham sket...
-
Nie result Virustotal :
AhnLab-V3 2008.9.3.0 2008.09.03 -
AntiVir 7.8.1.23 2008.09.03 -
Authentium 5.1.0.4 2008.09.03 -
Avast 4.8.1195.0 2008.09.03 -
AVG 8.0.0.161 2008.09.03 -
BitDefender 7.2 2008.09.03 -
CAT-QuickHeal 9.50 2008.09.02 -
ClamAV 0.93.1 2008.09.03 -
DrWeb 4.44.0.09170 2008.09.03 -
eSafe 7.0.17.0 2008.09.03 -
eTrust-Vet 31.6.6066 2008.09.03 -
Ewido 4.0 2008.09.03 -
F-Prot 4.4.4.56 2008.09.03 -
F-Secure 8.0.14332.0 2008.09.03 -
Fortinet 3.14.0.0 2008.09.03 -
GData 19 2008.09.03 -
Ikarus T3.1.1.34.0 2008.09.03 -
K7AntiVirus 7.10.439 2008.09.03 Trojan.Win32.Malware.2
Kaspersky 7.0.0.125 2008.09.03 -
McAfee 5376 2008.09.03 -
Microsoft 1.3903 2008.09.03 -
NOD32v2 3412 2008.09.03 -
Norman 5.80.02 2008.09.03 -
Panda 9.0.0.4 2008.09.03 -
PCTools 4.4.2.0 2008.09.03 -
Prevx1 V2 2008.09.03 -
Rising 20.60.21.00 2008.09.03 -
Sophos 4.33.0 2008.09.03 -
Sunbelt 3.1.1592.1 2008.08.30 -
Symantec 10 2008.09.03 -
TheHacker 6.3.0.8.070 2008.09.02 -
TrendMicro 8.700.0.1004 2008.09.03 -
VBA32 3.12.8.4 2008.09.02 -
ViRobot 2008.9.2.1361 2008.09.03 -
VirusBuster 4.5.11.0 2008.09.03 -
Webwasher-Gateway 6.6.2 2008.09.03 -
Additional information
File size: 61440 bytes
MD5...: 589312a3b46721c5a751e4d5222a89be
SHA1..: 3a497d3968a4f6e3c648d196da38e5f98e75ec30
SHA256: 03cbe6df7f5605a3659ffe27a1184a8d9066436a17d7bac9cceb122de74f
69ae
SHA512: c8abe050c97efe34541c3ef293a750e34b82117ae41f41d83db1f1489eb5
d776
a1d59d0b4a1e13536e5bebda630693daf4be66cc386f587a69288c76df98
cf7b
PEiD..: -
TrID..: File type identification
Clipper DOS Executable (33.3%)
Generic Win/DOS Executable (33.0%)
DOS Executable Generic (33.0%)
VXD Driver (0.5%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x1d394
timedatestamp.....: 0x476b398b (Fri Dec 21 03:56:59 2007)
machinetype.......: 0x14c (I386)
( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x400 0xd756 0xd780 5.52 e0dc8fff10e3a7c6343455cd02a67954
.rdata 0xdb80 0x10e 0x180 3.44 d2fd0bc28e070ccc67879e04b7cd5302
.data 0xdd00 0xc0 0x100 0.04 66a415a49d751cb335895306ecfb3389
INIT 0xde00 0x376 0x380 5.17 79cc3d62ef3ba8053786e08dc9b6cddc
.reloc 0xe180 0xe2c 0xe80 6.60 4f845320301140370066cbceee4c5e4c
( 1 imports )
> ntoskrnl.exe: ZwWriteFile, wcslen, RtlUpcaseUnicodeChar, ZwClose, ZwCreateFile, RtlInitUnicodeString, wcscat, wcscpy, _wcsicmp, ZwQueryValueKey, ZwOpenKey, ZwDeleteKey, swprintf, ZwEnumerateKey, ExFreePoolWithTag, DbgPrint, ExAllocatePoolWithTag, RtlPrefixUnicodeString, RtlDeleteRegistryValue, ZwSetValueKey, RtlWriteRegistryValue, ZwEnumerateValueKey, ZwOpenFile, ZwSetInformationFile, KeTickCount, ZwQueryInformationFile, KeBugCheck, MmGetSystemRoutineAddress, ZwFlushKey, PsTerminateSystemThread, KeSetPriorityThread, KeGetCurrentThread, RtlCheckRegistryKey, KeDelayExecutionThread, ZwReadFile, PsCreateSystemThread, PsGetVersion
( 0 exports )
yang nie lak OTMoveit2 :
Explorer killed successfully
b3de58cd service deleted successfully.
restore service deleted successfully.
File/Folder C:\WINDOWS\system32\drivers\b3de58cd.sys not found.
File/Folder C:\WINDOWS\system32\drivers\restore.sys not found.
