hipstudenz 0 Report post Posted November 10, 2005 naper kalau nak run .exe jadi cam niekebanyakan jadi bila nak run .exe ....sebab virus ker Quote Share this post Link to post Share on other sites
civ3 9 Report post Posted November 10, 2005 file tuh dah kurap Quote Share this post Link to post Share on other sites
joetbg_x 0 Report post Posted November 10, 2005 mungkin gak. sila post log HijackThis utk memudahkan kami. Quote Share this post Link to post Share on other sites
hipstudenz 0 Report post Posted November 10, 2005 mungkin gak. sila post log HijackThis utk memudahkan kami.←HijackThis...apa tu Quote Share this post Link to post Share on other sites
civ3 9 Report post Posted November 10, 2005 HijackThis...apa tu ←klik SINI Quote Share this post Link to post Share on other sites
C-Fu 0 Report post Posted November 10, 2005 (edited) sebelum ni pernah kene virus tak?pegi download hijackthis. http://216.180.233.162/~merijn/files/HijackThis.execreate new folder bernama hijackthis dan download ke folder tuh, kat desktop ke.software ni bergune untuk pakar pc check virus ke, spyware ke dalam pc ko. cara dia?lepas download, ko run program tu. pastu scan dan save log. pastu bukak log gune notepad kalo log tu tak di-auto-bukak lepas ko save. copy dan paste SEMUA isi kandungan log tu ke sini. Edited November 10, 2005 by C-Fu Quote Share this post Link to post Share on other sites
hipstudenz 0 Report post Posted November 11, 2005 sebelum ni pernah kene virus tak?pegi download hijackthis. http://216.180.233.162/~merijn/files/HijackThis.execreate new folder bernama hijackthis dan download ke folder tuh, kat desktop ke.software ni bergune untuk pakar pc check virus ke, spyware ke dalam pc ko. cara dia?lepas download, ko run program tu. pastu scan dan save log. pastu bukak log gune notepad kalo log tu tak di-auto-bukak lepas ko save. copy dan paste SEMUA isi kandungan log tu ke sini.←hallo C-Fu...lama tak nampak aku kureng faham arr...aku dah scan tp macam mana nak log.....aku nie bdak baru blaja Quote Share this post Link to post Share on other sites
hipstudenz 0 Report post Posted November 12, 2005 aku dah scan ngan antivirus aku...x da virus pun?? Quote Share this post Link to post Share on other sites
joetbg_x 0 Report post Posted November 12, 2005 (edited) antivirus apa ko guna? sila scan online http://www.kaspersky.com/downloads/kws/kavwebscan.htmlapa2 hal, pastikan Windows tu dah update. itu yg penting. Edited November 12, 2005 by joetbg_x Quote Share this post Link to post Share on other sites
C-Fu 0 Report post Posted November 13, 2005 aku kureng faham arr...aku dah scan tp macam mana nak log.....run program tupastu pilih DO SYSTEM SCAN AND SAVE LOGFILE :/ Quote Share this post Link to post Share on other sites
hipstudenz 0 Report post Posted November 13, 2005 run program tupastu pilih DO SYSTEM SCAN AND SAVE LOGFILE :/←aku scan ngan avast antivirus....DO SYSTEM SCAN AND SAVE LOGFILE :/dah scan....SAVE LOGFILE....nak save semua ker....kalau dah save semua nak fix ker Quote Share this post Link to post Share on other sites
joetbg_x 0 Report post Posted November 13, 2005 lepas siap scan tu kan ada kuar log kat Notepad, copy kandungan dlm Notepad tu & paste kat sini. Quote Share this post Link to post Share on other sites
hipstudenz 0 Report post Posted November 13, 2005 (edited) nie....Logfile of HijackThis v1.99.1Scan saved at 7:37:51 PM, on 11/13/2005Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Stardock\SDMCP.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exeC:\WINDOWS\System32\nvsvc32.exeC:\WINDOWS\System32\tcpsvcs.exeC:\WINDOWS\system32\slserv.exeC:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exeC:\WINDOWS\System32\rmctrl.exeC:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeC:\WINDOWS\system32\ctfmon.exeC:\WINDOWS\NCLAUNCH.EXeC:\Program Files\Alwil Software\Avast4\ashMaiSv.exeC:\Program Files\Alwil Software\Avast4\ashWebSv.exeC:\Program Files\Yahoo!\Messenger\ymsgr_tray.exeC:\WINDOWS\system32\slrundll.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Winamp\winamp.exeC:\Documents and Settings\Windows XP\Desktop\HijackThis\HijackThis.exeR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.htmlR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.comR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/O2 - BHO: IDMIEHlprObj Class - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dllO2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dllO2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dllO2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dllO2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dllO3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [nwiz] nwiz.exe /installO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInitO4 - HKLM\..