creamze 0 Report post Posted September 8, 2007 mcm mana nak g kat file tu ajar skit,ak ni bukan tau sgt2 pasal run2 nih Quote Share this post Link to post Share on other sites
Geekspro 0 Report post Posted September 8, 2007 makin hari makin ganaz plak virus ni...tapi x pe kalau ade org yg mcm aponie...sama2 kita membantu dengan menghantar sampel virus... Quote Share this post Link to post Share on other sites
creamze 0 Report post Posted September 8, 2007 mcm mana nak g kat file tu ajar skit,ak ni bukan tau sgt2 pasal run2 nih Quote Share this post Link to post Share on other sites
demonic 0 Report post Posted September 8, 2007 Naper erkkk... aku dah down n dah run... tapi tekan scan tak ada apa2 berlaku pun.... dia cam malas jer... Quote Share this post Link to post Share on other sites
class_sick 3 Report post Posted September 8, 2007 ais krim,ko buka My Computer,pastu ko taip C:\WINDOWS\ ...pastu ko cari file iexplorer.exetp pastikan ko dah show hidden folder sbb klo virus nie kdang2 dia pandai main nyorok2...pastu sblm ko upload file tu,ko ZIP kan dulu...thanks Quote Share this post Link to post Share on other sites
creamze 0 Report post Posted September 8, 2007 TAKDE LE...MAYBE DAH DELETE KOT...SEBAB TD NOD32 DETECT VIRUS NI TAPI DIE TULIS UNKNOWN,TAPI TAK CKP PUN DIE DAH DELETE Quote Share this post Link to post Share on other sites
class_sick 3 Report post Posted September 8, 2007 kempunan aponie nnt...hehehe... Quote Share this post Link to post Share on other sites
pgc9286 0 Report post Posted September 9, 2007 Bro tlg bro aku ni jahil skit dlm virus ni. Cuba tgk bro ada suspek dak kat dlm logfile ni?TQ bro!!!!Logfile of HijackThis v1.99.1Scan saved at 11:25:01 PM, on 08/09/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exeC:\WINDOWS\SOUNDMAN.EXEC:\Program Files\HP\HP Software Update\HPWuSchd2.exeC:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exeC:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exeC:\Program Files\Java\jre1.6.0_02\bin\jusched.exeC:\Program Files\Common Files\Real\Update_OB\realsched.exeC:\WINDOWS\system32\wgp.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exeC:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exeC:\Program Files\ABIT\ABIT uGuru\uGuru.exeC:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exeC:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exeC:\Program Files\Yahoo!\Messenger\YahooMessenger.exeC:\Program Files\CursorXP\CursorXP.exeC:\WINDOWS\system32\slserv.exeC:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\ABIT\ABIT uGuru\uGuru_Event_Receiver.exeC:\Program Files\HP\Digital Imaging\bin\hpqtra08.exeC:\WINDOWS\system32\wscntfy.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\DAP\DAP.EXEC:\DOCUME~1\MR7AC3~1.HAZ\LOCALS~1\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://sg.rd.yahoo.com/customize/ie/defaul...arch.yahoo.com/R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.bearflix.com/intl/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sg.yahoo.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://sg.rd.yahoo.com/customize/ie/defaul...arch.yahoo.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://sg.rd.yahoo.com/customize/ie/defaul...arch.yahoo.com/R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.windowsxlive.netR1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://sg.rd.yahoo.com/customize/ie/defaul...arch.yahoo.com/R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllR3 - URLSearchHook: (no name) - {0A94B116-4504-4e26-AB05-E61E474AA38B} - C:\Program Files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLLO2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dllO2 - BHO: Ask Search Assistant BHO - {0A94B111-4504-4e26-AB05-E61E474AA38B} - C:\Program Files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLLO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dllO2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdmcks.dllO3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dllO4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXEO4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exeO4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exeO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osbootO4 - HKLM\..\Run: [WinGuard Pro] C:\WINDOWS\system32\wgp.exeO4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottimeO4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOMO4 - HKLM\..