wanza 8 Report post Posted March 22, 2007 komputer aku masuk virus...tapi ble scan pakai AVG full edition xdpat detect... kesannya, file option ngan task manager xbley bukak....xtau la apa lagi yang effect virus tu...kat dalam folder, dia copy balik nama file folder td....jd exe....diharap otai2 semua dapat membantuthanks.... Share this post Link to post Share on other sites
masham 0 Report post Posted March 22, 2007 komputer aku masuk virus...tapi ble scan pakai AVG full edition xdpat detect... kesannya, file option ngan task manager xbley bukak....xtau la apa lagi yang effect virus tu...kat dalam folder, dia copy balik nama file folder td....jd exe....diharap otai2 semua dapat membantuthanks....aper da ko ni...x search topik dulu ke..dah byk kali da topik ni..tajuk pun letak la biar spesifik ngan masalah ko tu..guna PAV at www.data0.net Share this post Link to post Share on other sites
johnburn 6 Report post Posted March 22, 2007 komputer aku masuk virus...tapi ble scan pakai AVG full edition xdpat detect... kesannya, file option ngan task manager xbley bukak....xtau la apa lagi yang effect virus tu...kat dalam folder, dia copy balik nama file folder td....jd exe....diharap otai2 semua dapat membantuthanks....bleh specific kan skit symptomnyer tak?takpun ko pakai hijackThis dan pastekan lognyer kat sini..leh gak otai2 kat sini tolong tengokkan.. Share this post Link to post Share on other sites
wanza 8 Report post Posted March 22, 2007 aper da ko ni...x search topik dulu ke..dah byk kali da topik ni..tajuk pun letak la biar spesifik ngan masalah ko tu..guna PAV at www.data0.netitu mmg salah aku pun...sowi...aku xtau nak kc tajuk apa...sebab aku tak tau nama virus 2.... Share this post Link to post Share on other sites
zareight 7 Report post Posted March 22, 2007 kalo ko gune hijackthis,ko jgn main kill je..check file tu dulu..kang xpsl pc ko K.O lak.. Share this post Link to post Share on other sites
wanza 8 Report post Posted March 22, 2007 bleh specific kan skit symptomnyer tak?takpun ko pakai hijackThis dan pastekan lognyer kat sini..leh gak otai2 kat sini tolong tengokkan..Logfile of Trend Micro HijackThis v2.0.0 (BETA)Scan saved at 11:16:03 AM, on 3/22/2007Platform: Windows XP SP2 (WinNT 5.01.2600)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\acs.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\PROGRA~1\Grisoft\AVG7\avgamsvr.exeC:\PROGRA~1\Grisoft\AVG7\avgupsvc.exeC:\PROGRA~1\Grisoft\AVG7\avgemc.exeC:\WINDOWS\system32\inetsrv\inetinfo.exeC:\WINDOWS\system32\lvhidsvc.exeC:\WINDOWS\system32\slserv.exeC:\Program Files\Spyware Terminator\sp_rsser.exeC:\Program Files\SMCWUSBT-G EZ Connect TM g 108 Mbps 802.11g Wireless USB 2.0 Adapter\ACU.exeC:\PROGRA~1\Grisoft\AVG7\avgcc.exeC:\Program Files\Unlocker\UnlockerAssistant.exeC:\Program Files\Spyware Terminator\SpywareTerminatorShield.exeC:\Program Files\Common Files\Real\Update_OB\realsched.exeC:\WINDOWS\WINDOWS.exeC:\Program Files\QuickTime\qttask.exeC:\Program Files\Messenger\msmsgs.exeC:\Program Files\TVR\TVR\RecSche.EXEC:\Program Files\Metacafe\MetacafeAgent.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Grisoft\AVG7\avgwb.datC:\Documents and Settings\huzaini amir\Desktop\HiJackThis_v2.exeO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocxO4 - HKLM\..\Run: [ACU] C:\Program Files\SMCWUSBT-G EZ Connect TM g 108 Mbps 802.11g Wireless USB 2.0 Adapter\ACU.exe -noguiO4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUPO4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"O4 - HKLM\..\Run: [spywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osbootO4 - HKLM\..\Run: [PROGRAM] C:\WINDOWS\WINDOWS.exeO4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottimeO4 - HKLM\..