NeoLogy 74 Report post Posted September 10, 2007 PC aku dah kena sejenis virus/variant/trojan/etc.. aku tak tau benda ape..tapi yang pastinya benda tu dah menyebabkan pc aku xdapat connect internet sebab benda tu dah disable driver NIC card pc aku..So, sape yang tau camne nak setelkan prob ni..sila la bantu!!Aku jumpa 3 files dalam C:\WINDOWS\System32 :1. pmkfp.dll2. mljijhh.dll3. fpkmp.inidan satu file check_LSA7.txt yang tak boleh nak delete/rename/read.kalau dah bleh delete..dia ada balik..SO!!!Tolong!!! Quote Share this post Link to post Share on other sites
Geekspro 0 Report post Posted September 10, 2007 (edited) Scan guna hijackthis dan pos logfile kat sini biar otai2 tengok...Kalau ko x tahu cara guna hijackhis boleh guna fungsi search kat website ni...kalau x silap file ni MLJIJHH.DLL sejenis trojan Trojan.Downloader-Gen/SwampDonk... Edited September 10, 2007 by xvolution Quote Share this post Link to post Share on other sites
NeoLogy 74 Report post Posted September 14, 2007 Scan guna hijackthis dan pos logfile kat sini biar otai2 tengok...Kalau ko x tahu cara guna hijackhis boleh guna fungsi search kat website ni...kalau x silap file ni MLJIJHH.DLL sejenis trojan Trojan.Downloader-Gen/SwampDonk...Logfile of HijackThis v1.99.1Scan saved at 15:22:51, on 12/09/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\windows\System32\smss.exeC:\windows\system32\winlogon.exeC:\windows\system32\services.exeC:\windows\system32\lsass.exeC:\windows\system32\svchost.exeC:\windows\System32\svchost.exeC:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exeC:\Program Files\Common Files\Stardock\SDMCP.exeC:\windows\Explorer.EXEC:\windows\system32\VTTimer.exeC:\windows\SOUNDMAN.EXEC:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exeC:\Program Files\TaskSwitchXP\TaskSwitchXP.exeC:\Program Files\Internet Download Manager\IDMan.exeJ:\hijackthis_sfx.exeJ:\HijackThis\HijackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tm.net.my/R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO2 - BHO: (no name) - AutorunsDisabled - (no file)O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dllO2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dllO2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dllO2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: (no name) - {954582F5-7C8E-488C-97C6-893552BB30E8} - (no file)O2 - BHO: (no name) - {B369DB41-D571-460A-8D46-710C64A9E755} - (no file)O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dllO3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dllO4 - HKLM\..\Run: [VTTimer] VTTimer.exeO4 - HKLM\..\Run: [VTTrayp] VTtrayp.exeO4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXEO4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimizedO4 - HKCU\..\Run: [TaskSwitchXP] C:\Program Files\TaskSwitchXP\TaskSwitchXP.exeO4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onbootO8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htmO8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htmO8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htmO8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htmO8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htmO8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htmO8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htmO8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htmO8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htmO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dllO9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLLO16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dllO17 - HKLM\System\CCS\Services\Tcpip\..