\Run: [RemoteControl] C:\WINDOWS\System32\rmctrl.exeO4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osbootO4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottimeO4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeO4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [NCLaunch] C:\WINDOWS\NCLAUNCH.EXeO4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quietO8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htmO8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htmO8 - Extra context menu item: Download with Star Downloader - C:\Program Files\Star Downloader\sdie.htmO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000O8 - Extra context menu item: Enqueue in Star Downloader - C:\Program Files\Star Downloader\sdieenq.htmO8 - Extra context menu item: Leech with Star Downloader - C:\Program Files\Star Downloader\leechie.htmO9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dllO9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dllO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dllO16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F99} (CR64Loader Object) - http://www.miniclip.com/zenpuzzlegarden/mi...pGameLoader.dllO16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dllO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1128066440875O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1124753801526O17 - HKLM\System\CCS\Services\Tcpip\..\{69320004-437F-4026-8C5A-229BCE3740EE}: NameServer = 202.188.0.133 202.188.1.5O20 - Winlogon Notify: MCPClient - C:\Program Files\Common Files\Stardock\mcpstub.dllO23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exeO23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exeO23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exeO23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exeO23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exeO23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exemacam mana...ada rosak x nak tanya skit....C:\Program Files\Common Files\Stardock\SDMCP.exenie apa nie??? Edited November 13, 2005 by hipstudenz Quote Share this post Link to post Share on other sites
civ3 9 Report post Posted November 13, 2005 C:\Program Files\Common Files\Stardock\SDMCP.exenie apa nie???←Stardock Desktop Personalizer Quote Share this post Link to post Share on other sites
THX(tm) 0 Report post Posted November 13, 2005 SDMCP.exe is a part of the Stardock Desktop Personalizer which offers an alternate look to your Windows experience with Desktop skins, icons and the assigning of hotkeys Quote Share this post Link to post Share on other sites
hipstudenz 0 Report post Posted November 14, 2005 macam tu ker....aku memang ada guna stardock dulu....tp dah unistall semua....aku cuma guna stardock cursorXP...tp tak slalu guna arrr...yg lain semua dah unistall...macam mana ada Quote Share this post Link to post Share on other sites
civ3 9 Report post Posted November 14, 2005 macam tu ker....aku memang ada guna stardock dulu....tp dah unistall semua....aku cuma guna stardock cursorXP...tp tak slalu guna arrr...yg lain semua dah unistall...macam mana ada ←yang cursor stardock kau dah uninstall belum? try pergi ke program files then cari dan delete SDMCP.exe... Quote Share this post Link to post Share on other sites
hipstudenz 0 Report post Posted November 19, 2005 abis macam mana....ader virus tak...kalau takda aper masalah pc ku Quote Share this post Link to post Share on other sites
KeH 15 Report post Posted November 19, 2005 sume .exe ke jadi camtu? even kalo file exe tu dari cd? Quote Share this post Link to post Share on other sites
hipstudenz 0 Report post Posted November 20, 2005 sume .exe ke jadi camtu? even kalo file exe tu dari cd?←bukan semua exe....exe yg tertentu jer....macam maneer nie ha??? Quote Share this post Link to post Share on other sites
