vincent87 0 Report post Posted January 3, 2008 alo ak mule2 nak instal game hitman blood money,game 2 kne run unpack.bat dlu,ble dier run,kuar skrin caler itam cam command prompt untuk extract file.tap selang bape saat je,pc ak trus shutdown sendirimule2 ak ingat prob game 2 tap ble ak instal kat pc member ak,ok je,xder shutdown pn.then ak klik kat start,accesories,pastu g command promp pn jad masalah same.then ak pasan somting,ble nak startup dier kuar ,"password:winzip123" ak xtau apebende 2.mcmane ye?windows ak x stabil ke?atau kne virus? Quote Share this post Link to post Share on other sites
edu_gen 0 Report post Posted January 3, 2008 alo ak mule2 nak instal game hitman blood money,game 2 kne run unpack.bat dlu,ble dier run,kuar skrin caler itam cam command prompt untuk extract file.tap selang bape saat je,pc ak trus shutdown sendirimule2 ak ingat prob game 2 tap ble ak instal kat pc member ak,ok je,xder shutdown pn.then ak klik kat start,accesories,pastu g command promp pn jad masalah same.then ak pasan somting,ble nak startup dier kuar ,"password:winzip123" ak xtau apebende 2.mcmane ye?windows ak x stabil ke?atau kne virus?disable by administrator ke ? Quote Share this post Link to post Share on other sites
vincent87 0 Report post Posted January 5, 2008 ak le adminnyer.x pasal2 shutdown trus,ader sesape penah jad cenggini x? Quote Share this post Link to post Share on other sites
edu_gen 0 Report post Posted January 5, 2008 ak le adminnyer.x pasal2 shutdown trus,ader sesape penah jad cenggini x?tau la ko admin die..ade x popup kuar camtu ? (disable by admin)try solution ni http://support.microsoft.com/kb/195176 Quote Share this post Link to post Share on other sites
vincent87 0 Report post Posted January 6, 2008 ok,krg ak trytima kasih... Quote Share this post Link to post Share on other sites
vincent87 0 Report post Posted January 7, 2008 ak bru tau punca prob ak dari virus,smlm ak da format,smuanye ok,tp ble ak cucuk pendrive ak,dier kuar pop up "thank you!!! pasword;winzip123" so kne infected blk.nie ak nyer logfile,harap ader yg leh membantu...Logfile of Trend Micro HijackThis v2.0.2Scan saved at 23:28:18, on 06/01/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\WINDOWS\password_viewer.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\rundll32.exeC:\WINDOWS\system32\RUNDLL32.EXEC:\Program Files\Common Files\InstallShield\UpdateService\issch.exeC:\WINDOWS\RTHDCPL.EXEC:\Program Files\CyberLink\PowerDVD\PDVDServ.exeC:\Program Files\Microsoft Office\Office12\GrooveMonitor.exeC:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeC:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exeC:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exeC:\Program Files\NVIDIA Corporation\nTune\nTuneService.exeC:\WINDOWS\system32\nvsvc32.exeC:\Program Files\CyberLink\Shared Files\RichVideo.exeC:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exeC:\WINDOWS\system32\wscntfy.exeC:\Program Files\Alwil Software\Avast4\ashMaiSv.exeC:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exeC:\Program Files\Alwil Software\Avast4\ashWebSv.exeC:\WINDOWS\system32\wuauclt.exeF:\ALZip\ALZip.exeC:\Documents and Settings\2006123841.FAIZAL\Application Data\U3D90C37132436922\LaunchPad.exeC:\WINDOWS\system32\ctfmon.exeC:\Documents and Settings\2006123841.FAIZAL\Application Data\U3D90C37132436922\1F30627F-0195-44d4-8C24-1999F3C02C50\Exec\AvastU3.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exeR3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllF2 - REG:system.ini: UserInit=userinit.exe,password_viewer.exeO2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLLO3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNCO4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMENameO4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgentO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [nwiz] nwiz.exe /installO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInitO4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startupO4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -startO4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exeO4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXEO4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXEO4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeO4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exeO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dllO9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLLO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dllO18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLLO23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exeO23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exeO23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exeO23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exeO23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exeO23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exeO23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exeO23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exeO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exeO23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe--End of file - 6453 bytes Quote Share this post Link to post Share on other sites
edu_gen 0 Report post Posted January 7, 2008 (edited) ko tggu otai2 bls ek..ak bkn reti sgt tgk logfile nih..kt sini leh anlyze.. http://hijackthis.de/#anltp jgn pndai2 del..juz utk panduan je..k Edited January 7, 2008 by me_iera Quote Share this post Link to post Share on other sites
Nazzrie 0 Report post Posted February 3, 2008 bende tu adalah virus. info mengenai removal leh check kat sini:http://shengton.multiply.com/journal/item/...sword_winzip123 Quote Share this post Link to post Share on other sites
mfaizul89 3 Report post Posted February 4, 2008 keje viruslah tue...x der mende lain dah tue...ko pkai av pe... avg ek...tukarlah yg lain... Quote Share this post Link to post Share on other sites