\{59AFAA4D-E8D5-4FD1-B4C1-6E0787418E22}: NameServer = 202.188.0.133 202.188.1.5O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLLO18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLLO20 - Winlogon Notify: MCPClient - C:\Program Files\Common Files\Stardock\mcpstub.dllO20 - Winlogon Notify: winmqx32 - winmqx32.dll (file missing)O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dllO23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exeO23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exeO23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exeO23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exeO23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exeO23 - Service: CBDVAJ - Sysinternals - www.sysinternals.com - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\CBDVAJ.exeO23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exeO23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exeO23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exeO23 - Service: QoS RSVP (RSVP) - Unknown owner - C:\windows\system32\rsvp.exe (file missing)O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exeO23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exeO23 - Service: UDGANFF - Sysinternals - www.sysinternals.com - C:\DOCUME~1\usar\LOCALS~1\Temp\UDGANFF.exe[/codebox]Ni hijackthis punya log kat PC aku.tolong tgk2kan ye.. Quote Share this post Link to post Share on other sites
razirazo 24 Report post Posted September 14, 2007 safe mode+move+rename=restart+safe mode=startup item(virus)not found=no virus loaded in memory/process.=delete virus file+delete startup item Quote Share this post Link to post Share on other sites
snurf 0 Report post Posted September 16, 2007 Trojan Vundo/Trojan LowzonesTrojan.Downloader-Gen/MandingoTrojan.Downloader-Gen/HitItQuitItdownload tool ni ke desktop killboxrestart pc n masuk safe mode [ yg tekan F8 masa boot tu ler ]double klik pada killbox tutick pada DELETE ON REBOOTkat "Full Path of File to Delete" tu, copy paste file path kt bwh ni (one-by-one).. pastu klik button yg ade bulatan merah dgn tanda X. Klik YES setelah ketiga-tiga file tu dah di copy paste.C:\WINDOWS\system32\pmkfp.dllC:\WINDOWS\system32\mljijhh.dllC:\WINDOWS\system32\fpkmp.inipastu buat ni plak :START – RUN – taip %temp% - OK - Edit – Select all – File – DeleteDelete everything dlm C:\Windows\Temp folder atau C:\WINNT\tempEmpty the recycle binFinish Quote Share this post Link to post Share on other sites
celestina 0 Report post Posted September 17, 2007 tolong la..pc saya task manger ilangrun tak bolehfolder tetiba jd applicationcontent dalam tu sume tak leh bukak...jd size sama je..257 kb...wa...sedih.... Quote Share this post Link to post Share on other sites
TonikCapGajah2013 175 Report post Posted September 17, 2007 cuba:scan guna PAVlepas tu install KAV dan scan. Quote Share this post Link to post Share on other sites
volcom 0 Report post Posted September 17, 2007 tolong la..pc saya task manger ilangrun tak bolehfolder tetiba jd applicationcontent dalam tu sume tak leh bukak...jd size sama je..257 kb...wa...sedih.... ko try download ApoNie nye remover. Aku rasa dah dapat detect sebab aku penah buang virus cam ko ni pkai remover dia. yg v3.2 cam takleh nk download la plak. Lepas tu buat full scan pakai kaspersky sebab mayb masih ada saki baki file yg kena efek. AV lain aku tah penah cuba. boleh gk kot.lepas wat remover tu, jangan bukak apa2 folder lg sebab mayb folder tu adalah virus.selamat mencuba Quote Share this post Link to post Share on other sites
celestina 0 Report post Posted September 18, 2007 tapi kan..computer saya tu..da tak leh nak run apa2...kalau nak install..dalam 3 second dia akan padam...control panel pun gitu gak..internet explorer tetiba hilang...so tak leh online...adoi la... Quote Share this post Link to post Share on other sites
volcom 0 Report post Posted September 18, 2007 tapi kan..computer saya tu..da tak leh nak run apa2...kalau nak install..dalam 3 second dia akan padam...control panel pun gitu gak..internet explorer tetiba hilang...so tak leh online...adoi la... memang la tak boleh. guna komputer member ke g cc ke download dlm pendrive. lepas tu cucuk kt komputer ko. masa ko buat ni mesti cepat sebab kemungkinan virus tu akan infect pendrive ko plak. jadi cerita lain plak. insyaAllah bleh... Quote Share this post Link to post Share on other sites