\RunServices: [LvHidSvc] C:\WINDOWS\system32\lvhidsvc.exeO4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /backgroundO4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')O4 - Startup: Metacafe.lnk = C:\Program Files\Metacafe\MetacafeAgent.exeO4 - Global Startup: Metacafe.lnk = C:\Program Files\Metacafe\MetacafeAgent.exeO4 - Global Startup: TVR Schedule.lnk = ?O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLLO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dllO22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dllO22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dllO23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exeO23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exeO23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exeO23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exeO23 - Service: Lifeview HID Remote Controller Service (lvhidsvc) - Animation Technologies Inc. - C:\WINDOWS\system32\lvhidsvc.exeO23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exeO23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe--End of file - 4806 bytes Share this post Link to post Share on other sites
johnburn 6 Report post Posted March 22, 2007 (edited) Logfile of Trend Micro HijackThis v2.0.0 (BETA)Scan saved at 11:16:03 AM, on 3/22/2007Platform: Windows XP SP2 (WinNT 5.01.2600)Boot mode: NormalRunning processes:C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exeC:\Program Files\Common Files\Real\Update_OB\realsched.exeC:\WINDOWS\WINDOWS.exeC:\Program Files\QuickTime\qttask.exeC:\Program Files\Messenger\msmsgs.exeO4 - HKLM\..\Run: [spywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osbootO4 - HKLM\..\Run: [PROGRAM] C:\WINDOWS\WINDOWS.exeO4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottimeO4 - HKLM\..\RunServices: [LvHidSvc] C:\WINDOWS\system32\lvhidsvc.exeprocess windows.exe tu kalau tak silap aku aku Win32.Rbot.Gen@W32/Sdbot.worm.gen.tbleh tak ko cube upload file virus tu.. Edited March 22, 2007 by johnburn Share this post Link to post Share on other sites
wanza 8 Report post Posted March 22, 2007 aku dah upload dah...ni dia...http://filecargo.com/dw.php?id=1174569023&/2/New Folder.7zsemoga anda semua dapat membantu... Share this post Link to post Share on other sites
hasdi 0 Report post Posted March 22, 2007 aku rasa adik aku pernah kena virus ni.bila bukak satu fail. dalam fail tu, ada fail yang ada nama fail yang bukak tu. contohnya..bukak fail (samdol). dalam fail samdol tu ada lagi satu fail sama nama. (samdol.exe) betul tak? Share this post Link to post Share on other sites
noobs 0 Report post Posted March 22, 2007 w32.autoit.gen worm... www.data0.net could help you Share this post Link to post Share on other sites
wanza 8 Report post Posted March 22, 2007 ok...thanks sume...pc aku dh selamat...huhu... nampaknya, virus ni semakin hari semakin dahsyat...tension aku nak wt keje...huhuhu... Share this post Link to post Share on other sites
scorps 1 Report post Posted March 22, 2007 ok...thanks sume...pc aku dh selamat...huhu... nampaknya, virus ni semakin hari semakin dahsyat...tension aku nak wt keje...huhuhu...sekiranya masalah dah beres,sila tutup topik ini Share this post Link to post Share on other sites
wanza 8 Report post Posted March 24, 2007 ok...tutup....wa tammat... Share this post Link to post Share on other sites
johnburn 6 Report post Posted March 24, 2007 ok...tutup....wa tammat...eh pekwan,betul ke ko dah tutp ni.. Share this post Link to post Share on other sites
wanza 8 Report post Posted March 25, 2007 eh pekwan,betul ke ko dah tutp ni..ye...betul....aku tutup... Share this post Link to post Share on other sites
johnburn 6 Report post Posted March 25, 2007 ye...betul....aku tutup...ish,apesal still leh reply?bukanke kalo dah tutup takleh reply? Share this post Link to post Share on other sites
matthew.says 0 Report post Posted March 25, 2007 ye...betul....aku tutup...bukan sekadar cakap tutup dah tutup...hehe.guna option kat bahagian bawah , kiri forum ni. ada dropdown list utk 'Tutup' topic ni. Share this post Link to post Share on other sites
wanza 8 Report post Posted March 25, 2007 bukan sekadar cakap tutup dah tutup...hehe.guna option kat bahagian bawah , kiri forum ni. ada dropdown list utk 'Tutup' topic ni. sowi2...terlupe...heheheh.... Share this post Link to post Share on other sites
MalaysianSecurityForce 0 Report post Posted March 26, 2007 Topik perbincangan ini ditutup kerana perbincangan telah tamat atau persoalan telah diselesaikan. Harap maklum. Share this post Link to post Share on other sites