ntdetect.exe - Dangerous

Labels: Posted by Mr. Sham@poksey on Saturday, September 27, 2008 at 10:10 AM

We suggest you to remove NTDETECT.exe from your computer as soon as possible.
NTDETECT.exe is W32.Yahack.A.
W32.Yahack.A is a worm that spreads through mapped drives. It logs keystrokes, gathers system information, and steals Yahoo! Messenger passwords.
Related files:
%CurrentFolder%\autorun.inf
%System%\UpDateWinc.exe
%System%\UpDateWind.exe
%Windir%\LogBoy.log
%SystemDrive%\a1.exe
%SystemDrive%\pass1.txt
%SystemDrive%\tem.exe
%SystemDrive%\temp1.bat
%DriveLetter%\NTDETECT.exe

Saya baru jumpa trojan nih dalam laptop seorang kastemer. Pada mulanya macam susah juga nak buang mangkuk hayun nih. Delete je dia masuk balik. Kena cari dia punya main file. So, saya cuba cara manual ini :

1. Pertama sekali saya kill process "UpDateWinc.exe" dalam Task Manager.
2. Lepas tu Delete file Ntdetect.com dalam c:\
3. Kemudian cari file UpDateWinc.exe dan UpDateWind.exe dalam folder system32 dan delete.
4. Bukan msconfig dan buangkan file UpDateWinc.exe dari senarai startup.
5. Buka fail regedit, dan cari file Ntdetect.exe, UpDateWinc.exe, dan buangkan ia dari senarai.

Setakat ini cara manual diatas dapat membantu membuang trojan tersebut.

Read more: http://www.symantec.com/business/securit...

1 comments  

Acer Aspire 2430, Aspire 2930, 2930Z Windows XP Drivers :

Labels: Posted by Mr. Sham@poksey on Tuesday, September 23, 2008 at 11:23 AM

Use mirror for faster download...
blogger-emoticon.blogspot.com
WLAN Atheros driver (Download - Mirror)
WLAN Broadcom driver (Download - Mirror)

WLAN Intel driver (Download)
(Direct Download - Mirror) Driver only (support 32bit and 64bit OS)
(Direct Download - Mirror) Driver and Intel® PROSet/Wireless Network Connection Software (32 bit)

VGA Intel driver (Download - Mirror)
Launch Manager driver (Download - Mirror)
Modem LiteOn driver (Download - Mirror)
Camera Suyin driver (Download - Mirror)
TouchPad driver (Download - Mirror)
Card Reader driver (Download - Mirror)
Bluetooth driver (Download - Mirror)
Audio Realtek driver (Download - Mirror)
LAN driver (Download - Mirror)
Finger Print Scanner driver (Download - Mirror)
Chipset Intel driver (Download - Mirror)

3 comments  

Gambar terbaru di Warisan2u.Com

Labels: Posted by Mr. Sham@poksey on at 8:34 AM

Sempat lago boss kita ni nak possing. Terdengar kastemer belakang tu dok mengumpat.... hahahahaha...

Susunan rak barang2 jualan dialah ke tepi tangga.

Staf dua orang ni dok sibuk servis laptop pelanggan. Ini servis baik punya.... Tak rugi sesapa yang datang kek kedai kami...

Tu dok tgk apo tuh...?

0 comments  

Ubahsuai kedudukan rak dan meja

Labels: Posted by Mr. Sham@poksey on Saturday, September 20, 2008 at 9:28 AM

Pada 16 September lepas, kami membuat sedikit perubahan kedudukan rak2 dan meja servia serta kaunter di Warisan2u.Com supaya kaunter bayaran dan kaunter servis berada dalam dalam satu baris. Kerja2 pengubahsuaian tersebuat bermula dari pukul 7am hingga 12.30pm. Semua kerja2 berjalan dengan lancar.

0 comments  

Bermain dengan Photoshop CS3

Labels: Posted by Mr. Sham@poksey on Sunday, September 14, 2008 at 12:50 PM

Kalau ada masa terluang, budak2 di Warisan2u ni suka godek2 Photoshop CS3. Seronok boleh edit / sunting gambar. Dibawah ini adalah hasil kreativiti daripada CS3...

Model "awang kenit" diatas speaker. Teknik cut n paster dan shadow.

Gambar ats ini pula lebih kepada suntingan teks. Menggunakan teknik blending dan shadow supaya teks nampak 3D.

Dengan menggunakan teknik stylize + wind dan Hue & saturation, 2 gambar diatas seperti berada di musim sejuk.

"Superman" kat atas ini pula menggunakan teknik super impose. Real tak?

Ini juga menggunakan teknik super impose.