< HKEY_USERS\.default\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\NoDispBackgroundPage >
Registry value HKEY_USERS\.default\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\NoDispBackgroundPage deleted successfully.
< HKEY_USERS\.default\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\NoDispScrSavPage >
Registry value HKEY_USERS\.default\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\NoDispScrSavPage deleted successfully.
< EmptyTemp >
File delete failed. C:\DOCUME~1\ADMINI~1.MIC\LOCALS~1\Temp\etilqs_ZRi8mqtTsqQSB5DmwzAC scheduled to be deleted on reboot.
Temp folders emptied.
IE temp folders emptied.
Explorer started successfully
OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 09072008_205144
Files moved on Reboot...
File C:\DOCUME~1\ADMINI~1.MIC\LOCALS~1\Temp\etilqs_ZRi8mqtTsqQSB5DmwzAC not found!
Alhamdulillah, dah takde kuar lagi dah. Rasanya dah takde lg menatang tue.
Lega rasanya, nk dekat seminggu dok perang sendiri, almaklumlah bukan tau sgt pasal computer program nie.
Ermm.. lagi satu, camne nak manage startup program?
byk sgt load masa on window nie jadi slow lak..
-
Ok ini log file setelah wat combofix
Log File : http://w14.easy-share.com/1701484828.html
p/s : camne ek nak manage start up item, dah lupa la... kalau tak silap start >> run >> iniconfig... tak ingat tapi rasanya lebih kurang la kot.
-
ok pas siap nanti sy bgtau keputusannya
-
spyware detect trojan nie : Trojan-PWS.Bancos
pastu ada lak kuar C:\327882R2FWJFW\pv.cfexe is not a valid Win32 application.
macam ada yang x betul jek sy buat nie ke saya kene off spyware doctor nie?
sory2 tak wat lg dah, cuma dah terbiasa...
-
tak boleh nak drag pown bootdisk atas icon combofix.
bila saya lepaskan atas icon combofix.exe nanti kuar untuk run this program...
ke memang camtue?
cis, dah tau dah. Kene block rupenye combofix. dah boleh tp...
-
Ok thanks,
Harap awk dapat membantu. Nie kalau ada kat tempat saya nie dah belanja berbuka pose dah.
Setakat nie yang MalwareBytes' dah fix ialah display properties. Smua dah ada balik.
Tinggal yang tak tau asal usul jek nie.
p/s : Lama dah tak layan putera.com sampai post dulu dah kene delete. Huhu...
-
Mmg banyak drive, C: dengan D: jek ada file. E: tue partition kosong.
Pastu H: tue thumb drive.
Tak stop scan pown, complete habis scan tue.
Lagi satu kan lepaskan scan ngan malware tadi tue,
ada file yang kene delete on reboot, bila reboot window takleh load,
so saya load last good known configuration, n menatang tue ada lagi... boleh gila camnie....
Nie OTViewIt :
Bukan sengaja nak edit, kang kene double post... kene delete ngan mod lak.
-
Ok, saya akan cuba.
Tengah Scan...
Ok, dah siap scan nie log file dari Malwarebytes':
Malwarebytes' Anti-Malware 1.26
Database version: 1122
Windows 5.1.2600 Service Pack 2
9/7/2008 5:54:31 PM
mbam-log-2008-09-07 (17-54-31).txt
Scan type: Full Scan (C:\|D:\|E:\|H:\|)
Objects scanned: 81545
Time elapsed: 16 minute(s), 21 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 10
Registry Values Infected: 4
Registry Data Items Infected: 2
Folders Infected: 13
Files Infected: 40
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
C:\WINDOWS\system32\blphc3aoj0e3b7.scr (Trojan.FakeAlert) -> Delete on reboot.
Registry Keys Infected:
HKEY_CLASSES_ROOT\spox (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolie.bho (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{86dff136-77b4-472c-b3b3-dddee57ac1a1} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{ea2a4962-9d7c-4912-82a6-4abc1655f003} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7e61bb38-a952-40ba-98f0-0ad229658cb7} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7e61bb38-a952-40ba-98f0-0ad229658cb7} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\rhc7aoj0e3b7 (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lphc3aoj0e3b7 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\originalwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\convertedwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\scrnsave.exe (Hijack.Wallpaper) -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispBackgroundPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispScrSavPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\ScanSpyware v3.7 (Rogue.ScanSpyware) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\rhc7aoj0e3b7 (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\rhc7aoj0e3b7\Quarantine (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\rhc7aoj0e3b7\Quarantine\Autorun (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\rhc7aoj0e3b7\Quarantine\Autorun\HKCU (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\rhc7aoj0e3b7\Quarantine\Autorun\HKCU\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\rhc7aoj0e3b7\Quarantine\Autorun\HKLM (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\rhc7aoj0e3b7\Quarantine\Autorun\HKLM\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\rhc7aoj0e3b7\Quarantine\Autorun\StartMenuAllUsers (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\rhc7aoj0e3b7\Quarantine\Autorun\StartMenuCurrentUser (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\rhc7aoj0e3b7\Quarantine\BrowserObjects (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\rhc7aoj0e3b7\Quarantine\Packages (Rogue.Multiple) -> Quarantined and deleted successfully.
