lady_rysher 0 Report post Posted August 10, 2008 salam...nk mintak tolong sume camne nk remove virus ni TR/Vundo.Gen...now my C;D;E;F can't open when sy double click..nanti dia keluar another window 'Open With: , choose the program you want to use to open this file'... Quote Share this post Link to post Share on other sites
baok 0 Report post Posted August 10, 2008 Please download from Flash_Disinfector by sUBs and save it to your desktop. Double-click Flash_Disinfector.exe to run it and follow any prompts that may appear. The utility may ask you to insert your flash drive and/or other removable drives including your mobile phone. Please do so and allow the utility to clean up those drives as well. Wait until it has finished scanning and then exit the program. Reboot your computer when done.Note: Flash_Disinfector will create a hidden folder named autorun.inf in each partition and every USB drive plugged in when you ran it. Don't delete this folder...it will help protect your drives from future infection.---------------Please download Malwarebytes' Anti-Malware from HERE or HEREDouble Click mbam-setup.exe to install the application.Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.If an update is found, it will download and install the latest version.Once the program has loaded, select "Perform Full Scan", then click Scan.The scan may take some time to finish,so please be patient.When the scan is complete, click OK, then Show Results to view the results.Make sure that everything is checked, and click Remove Selected.When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.Copy&Paste the entire report in your next reply.Extra Note:If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.--------------------Please download Deckard's System Scanner (DSS) from HERE or HERE and save it to your Desktop.Close all other windows before proceeding.Double-click on dss.exe and follow the prompts.Please let your firewall allow the scanning/downloading process.When it has finished, dss will open two Notepads main.txt and extra.txt -- please copy (CTRL+A and then CTRL+C) and paste (CTRL+V) the contents of main.txt and extra.txt in your next reply.If you are using Vista, you need to right-click at dss.exe icon and choose Run as AdministratorPost me these logs in your next reply..1. Malwarebytes'2. Deckard System Scanner (both main.txt and extra.txt) Quote Share this post Link to post Share on other sites
lady_rysher 0 Report post Posted August 10, 2008 Quote Share this post Link to post Share on other sites
sHäm 4 Report post Posted August 10, 2008 ..kenapa x buat yg simple aje..update AV kau..Scan ..pastu scan guna Spyware Doctor @ Trojan Remover ke..pastu fix registry kau guna Tune Up ke..pastu tgk le result mcmana.. Quote Share this post Link to post Share on other sites
baok 0 Report post Posted August 10, 2008 Please go to Start >> Run and type or copy/paste the following in the run box: "%userprofile%\desktop\dss.exe" /daft . Then press EnterClick on the Scan button.Select everything it is displaying thereClick the Fix button.Then rescan with DAFT again - it should say now that "All associations are OK"Close DAFT if you receive that message. This means that it is fixed now.--------------Please download the OTMoveIt2 by OldTimer.Save it to your desktop.Please double-click OTMoveIt2.exe to run it. (Vista users, please right click on OTMoveit2.exe and select "Run as an Administrator")Let the Unregister Dll's and Ocx's remain ticked and Zip Files After Moves remain unticked..Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):[kill explorer] C:\WINDOWS\system32\ckvo1.dll C:\WINDOWS\system32\ckvo.exe H:\1rfw8hjr.com I:\1rfw8hjr.com HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\kamsoft HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4cf3c95a-3b59-11dd-9c5d-0018de041a9c} HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d659d49e-17f2-11dd-9bf4-0018de041a9c} HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dcf9d262-19b0-11dd-9bf8-0018de041a9c} EmptyTemp purity [start explorer] Return to OTMoveIt2, right click in the "Paste List of Files/Folders to Move" window (under the light Yellow bar) and choose Paste.Click the red Moveit! button.A log of files and folders moved will be created in the c:\_OTMoveIt\MovedFiles folder in the form of Date and Time (mmddyyyy_hhmmss.log). Please open this log in Notepad and post its contents in your next reply.Close OTMoveIt2If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.