0 comments  

How to remove Antivirus XP 2008 (Uninstall Instructions)

Labels: Posted by Mr. Sham@poksey on Monday, September 8, 2008 at 8:57 AM

Automated Removal Instructions for Antivirus XP 2008 using Malwarebytes' Anti-Malware:

  1. Print out these instructions as we will need to close every window that is open later in the fix.

  2. Download Malwarebytes' Anti-Malware, or MBAM, from the following location and save it to your desktop:

    Malwarebytes' Anti-Malware Download Link


  3. Once downloaded, close all programs and Windows on your computer, including this one.

  4. Double-click on the icon on your desktop named Download_mbam-setup.exe. This will start the installation of MBAM onto your computer.

  5. When the installation begins, keep following the prompts in order to continue with the installation process. Do not make any changes to default settings and when the program has finished installing, make sure you leave both the Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware checked. Then click on the Finish button.

  6. MBAM will now automatically start and you will see a message stating that you should update the program before performing a scan. As MBAM will automatically update itself after the install, you can press the OK button to close that box and you will now be at the main program as shown below.


    MalwareBytes Anti-Malware Screen

  7. On the Scanner tab, make sure the the Perform quick scan option is selected and then click on the Scan button to start scanning your computer for Antivirus XP 2008 related files.

  8. MBAM will now start scanning your computer for malware. This process can take quite a while, so we suggest you go and do something else and periodically check on the status of the scan. When MBAM is scanning it will look like the image below.


    MalwareBytes Anti-Malware Scanning Screen

  9. When the scan is finished a message box will appear as shown in the image below.


    MalwareBytes Anti-Malware Scan Finished Screen

    You should click on the OK button to close the message box and continue with the AntivirusXP2008 removal process.

  10. You will now be back at the main Scanner screen. At this point you should click on the Show Results button.

  11. A screen displaying all the malware that the program found will be shown as seen in the image below.


    MalwareBytes Scan Results


    You should now click on the Remove Selected button to remove all the listed malware. MBAM will now delete all of the files and registry keys and add them to the programs quarantine.

  12. When MBAM has finished removing the malware, it will open the scan log and display it in Notepad. Review the log as desired, and then close the Notepad window.

  13. You can now exit the MBAM program.

Your computer should now be free of the AntivirusXP2008 program. If your current anti-virus solution let this infection through, you may want to consider purchasing the PRO version of Malwarebytes' Anti-Malware to protect against these types of threats in the future.

If you are still having problems with your computer after completing these instructions, then please follow the steps outlined in the topic linked below:

Preparation Guide For Use Before Posting A Hijackthis Log

Associated Antivirus XP 2008 Files:

Note, Some of these files and folders may be random:

C:\WINDOWS\qegbdmwf.dll
C:\WINDOWS\pntqkflv.dll
c:\Program Files\rhcnkrj0etfg
c:\Program Files\rhcnkrj0etfg\database.dat
c:\Program Files\rhcnkrj0etfg\license.txt
c:\Program Files\rhcnkrj0etfg\MFC71.dll
c:\Program Files\rhcnkrj0etfg\MFC71ENU.DLL
c:\Program Files\rhcnkrj0etfg\msvcp71.dll
c:\Program Files\rhcnkrj0etfg\msvcr71.dll
c:\Program Files\rhcnkrj0etfg\rhcnkrj0etfg.exe
c:\Program Files\rhcnkrj0etfg\rhcnkrj0etfg.exe.local
c:\Program Files\rhcnkrj0etfg\rhcnkrj0etfgSkin.dll
c:\Program Files\rhcnkrj0etfg\Uninstall.exe
c:\WINDOWS\system32\pphcjkrj0etfg.exe
c:\Documents and Settings\All Users\Desktop\Antivirus XP 2008.lnk
c:\Documents and Settings\All Users\Start Menu\Programs\Antivirus XP 2008
c:\Documents and Settings\All Users\Start Menu\Programs\Antivirus XP 2008.lnk
c:\Documents and Settings\All Users\Start Menu\Programs\Antivirus XP 2008\Antivirus XP 2008.lnk
c:\Documents and Settings\All Users\Start Menu\Programs\Antivirus XP 2008\How to Register Antivirus XP 2008.lnk
c:\Documents and Settings\All Users\Start Menu\Programs\Antivirus XP 2008\License Agreement.lnk
c:\Documents and Settings\All Users\Start Menu\Programs\Antivirus XP 2008\Register Antivirus XP 2008.lnk
c:\Documents and Settings\All Users\Start Menu\Programs\Antivirus XP 2008\Uninstall.lnk
%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus XP 2008.lnk
%UserProfile%\Application Data\rhcnkrj0etfg
%UserProfile%\Application Data\rhcnkrj0etfg\Quarantine
%UserProfile%\Application Data\rhcnkrj0etfg\Quarantine\Autorun
%UserProfile%\Application Data\rhcnkrj0etfg\Quarantine\Autorun\HKCU
%UserProfile%\Application Data\rhcnkrj0etfg\Quarantine\Autorun\HKCU\RunOnce
%UserProfile%\Application Data\rhcnkrj0etfg\Quarantine\Autorun\HKLM
%UserProfile%\Application Data\rhcnkrj0etfg\Quarantine\Autorun\HKLM\RunOnce
%UserProfile%\Application Data\rhcnkrj0etfg\Quarantine\Autorun\StartMenuAllUsers
%UserProfile%\Application Data\rhcnkrj0etfg\Quarantine\Autorun\StartMenuCurrentUser
%UserProfile%\Application Data\rhcnkrj0etfg\Quarantine\BrowserObjects
%UserProfile%\Application Data\rhcnkrj0etfg\Quarantine\Packages