highhope 0 Report post Posted September 18, 2007 tapi kan..computer saya tu..da tak leh nak run apa2...kalau nak install..dalam 3 second dia akan padam...control panel pun gitu gak..internet explorer tetiba hilang...so tak leh online...adoi la... Kalau tak silap aku... aku pernah kena ngan virus ni... ape yang aku buat ialah delate user...itu pun kalau user tu bukan admin... kalau bukan admin... memang tak ada harapan....ape langkah yang kena kau buat adalah...-ko login as administrator/admin (ko test boleh tak ko tgk task manager)kalau boleh ada harapan-lepastu ko backup la ape yang hendak kau backup...-langkah seterusnya ko delate User yg tak boleh buka task manager tu...-lepas tu ko create la balik user baru...tau tak macam mana nak buat?kalau tak tau try tanya kat senior2 kat sini... pasti ramai yang bijak sana ttg PC ni...sbb jap lagi aku busy kerja ni... hehehehe... selamat mencuba... tapi kan..computer saya tu..da tak leh nak run apa2...kalau nak install..dalam 3 second dia akan padam...control panel pun gitu gak..internet explorer tetiba hilang...so tak leh online...adoi la... Kalau tak silap aku... aku pernah kena ngan virus ni... ape yang aku buat ialah delate user...itu pun kalau user tu bukan admin... kalau bukan admin... memang tak ada harapan....ape langkah yang kena kau buat adalah...-ko login as administrator/admin (ko test boleh tak ko tgk task manager)kalau boleh ada harapan-lepastu ko backup la ape yang hendak kau backup...-langkah seterusnya ko delate User yg tak boleh buka task manager tu...-lepas tu ko create la balik user baru...tau tak macam mana nak buat?kalau tak tau try tanya kat senior2 kat sini... pasti ramai yang bijak sana ttg PC ni...sbb jap lagi aku busy kerja ni... hehehehe... selamat mencuba... Quote Share this post Link to post Share on other sites
ApoNie 0 Report post Posted September 18, 2007 download benda nie... http://www.savefile.com/files/1064001pahtu tekan repair registry.. gi kat start>run taip msconfig pahtu gi bahagian startup.. untick pada apa yang ko rasa virus.. kalau nak untick pada semua pon xper (kecuali antvirus).. pahtu restart pc.. update antivirus... scan smua drive.. Quote Share this post Link to post Share on other sites
celestina 0 Report post Posted September 18, 2007 my computer da become worse..da download geekztp tak leh nak runvirus ni buat sume application tak leh nak run lama..bkak sjap dia terus padam...run kat start menu hilang Quote Share this post Link to post Share on other sites
joetbg_x 0 Report post Posted September 18, 2007 run tool ni utk kill prosess vb:http://www.compactbyte.com/cav/cav-0.94.exepastu tgk sama ada program lain tu leh run lama2 ke x skrang. Quote Share this post Link to post Share on other sites
razirazo 24 Report post Posted September 18, 2007 my computer da become worse..da download geekztp tak leh nak runvirus ni buat sume application tak leh nak run lama..bkak sjap dia terus padam...run kat start menu hilangko kena buat step ni kat pc yang clean:kat nama geek remover tu,ko tukar extension .exe kepada .scr ,teknik ni selalunya boleh jadik.ps=teknik ni ApoNie yang ajar aku. Quote Share this post Link to post Share on other sites
celestina 0 Report post Posted September 18, 2007 ok..da buat geek tu..tp task manger still takde n virus still berleluasa...huuu...semua benda yg berkaitan dgn setting computer tak bleh bukak lama dr 3 scd..contoh.. program files,control panel, regedit terus tak leh bukak lgsung cam task manger.. Quote Share this post Link to post Share on other sites
olan77 0 Report post Posted September 18, 2007 ok..da buat geek tu..tp task manger still takde n virus still berleluasa...huuu...semua benda yg berkaitan dgn setting computer tak bleh bukak lama dr 3 scd..contoh.. program files,control panel, regedit terus tak leh bukak lgsung cam task manger.. cuba pakai ni http://andiwiranata.com/?itemid=216ikut arahan.jgn salah wat jahanam kom kau Quote Share this post Link to post Share on other sites
celestina 0 Report post Posted September 20, 2007 cuba pakai ni http://andiwiranata.com/?itemid=216ikut arahan.jgn salah wat jahanam kom kautankq so much...computer aku dah ok...happynyer...killer machine rocks!! Quote Share this post Link to post Share on other sites