---------------Please do an online scan with Kaspersky WebScannerClick on AcceptYou will be promted to install an ActiveX component from Kaspersky, Click Yes.The program will launch and then begin downloading the latest definition files:Once the files have been downloaded click on NEXTNow click on Scan SettingsIn the scan settings make that the following are selected:Scan using the following Anti-Virus database:Extended (if available otherwise Standard)Scan Options:Scan ArchivesScan Mail BasesClick OKNow under select a target to scan:Select My ComputerThis will program will start and scan your system.The scan will take a while so be patient and let it run.Once the scan is complete it will display if your system has been infected.Now click on the Save as Text button:Save the file to your desktop.Copy and paste that information in your next post.Post me the following logs in your next reply..1. OTMoveIt22. Kaspersky Webscanner3. A fresh DSS log (after Kaspersky step..)4. Tell me about your computer behaviour... Quote Share this post Link to post Share on other sites
lady_rysher 0 Report post Posted August 11, 2008 adeh...my laptop is now officially lingkup...x boleh load window..it say "NTLDR is missing..please press any key to reboot"....anyway thanks for the help....terima kasih Quote Share this post Link to post Share on other sites
baok 0 Report post Posted August 11, 2008 adeh...my laptop is now officially lingkup...x boleh load window..it say "NTLDR is missing..please press any key to reboot"....anyway thanks for the help....terima kasih huh?? bila kena tu? selepas atau sebelum OTMoveIt2 step?...rujuk laman web di bawah utk NTLDR is missing...http://forum.lowyat.net/index.php?showtopi...6&hl=ntldr# Quote Share this post Link to post Share on other sites
sHäm 4 Report post Posted August 11, 2008 ..sepatutnya simple aje.. Quote Share this post Link to post Share on other sites
lady_rysher 0 Report post Posted August 11, 2008 selepas buat sume tuh...ble shutdown then nk on balik trus x leh load win....thanks for the info..nanti try buat..ala...x simple la...complicated gk..sy dh try dh update av sume..sblm ni sy gune avg, lg la x leh nk detect langsung trojan tuh...bile change pada avira bru boleh detect...dh bpe banyak av yg sy install n uninsntall sume xleh.. Quote Share this post Link to post Share on other sites
sHäm 4 Report post Posted August 11, 2008 selepas buat sume tuh...ble shutdown then nk on balik trus x leh load win....thanks for the info..nanti try buat..ala...x simple la...complicated gk..sy dh try dh update av sume..sblm ni sy gune avg, lg la x leh nk detect langsung trojan tuh...bile change pada avira bru boleh detect...dh bpe banyak av yg sy install n uninsntall sume xleh....tu kan dah simple bunyinya..pemilihan antivirus penting..x semua antivirus sama..thinkabout it.... Quote Share this post Link to post Share on other sites
baok 0 Report post Posted August 11, 2008 selepas buat sume tuh...ble shutdown then nk on balik trus x leh load win....thanks for the info..nanti try buat..ala...x simple la...complicated gk..sy dh try dh update av sume..sblm ni sy gune avg, lg la x leh nk detect langsung trojan tuh...bile change pada avira bru boleh detect...dh bpe banyak av yg sy install n uninsntall sume xleh..be more specific please.. after which step actually?Do you have Windows CD? Boot with your Windows CD and then do below..1. Masukkan CD Windows ke dalam CD/DVD drive2. Boot computer dari CD3. Nanti akan ada Welcome to Setup menu. Tekan R untuk Recovery Console. Sila rujuk laman web di bawah untuk mengetahui caranya..http://www.webtree.ca/windowsxp/repair_xp....very%20Console:4. Kemudian dia akan tanya "Which Windows installation would you like to log onto". Pastikan ada 1: X:\WINDOWS.. (X:\ ialah directory untuk Windows). Then tekan 1 dan Enter. Kalau tak ada 1: X:\WINDOWS stop dan inform kat sini..5. Dia akan mintak Administrator password.. Enter Administrator password.. Just tekan Enter sekiranya tiada Administrator password..6. Kemudian, taip command di bawah dan press Entercopy drive:\i386\ntldr c:\copy drive:\i386\ntdetect.com c:\Gantikan drive dengan huruf untuk drive cd anda (contoh E)7. Kemudian taip exit dan tekan Enter.. Keluarkan CD Windows8. Cuba boot Windows secara Normal dan bagi tahu result dia di sini.. Quote Share this post Link to post Share on other sites