\Run: [bootSkin Startup Jobs] "C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe" /StartupJobsO4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"O4 - HKCU\..\Run: [ABIT uGuru] C:\Program Files\ABIT\ABIT uGuru\uGuru.exeO4 - HKCU\..\Run: [Active Desktop Calendar] C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exeO4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -hO4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quietO4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exeO4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exeO4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exeO4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exeO4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXEO8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htmO8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htmO8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htmO8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htmO8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htmO8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htmO8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htmO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dllO9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dllO9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dllO9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dllO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dllO16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - http://jumboplay.bluehyppo.com/class/DragonbackCtl.ocxO17 - HKLM\System\CCS\Services\Tcpip\..\{F75FD84B-1385-4740-B28E-6D654C1F087D}: NameServer = 202.188.0.133,202.188.1.5O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dllO20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dllO21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dllO23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exeO23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeO23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exeO23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exeO23 - Service: Kaspersky Internet Security 7.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" -r (file missing)O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exeO23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exeO23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exeO23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe Quote Share this post Link to post Share on other sites
razirazo 24 Report post Posted September 9, 2007 TAKDE LE...MAYBE DAH DELETE KOT...SEBAB TD NOD32 DETECT VIRUS NI TAPI DIE TULIS UNKNOWN,TAPI TAK CKP PUN DIE DAH DELETEmcafee pun buat camtu.bersalahkah tool tu?tp,yang aku pelik ni,mmber aku punya pc tak boleh execute tool tu, kom tu kata ada .dll missing.korang ada kena camtu tak? Quote Share this post Link to post Share on other sites
ApoNie 0 Report post Posted September 9, 2007 file dll apa hilang? spesifikkan nama dia.. kalau pc ko leh execute, pc member ko xleh, ko carik file .dll yang hilang tu kat folder system32 pahtu paste kat komputer member ko dalam system32.. Quote Share this post Link to post Share on other sites
ApoNie 0 Report post Posted September 9, 2007 NEW UPDATED:skrang nie ada real time scan, klik hide untuk real time scan.. dia akan hide lebihkurang cam virus gak.. kalau ada virus dia akan kuar balik.. kalau ada maslah, beritau aku.. Quote Share this post Link to post Share on other sites
Geekspro 0 Report post Posted September 9, 2007 NEW UPDATED:skrang nie ada real time scan, klik hide untuk real time scan.. dia akan hide lebihkurang cam virus gak.. kalau ada virus dia akan kuar balik.. kalau ada maslah, beritau aku..tahniah kat aponie...nanti aku download... Quote Share this post Link to post Share on other sites
atomic98 1 Report post Posted September 10, 2007 Bro ApoNie, bila v3.1 nak boleh delete autorun.inf nih,dah tak sabar nih..hehehesekadar cadangan:kalau pakai pav contohnya,dia akan delete terus fail autorun tuh, so boleh tak bro ApoNie buat kan GeeKz_Remover_V3.1 bg pilihan kepada pengguna supaya nak delete terus atau sebagainya.kenapa nak buat fungsi nih?"sebab saya suka letak ikon kat pd atau partition saya." *defaul set delete la.. Quote Share this post Link to post Share on other sites
atomic98 1 Report post Posted September 10, 2007 Bro ApoNie, kenapa bila click kill all process atau Repair Registery pastu dia akan buka my documents dan Folder. Quote Share this post Link to post Share on other sites