Associated Antivirus XP 2008 Windows Registry Information:

Note, Some of these Registry keys and values may be random:

HKEY_LOCAL_MACHINE\SOFTWARE\rhcnkrj0etfg
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\rhcnkrj0etfg
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion "rhcnkrj0etfg"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform "AntivirXP08"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "SMrhcnkrj0etfg"


Article taken from : http://www.bleepingcomputer.com/malware-removal/remove-antivirus-xp-2008

0 comments  

How to Remove Malware ?

Labels: Posted by Mr. Sham@poksey on at 8:31 AM

From your Antivirus Software Guide


Here's How:
  1. Obtain a clean boot disk/CD and a clean antivirus software disk. If you don't have either of these two items get a copy from a friend, local store, or the Internet.
  2. Back up essential files to a disk. Don't forget to back up Internet Explorer favorites, Word templates, and files with programs like Outlook.
  3. Shut down the computer and turn off the power for 30 seconds or longer.
  4. Insert the clean boot disk or CD and turn on the computer, booting from the clean disk inserted. Change the startup sequence if required to make the computer boot from the inserted disk or CD.
  5. Run antivirus software from a clean antivirus disk or CD. Knowing simple DOS commands like "A:", "DIR", and how to type in the name of a program to run it may be necessary.
  6. Disinfect all files and write down or save a copy of the scan report when done.
  7. If cleaned documents don't work as designed, save the backup copy of the infected file to the hard drive and try a different program or method to remove the virus.
  8. Install antivirus software on the hard drive and reboot the computer.
  9. Run antivirus from the hard drive to scan the drives again as well as scan all other media, especially floppy disks.
  10. Download and run a second package for a second opinion, repeating steps above if necessary.


Tips:

  1. Lock disks, by moving a plastic tab to see a hole through the disk, to protect against infections.
  2. To back up files within Outlook use the Export feature and save the exported file to a disk.
  3. To change the disk startup sequence press a key, as indicated on the screen, when the computer first starts up. Most use keys like F2 and Delete are common examples.

Related Information:

  • ER Center & Downloads
  • Free Antivirus Programs
  • Create a Boot Disk
  • Disinfecting Multiple Viruses

    • 0 comments  

    How BitTorrent Works

    Labels: Posted by Mr. Sham@poksey on Saturday, September 6, 2008 at 10:34 AM


    Client-server download process
    The transfer speed is affected by a number of variables, including the type of protocol, the amount of traffic on the server and the number of other computers that are downloading the file. If the file is both large and popular, the demands on the server are great, and the download will be slow.
    Peer-to-peer File Sharing
    Peer-to-peer file sharing is different from traditional file downloading. In peer-to-peer sharing, you use a software program (rather than your Web browser) to locate computers that have the file you want. Because these are ordinary computers like yours, as opposed to servers, they are called peers. The process works like this:
    * You run peer-to-peer file-sharing software (for example, a Gnutella program) on your computer and send out a request for the file you want to download.
    * To locate the file, the software queries other computers that are connected to the Internet and running the file-sharing software.
    * When the software finds a computer that has the file you want on its hard drive, the download begins.
    * Others using the file-sharing software can obtain files they want from your computer's hard drive.