Files Infected:
C:\WINDOWS\system32\blphc3aoj0e3b7.scr (Trojan.FakeAlert) -> Delete on reboot.
C:\WINDOWS\system32\lphc3aoj0e3b7.exe (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\drivers\b3de58cd.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\eetF.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\zqm10.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\icq1.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\qefF.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
D:\Antivirus & Cleaner\Virus Remover\Flash remover.exe (Adware.Agent) -> Quarantined and deleted successfully.
D:\Antivirus & Cleaner\Virus Remover\Folder Options.exe (Adware.Agent) -> Quarantined and deleted successfully.
D:\Antivirus & Cleaner\Virus Remover\haha Washer.exe (Adware.Agent) -> Quarantined and deleted successfully.
D:\Antivirus & Cleaner\Virus Remover\Tok Wan Washer.exe (Adware.Agent) -> Quarantined and deleted successfully.
D:\Antivirus & Cleaner\Virus Remover\Topui & HistoryJMTi Washer.exe (Adware.Agent) -> Quarantined and deleted successfully.
D:\Antivirus & Cleaner\Virus Remover\Virus Remover & Washer.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\ScanSpyware v3.7\ssdb082708.db (Rogue.ScanSpyware) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\svchost.exe:ext.exe (Rootkit.ADS) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\phc3aoj0e3b7.bmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\BN2.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\BN4.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\BN5.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\BN6.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\BN7.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\BN8.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\BN9.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\.tt3.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\.tt4.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\.tt6.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\.tt7.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\.tt8.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\.tt9.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\.ttA.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\.ttB.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\.ttC.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\.ttD.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\.ttE.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\.ttF.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator.MICROSOF-AE5C48\Local Settings\Temp\.tt1.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator.MICROSOF-AE5C48\Local Settings\Temp\.tt4.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\BN14.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\BN19.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
-
Assalammualaikum,
Saya nak minta tolong sesangat kat sini, comp sy nie dijangkiti FraudWare @ atau virus yang mengatakan sistem dijangkiti spyware tapi sebenarnya tidak dan disuruh download program tertentu yang sebenarnya fraud.
Dah macam2 antivirus sy guna, Kaspersky, Norton 2008, Avira, AVG 8... jumpa infection
dalam c:/windows/system32/obghva.dll <--- file dijangkiti
c:/windows/system32/obghva32.dll <--- file dijangkiti
Pastu ada la menatang nie :
c:windows/system32/ph3obr3sc3lc.scr
c:windows/system32/ph3obr3sc3lc.exe
c:windows/system32/ph3obr3sc3lc.bmp
Semua tue didetect sebagai trojan downloader/fraudload.AKBE.
Dalam saya punya display properties lak, ada dua tab hilang.
yang tinggal themes, appearence, setting...
Saya pun dah guna spyware remover, ad adware, mcm2 lg la...
Setiap kali sy restart system.. benda tu sumer ada balik. Padahal sebelum restart, sy dah buang.
Lepas masuk system jek wallpaper jadi Your system infected by bla..bla..bla..bla please download bla..bla..blaa to remove it... tension sungguh.. saya dah google tp tak jumpa gak penyelesaiannye...
Saya tak tahu la kat mana dia menyorok program asal nie. asyik duplicate balik bila restart.
Tolonglah saya, kalau boleh saya xnak format komputer.. sbb susah kat tempat saya nie.
Lgpown byk kerja2 saya dalam komputer sy nie.
Minta tolong sangat2 kepada yang professional
-
dah lama x wat ghost dh x berapa ingat dah. hehe
-
saya menyokong kepada ahli yag layak memegang jawatan dalam kelab nie,
Masalah Dengan Graphic Card
in Kad Grafik
Posted · Edited by zack037 · Report reply
Graphic Card = ATI Radeon X1550 Series
Masalah : Mungkin driver atau hardware...
bila saya main warcraft atau game yg memerlukan graphic card.. mesti keluar error graphic gpu stop responding...
sy dah update latest driver... pastu sy perasan [b]graphic card tue panas...[/b]
tp kalau main game yg mcm boomz tue, website game.. flash ok.. tp kadang2 kuar gak error.
dah mcm2 buat tp x jadi gak... kalau boleh xnk format pc or tukar graphic card baru..
so harap puteranian sekalian dpt tolong.. dh dekat 6 bulan mengidap masalah nie... sedey..