ApoNie 0 Report post Posted September 10, 2007 cadangan tu nanti aku buat ari sabtu nie.. skrang sibukk..yang version skrang dah leh detect autorun.inf sekali delete file yang diaktifkan oleh autorun tu.. yang bukak my documents dan Folder tu sebab aku kill explorer, jadik aku kena call explorer balik.. disebabkan ada sesetengah pc yang x auto call explorer bila process explorer tu di kill, jadik aku terpksa buat jugak untuk fungsi call explorer.. jangan risau, xder per2 pon kalau kluar benda tu.."sebab saya suka letak ikon kat pd atau partition saya." *defaul set delete la..aku xfaham maksud hang.. nak suruh aku buat apa sebenarnya??kalau ada apa2 cdangan lagi, beritau ahh.. aku leh usahakan.. Quote Share this post Link to post Share on other sites
atomic98 1 Report post Posted September 11, 2007 aku suka letak ikon kat pd guna autorun.inf,so kalau GeeKz_Remover_V3.1 delete terus fail autorun.inf tuh,hilang la ikon macho aku kat pd tuh..huhuhuhu..tak faham maksud aku tuh ka? maksud aku tuh, set default GeeKz_Remover_V3.1 untuk delete fail autorun.inf,tapi kalau pengguna tak mau, depa boleh set secara menual supaya fail tuh tak di delete selepas scan.harap faham la norkh.. banyak songeh plak aku..huhuhuhu..a'ah, bro cakap version skrg dah boleh kesan autorun.inf, baru je tadi aku try tak dapat kesan pun fail autorun tuh,ke bro tak upload lagi version terbaru kat komputer bro tuh? hehehe Quote Share this post Link to post Share on other sites
ApoNie 0 Report post Posted September 11, 2007 bereh.. aku leh buat..file autorun tu autmatik scan delete, tapi x inform user yang file autorun tu dah di delete.. tp mungkin nanti aku buat tool nie lebih free user.. tp ari sabtu nie aku buat kot.. sebab minggu nie aku ada test... bahaya kalau aku start buat, sebab bila aku start coding, memang aku x ingat dunia dahh.. ohkhokhooh.. Quote Share this post Link to post Share on other sites
LanoV 22 Report post Posted September 11, 2007 Tahniah Aponie... cuma interface dia kasi lagi lawa.. baru best! Quote Share this post Link to post Share on other sites
ApoNie 0 Report post Posted September 11, 2007 thankss.. pasal interface tu, nanti aku usahakan.. skrang nie aku lebih tumpu camner nak "kemas"kan tool nie.. masih banyak benda lagi aku xtahu pasal virus nie.. kalau ada saper2 nak syare knowledge amat dialukan...p/s: aku bab design nie xberapa terer.. aku suka benda abstract, jadik mana2 karya aku memang susah nak 'lari' dari benda tu.. Quote Share this post Link to post Share on other sites
atomic98 1 Report post Posted September 11, 2007 Tahniah Aponie... cuma interface dia kasi lagi lawa.. baru best! tak lawa tak apa, janji power..budak it bukan gheti duk design lawa2..hahaha..nanti suh Bro ApoNie ambik kursus 3D kat hang, pastu Wat GeeKz_Remover_V3D.ApoNie, kalau dah siap GeeKz_Remover_V3.1 yg boleh delete autorun.inf info kat sinih la....aku menunggu GeeKz_Remover hang.. Quote Share this post Link to post Share on other sites
hairulfadly 27 Report post Posted September 11, 2007 ko buat remover ni guna perisian ape Aponie ?guna VB ke ?coding dia best tak ? Quote Share this post Link to post Share on other sites
ApoNie 0 Report post Posted September 11, 2007 yap.. vb6.. coding dia tu aku xtahu ahh best ke tak.. aku pakat "hentam" jer ikut ilmu yang aku ada.. kalau aku kata besh, nanti cam syok sendri plak... Quote Share this post Link to post Share on other sites
Geekspro 0 Report post Posted September 12, 2007 wahhh...aponie ko boleh jadi pengganti alternator ni... Quote Share this post Link to post Share on other sites
class_sick 3 Report post Posted September 12, 2007 boleh running kat vista x? Quote Share this post Link to post Share on other sites
razirazo 24 Report post Posted September 12, 2007 (edited) aponie,best lar ko punya tool.boleh dapat phd ni!haha...tapikan,boleh tak ko tambah function untuk update,maknanya ko tambah satu button yang membolehkan benda tu donlot@update version terbaru dengan one click jer?kalu buat camni,rasenye penggunaan tool berharga ni akan jadik lagi luas,tak terbatas kepada ssesiapa yang selalu on kat putera jer...lagisatu,tool ni boleh jalan kat sistem yang dah dijangkiti virus yang deny semua fail .exe ke?!!!!opp,tambah lagi satu,kalo boleh ko buatlar sekali function untuk upload virus baru@autorun...(kalo boleh,aku cakap je.aku tak tau sangat pasal vb nih.) Edited September 12, 2007 by razi_90@IBM thinkcentre Quote Share this post Link to post Share on other sites