akechi 0 Report post Posted October 31, 2007 (edited) askum..aku nak mintak tlg kat korang..aku nyer komputer xleh nak bukak hidden file la..aku da klick kat show hidden file tapi bile aku bukak folder option 2balik tengok dia pg ke do not show hidden file semula..kene virus ker??aku baru jer lepas format komputer... Edited October 31, 2007 by the_darkness86 Quote Share this post Link to post Share on other sites
buyong 0 Report post Posted October 31, 2007 rasanya masih ada virus dlm tue..dah cuba Portable Antivirus..?Tak pun,cuba lihat2 thread di bawah ini:http://forum.putera.com/tanya/t44550.htmlhttp://forum.putera.com/tanya/t45033.htmlhttp://forum.putera.com/tanya/t41153.htmlHarap membantu. Quote Share this post Link to post Share on other sites
kingotromen 0 Report post Posted November 1, 2007 ni ko kene virus kavo.exeaku baru jek kene..refer ni ha..Nama: W32.Gammima.AG/kavo.exe/Troj/Lineag-GLG is a worm ini merebak dan menyalin dirinya didalam removable media. Ia juga mencuri password online games.Dijumpai: August 27, 2007Jenis: WormSive: 75,520 bytesSystems: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XPNi cara nak repair balik window yang terfakap secara menual...Apa bila worm ini di executes, ia akan mecipta file:%system%\kavo.exe%system%\kavo0.dllFile kavo0.dll ni di injected ke dalam semua running processes.Ia juga mecipta file tersebut, yang akan menyalin Hacktool. Rootkit%tempt%\[NAMA FILE RANDOM].dllWorm ini akan menyalin dirinya di dalam setiap drive iaitu dari C sampai la Z, nama file seperti berikut.[DRIVE LETTER]:\ntdelect.comDia juga akan macipta file dibawah, dimana saja drive yang boleh dimasuki dan di executes.[DRIVE LETTER]:\autorun.infSeterusnya worm ini akan executes file ini kedalam registry entry dimana windows akan start:HKEY CURRENT USER\Software\Microsoft\Windows\CurrentVersion\Run\"kava" = "%system%\kavo.exeIa juga menubahsuai registry entries seperti berikut. Disini saya bagi sekali nilai yang patut di ubah:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\"CheckedValue" = "0" Tukar kepada "1"HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\"Hidden" = "2" Tukar kepada "1"HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\"ShowSuperHidden" = "0" Tukar kepada "1"HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Pocilies\Explorer\"NoDriveTypeAutoRun" = "0x91"Akhir sekali file yang perlu di delete.HKEY CURRENT USER\Software\Microsoft\Windows\CurrentVersion\Run\"kava" = "%system%\kavo.execredit to artline and amex from jiwangers hehe Quote Share this post Link to post Share on other sites
johnburn 6 Report post Posted November 1, 2007 ni ko kene virus kavo.exeaku baru jek kene..refer ni ha..credit to artline and amex from jiwangers hehemane ko tau kene virus tu? Bnyk lg virus lain yg ade simptom yang same mcm tu Quote Share this post Link to post Share on other sites
X-Group 0 Report post Posted November 1, 2007 sape tau nk hapuskan ntdelect.com Quote Share this post Link to post Share on other sites
kingotromen 0 Report post Posted November 2, 2007 adeh... kalo nak tau kene virus kavo.exe tu.. pi kat msconfig bhgn startup.. kalo ade startup kavo.exe mmg betol la.. so ikut care atas tu utk remove kuman ni.. Quote Share this post Link to post Share on other sites
johnburn 6 Report post Posted November 3, 2007 adeh... kalo nak tau kene virus kavo.exe tu.. pi kat msconfig bhgn startup.. kalo ade startup kavo.exe mmg betol la.. so ikut care atas tu utk remove kuman ni..So cmne ko tau thread starter kene virus tu? Ko x tau pn ade ke x kavo.exe tu kat startup die.Maksud aku, ko x leh assume yg sume masalah tu disbbkn virus yg same hnye berdsarkn common symptom camtu.Kene analisis ngan lebih teliti dl.Plg baik, thread starter bleh scan ngan hijackthis dan post lognye sini. Quote Share this post Link to post Share on other sites