    Gnutella's peer-to-peer download process
    The file-transfer load is distributed between the computers exchanging files, but file searches and transfers from your computer to others can cause bottlenecks. Some people download files and immediately disconnect without allowing others to obtain files from their system, which is called leeching. This limits the number of computers the software can search for the requested file.
    What BitTorrent Does
    Unlike some other peer-to-peer downloading methods, BitTorrent is a protocol that offloads some of the file tracking work to a central server (called a tracker). Another difference is that it uses a principal called tit-for-tat. This means that in order to receive files, you have to give them. This solves the problem of leeching -- one of developer Bram Cohen's primary goals. With BitTorrent, the more files you share with others, the faster your downloads are. Finally, to make better use of available Internet bandwidth (the pipeline for data transmission) , BitTorrent downloads different pieces of the file you want simultaneously from multiple computers.
    Here's how it works:
    BitTorrent's peer-to-peer download process
    * You open a Web page and click on a link for the file you want.
    * BitTorrent client software communicates with a tracker to find other computers running BitTorrent that have the complete file (seed computers) and those with a portion of the file (peers that are usually in the process of downloading the file).
    * The tracker identifies the swarm, which is the connected computers that have all of or a portion of the file and are in the process of sending or receiving it.
    * The tracker helps the client software trade pieces of the file you want with other computers in the swarm. Your computer receives multiple pieces of the file simultaneously.
    * If you continue to run the BitTorrent client software after your download is complete, others can receive .torrent files from your computer; your future download rates improve because you are ranked higher in the "tit-for-tat" system.
    Downloading pieces of the file at the same time helps solve a common problem with other peer-to-peer download methods: Peers upload at a much slower rate than they download. By downloading multiple pieces at the same time, the overall speed is greatly improved. The more computers involved in the swarm, the faster the file transfer occurs because there are more sources of each piece of the file. For this reason, BitTorrent is especially useful for large, popular files.

    To Know More about Installing & configuring BitTorrent, click here.

    0 comments  

    Acer Aspire 3690 Drivers XP

    Labels: Posted by Mr. Sham@poksey on Tuesday, September 2, 2008 at 8:29 AM

    This Driver avaiable for Acer Aspire 3690 and works on Windows XP
    Drivers detail:

    802.11bg Atheros XB63 wireless driver XP32_WHQL_5-3-0-35.zip 2659 KB 5/22/2007
    Acer Launch Manager Ver.1.17.1e.zip 1974 KB 2/23/2007
    Audio Driver Realtek Ver.5.10.0.5273.zip 24826 KB 2/23/2007
    Bluetooth Driver Ver.5.0.1.1500.zip 72991 KB 2/23/2007
    Camera Driver Bison Ver.5.0.0.10.zip 3621 KB 2/23/2007
    Camera Logitech_10_4_0_1319.zip 90758 KB 8/22/2007
    Chipset Driver Intel Ver.8.0.1.1002.zip 1753 KB 2/23/2007
    Fast Infrared Driver SMC Ver.5.1.3600.5.zip 3035 KB 2/23/2007
    Lan Driver Broadcom 10-100 Ver.4.37.0.0.zip 33 KB 2/23/2007
    Lan Driver Broadcom 5787 Ver.9.25.0.0.zip 88 KB 2/23/2007
    Lan Driver Broadcom 5789 Ver.8.48.0.0.zip 85 KB 2/23/2007
    Modem Driver V7.62.00.00 for T60M955.zip 1726 KB 5/11/2007
    Modem Driver Ver.7.34.0.0.zip 1491 KB 2/23/2007
    PCMCIA and Card Reader-ENE V2.07.05 for XP-2K(WHQL).ZIP 531 KB 11/17/2006
    TV Tuner Avermedia M103 Ver.1.0.2.34.zip 614 KB 2/23/2007
    TV Tuner Avermedia M104 Ver.1.0.1.43.zip 464 KB 2/23/2007
    TV Tuner Avermedia M115 Ver.3.3.23.69.zip 390 KB 2/23/2007
    TV Tuner Liteon 2305 Ver.1.3.4.3.zip 203 KB 2/23/2007
    Touchpad Driver Synaptics Ver.8.2.19.0.zip 5367 KB 2/23/2007
    VGA Driver Intel Ver.6.14.10.4543.zip 5092 KB 3/1/2007
    VGA Driver nVidia Ver.8.4.8.5.zip 23715 KB 2/23/2007
    Wireless Lan Driver 802ABG Intel Ver.10.1.1.3.zip 39509 KB 2/23/2007
    Wireless Lan Driver 802bg Broadcom Ver.4.2.2.7.zip 75049 KB 2/23/2007

    0 comments  

    Selamat Menunaikan Ibadah Puasa

    Labels: Posted by Mr. Sham@poksey on Monday, September 1, 2008 at 3:47 PM

    Kami di Warisan2u.Com Enterprise ingin mengambil peluang untuk mengucapkan selamat menyambut Ramadhan al Mubarak kepada semua pelanggan beragama Islam yang dihormati serta seluruh umat Islam di Malaysia. Marilah kita bersama-sama mengambil kesempatan untuk memperbanyakkan amal ibadah dan bermunajat kepada Allah S.W.T.

    Semoga Ramadhan ini memberi ruang buat kita untuk menyempurnakan ibadah puasa sehingga mencapai derajat taqwa. Tidak lupa untuk bermuhasabah agar kita memperbaiki hubungan sesama insan dan mendekatkan diri dengan Khaliq pencipta semesta.

    Ikhtiar menjalani, untung menyudahi, manusia mengikhtiarkan, Allah mentakdirkan!


    Pengurus,
    Warisan2u.Com Ent.

    0 comments  

    Subscribe to: Posts (Atom)