AnNamir 61 Report post Posted November 24, 2005 (edited) nie....Logfile of HijackThis v1.99.1Scan saved at 7:37:51 PM, on 11/13/2005Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Stardock\SDMCP.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exeC:\WINDOWS\System32\nvsvc32.exeC:\WINDOWS\System32\tcpsvcs.exeC:\WINDOWS\system32\slserv.exeC:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exeC:\WINDOWS\System32\rmctrl.exeC:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeC:\WINDOWS\system32\ctfmon.exeC:\WINDOWS\NCLAUNCH.EXeC:\Program Files\Alwil Software\Avast4\ashMaiSv.exeC:\Program Files\Alwil Software\Avast4\ashWebSv.exeC:\Program Files\Yahoo!\Messenger\ymsgr_tray.exeC:\WINDOWS\system32\slrundll.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Winamp\winamp.exeC:\Documents and Settings\Windows XP\Desktop\HijackThis\HijackThis.exeR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.htmlR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.comR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/O2 - BHO: IDMIEHlprObj Class - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dllO2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dllO2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dllO2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dllO2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dllO3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [nwiz] nwiz.exe /installO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInitO4 - HKLM\..\Run: [RemoteControl] C:\WINDOWS\System32\rmctrl.exeO4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osbootO4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottimeO4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeO4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [NCLaunch] C:\WINDOWS\NCLAUNCH.EXeO4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quietO8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htmO8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htmO8 - Extra context menu item: Download with Star Downloader - C:\Program Files\Star Downloader\sdie.htmO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000O8 - Extra context menu item: Enqueue in Star Downloader - C:\Program Files\Star Downloader\sdieenq.htmO8 - Extra context menu item: Leech with Star Downloader - C:\Program Files\Star Downloader\leechie.htmO9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dllO9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dllO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dllO16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F99} (CR64Loader Object) - http://www.miniclip.com/zenpuzzlegarden/mi...pGameLoader.dllO16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dllO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1128066440875O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1124753801526O17 - HKLM\System\CCS\Services\Tcpip\..\{69320004-437F-4026-8C5A-229BCE3740EE}: NameServer = 202.188.0.133 202.188.1.5O20 - Winlogon Notify: MCPClient - C:\Program Files\Common Files\Stardock\mcpstub.dllO23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exeO23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exeO23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exeO23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exeO23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exeO23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe←Yg aku merahkan tu, kalu ikut hijackthis log page, nasty & boleh didelete/fix kan...yg aku birukan tu pulak, kalau kata pc aku, aku fix yg warna biru tuh... kot ko nak pasti lagi, tunggu la sifu2 lain kata apa...p/s: Kalo ko ragu2, tunggu la diorang kata apa tau... Edited November 24, 2005 by annamir Quote Share this post Link to post Share on other sites
hipstudenz 0 Report post Posted November 25, 2005 oik annamir...nak kene fix ker yg merah tu...tp aku pun kureng paham ngan aper ko cakap tu Quote Share this post Link to post Share on other sites
AnNamir 61 Report post Posted November 25, 2005 Yup! kena fix! Kalu ko nak jelas lagi, ko copy smula logfile ko tu dan kendian ko pegi kat laman http://www.hijackthis.de dan ko pastekan log tu kat ruangan kosong then ko click analyze pastu dia akan kluar mana² senarai yg ko boleh/selamat utk dibuang! Quote Share this post Link to post Share on other sites
hipstudenz 0 Report post Posted November 26, 2005 oooo...macam tu ker...abis kalau yg dier tulis nasty tu kene fix arr...yg probaly nasty tu semua kene fix ker?? Quote Share this post Link to post Share on other sites
hipstudenz 0 Report post Posted November 26, 2005 aku dah fix dah yg hijjack suruh...tp yg biru tu aku belum buat lagi....asal exe aku tak boleh bukak lagi nie.....tension betul aku macam nie Quote Share this post Link to post Share on other sites