volcom 0 Report post Posted November 3, 2007 So cmne ko tau thread starter kene virus tu? Ko x tau pn ade ke x kavo.exe tu kat startup die.Maksud aku, ko x leh assume yg sume masalah tu disbbkn virus yg same hnye berdsarkn common symptom camtu.Kene analisis ngan lebih teliti dl.Plg baik, thread starter bleh scan ngan hijackthis dan post lognye sini.betoi cakap john..ari tuh member aku kena camni gk. tick kt show hidden file tp bila bukak balik g kt do not show hidden file balik.dah buang kuman tu tp aku lupa lak nama dia n buang pakai ape. tp yg pasti bukan kavo.exe. tunggu thread starter post hijekdis la.dia cakap bru lepas format komputer. maybe dia hanya format c n kuman tu masih ade lg kt partition lain. so dia ingat virus tu dah takde then dia open partition yg masih infected tu. so kena lagi la...mungkin juga dia kena kavo.exe tu spt yg raja otomen bgtau. semua faktor must be considered.sekian pandangan aku yg tak seberapa... Quote Share this post Link to post Share on other sites
Gruntz_To_The_Core 1 Report post Posted November 4, 2007 ambik vanguard..cari kat thread utility ada link tu..dia bole selesaikan benda ni... Quote Share this post Link to post Share on other sites
elopura 0 Report post Posted November 5, 2007 AssalamualaikumMaaf mencelah. Saya ada kes sama cam begitu gak. Semalam 2 biji laptop kawan tak boleh bukak hidden fail. Memang sah kena kavo.exe. Saya guna Explorerxp, RRT, matthew kuik fix dan spybot. Last sekali baru buat full scan semua drive guna KIS 6.0. Alhamdulillah, selepas restart dan stutdown dalam 10 kali, trojan tu dah tak datang balik. Tidak payah format pc tapi ambil masa sikit untuk buang. Harap membantu. Quote Share this post Link to post Share on other sites
kingotromen 0 Report post Posted November 5, 2007 mak ai restart pc 10 kali... aku assume coz aku baru jek kene n aku kene kat hdd baru yg 500gb tu.. so kes TS ni lebey kurang mcm aku... anyway TS da senyap.. Quote Share this post Link to post Share on other sites
akechi 0 Report post Posted November 7, 2007 thanks kawan2 aku cuba try nanti.. Quote Share this post Link to post Share on other sites
elopura 0 Report post Posted November 7, 2007 Yang restart banyak kali tu nak pastikan virus tu tak masuk balik. Kalau delete gitu saja, lepas restart mesti ada balik dalam sistem. Maafla kalau salah, baru nak blajar lagi. Quote Share this post Link to post Share on other sites
kingotromen 0 Report post Posted November 8, 2007 Kalau delete gitu saja, lepas restart mesti ada balik dalam sistembiasenye dsebabkan system restore tgh ON.. just my 2cent Quote Share this post Link to post Share on other sites
januox 0 Report post Posted November 8, 2007 ni ko kene virus kavo.exeaku baru jek kene..KIS 6 boleh detect x virus jenis ni ?Ape jenis av yg boleh detect virus ni ? Quote Share this post Link to post Share on other sites
kingotromen 0 Report post Posted November 10, 2007 aku xpakai antivirus pon utk fixed kan virus ni.. aku just off system restore then ikut step yg aku letak kat atas tu.. settle masalah Quote Share this post Link to post Share on other sites
Okieo 0 Report post Posted November 10, 2007 Cuba guna AVG... Sebelum scan MESTI OFF System Restore... Kemungkinan virus ravmon juga penyebabnya. biasanya Trojan virus laa yang buat hal kat pc ko. Note: Jangan sekadar select "Show hidden files & Folders" jee... mesti un-check "Hide protected operating system files" juga...Kemudian delete "autorun.inf" di C: dan mana2 drive lain. Ada satu file lagi yg kena delete.. tapi aku lupa pulak name file tu... Quote Share this post Link to post Share on other sites
