Lowyat.NET: Latest topics by eggy

Position for Full Time and Part Time Jobs

eggy — Fri, 06 Feb 2009 18:43:18 +0800

Hello.

I am helping a friend of mine who is looking for anyone that are currently looking for jobs.
Both full time and part time jobs are available.
Below are the details:

1. Web Developer / Software Developer / Programmer / Analyst

Requirements:

Candidate must possess at least a Diploma, Advanced/Higher/Graduate Diploma, Bachelor's Degree, Post Graduate Diploma or Professional Degree in Computer Science/Information Technology, Art & Design, Advertising/Media, Architecture/Urban Studies or equivalent.
Required skill(s): HTML, PHP, SQL.
Applicants must be willing to work in Sunway.
Applicants should be Malaysian citizens or hold relevant residence status.
Preferably junior executives specializing in Computer Science, Software Engineering, Multimedia or equivalent.
Full-Time positions available.

2. Part Timer Data Entry

Requirements:

Computer
Internet
IT Knowlegde
Computer Skills

Please visit here for more details: www.komunitikami.com

Please do not PM me about this job.
I am NOT responsible in handling the candidate and stuff

Browsing Internet Problem

eggy — Sun, 15 Jun 2008 20:00:35 +0800

As stated, I am facing some problems when trying to browse the Internet using either Firefox or IE.
BUT I managed to use my MSN and YM! without any problem.

From the log, I suspected that these entries might be causing the problem:

O4 - HKLM\..\Run: [BM6216cd25] Rundll32.exe "C:\WINDOWS\System32\mffixrdc.dll",s
O4 - HKLM\..\Run: [6125feb9] rundll32.exe "C:\WINDOWS\System32\evpdvyok.dll",b

I tried to fix those entries BUT it will just come back after a while or when I restart my laptop.
Any help would be much appreciated.
Thank you in advance

QUOTE

Logfile of HijackThis v1.99.1
Scan saved at 7:40:48 PM, on 6/15/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\HPConfig.exe
C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe
C:\Program Files\Trend Micro\OfficeScan Client\OfcPfwSvc.exe
C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\palmOne\HOTSYNC.EXE
C:\WINDOWS\TEMP\MJB368.EXE
C:\Program Files\Trend Micro\OfficeScan Client\pccntupd.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\rundll32.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Windows XP\Desktop\cleaner\Hijack This\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://store.presario.net/scripts/redirect...&c=3C01&lc=6809
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://store.presario.net/scripts/redirect...&c=3C01&lc=6809
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: (no name) - {8E718888-423F-11D2-876E-00A0C9082467} - (no file)
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [BM6216cd25] Rundll32.exe "C:\WINDOWS\System32\mffixrdc.dll",s
O4 - HKLM\..\Run: [6125feb9] rundll32.exe "C:\WINDOWS\System32\evpdvyok.dll",b
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - Startup: HotSync Manager.LNK = C:\Program Files\palmOne\HOTSYNC.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://store.presario.net/scripts/redirectors/presario/storeredir2.dll?s=iehomepage&c=3C01&lc=5c09
O16 - DPF: {00134F72-5284-44F7-95A8-52A619F70751} (ObjWinNTCheck Class) - https://jupiter.uitm.edu.my/officescan/cons...ll/WinNTChk.cab
O16 - DPF: {08D75BB0-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment SetupINICtrl Class) - https://jupiter.uitm.edu.my/officescan/cons...ll/setupini.cab
O16 - DPF: {08D75BC1-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment SetupCtrl Class) - https://jupiter.uitm.edu.my/officescan/cons...stall/setup.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {35C3D91E-401A-4E45-88A5-F3B32CD72DF4} (Encrypt Class) - https://jupiter.uitm.edu.my/officescan/cons...html/AtxEnc.cab
O16 - DPF: {5EFE8CB1-D095-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment ObjRemoveCtrl Class) - https://jupiter.uitm.edu.my/officescan/cons.../RemoveCtrl.cab
O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} (Domino Web Access 7 Control) - http://nyatoh.uitm.edu.my/dwa7W.cab
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\V2luZG93cyBYUA\command.exe (file missing)
O23 - Service: HP Configuration Interface Service (HPConfig) - Hewlett-Packard - C:\WINDOWS\system32\HPConfig.exe
O23 - Service: HPWirelessMgr - Hewlett-Packard Co. - C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: OfficeScanNT RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
O23 - Service: OfficeScanNT Personal Firewall (OfcPfwSvc) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\OfcPfwSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: OfficeScanNT Listener (tmlisten) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe

PC Infected with Worm/Generic.FX

eggy — Mon, 09 Oct 2006 11:20:38 +0800

My friend PC has been infected with this Generic worm.
AVG keeps on pop-ing up the warning message and he keeps on pressing the Heal button.
BUT after few minutes AVG will warn again about the same virus which is very annoying!
Here i attached some screen shots of the popup message.

» Click to show Spoiler - click again to hide... «

This is my HijackThis log.

» Click to show Spoiler - click again to hide... «

Problem Starting Windows 2000

eggy — Thu, 10 Aug 2006 14:53:33 +0800

My friends already format the PC few times and the PC just wont start.
It keeps restarting when loading the Windows during the Starting Windows... message.
Already tried in Safe Mode, Last Good Configuration but the problem still the same.
Already changed the RAMs, GC and Sound Card.

W32.Rontokbro Worm

eggy — Sun, 19 Mar 2006 10:07:20 +0800

Here are two tools that might help you in cleanning and removing the worm.
All credit goes to sUBs.

Newer and updated version of CleanX-II

QUOTE(sUBs @ Apr 2 2006, 07:31 AM)

As promised earlier, here's the removal tool for Brontok. It's usage is pretty straightforward. Please take note of the following points.

Download the attachment I placed with this post - CleanX
Save it on Desktop.
Disconnect/unplug the computer from the internet.
Save any work which you're doing & close all other programs.
If Brontok hasn't totally disabled your security programs yet, kindly disable them now. They might intefere with the tool's working.
For Window's XP, please create a new system restore point.
- Go to Start >> Run - type control sysdm.cpl,,4 & press Enter
  - Tick on the checkbox - Turn off System Restore on all drives
  - Click Apply
- Turn it back 'On' by unticking the same checkbox & click OK
Once you have done that, double-click on the file you downloaded & double click the executable within - CleanX.exe (It doesn't require to be run in Safe Mode)
You should be greeted by the following message (refer to pic below)
Read the message carefully before clicking OK
The tool will begin scanning your machine. Because this worm names it's files randomly, I have to place a series of cross-checks/verification processes to ensure that the tool does not remove legitimate files. Depending on the size of your drives, this scan may take several minutes. Please be patient during this period & allow it to complete it's task.
Once it has finished scanning, it will provide a post mortem of it's actions. This is in the form of a log file

» Click to show Spoiler - click again to hide... «

This is a sample of what the logfile would look like. It's made up of 2 parts - BEFORE / AFTER.
In the lower portion, POST RUN ANALYSIS, make sure that no files appear there.

If it looks something like below you will need to run the tool a 2nd time.

» Click to show Spoiler - click again to hide... «

If the files remain after a 2nd run, there's no need to run it a 3rd time. We're probably dealing with a variant of Brontok that I didn't have a sample of. In such circumstances, I will require a sample file from the afflicted machine for reseach.
Note:
It has been brought to my attention that some people may experience an error message like the one below. If that happens to you, you shall need to visit this website to download additional files > http://www.tech-forums.net/computer/topic/29806.html

Edit: Updated to ver 6.04.02
Edit: Ver 6.04.03 - discovered a scripting error which caused the removal engine to fail.
Edit: Ver 6.04.04. - This version scans faster & does a better job removing all the files in one go. Does away with the need to reboot.
Edit: Ver 6.04.09 - Updated with more viral signatures & added heuristic scanning to the tool. This ensures that it detects a wider range of Brontok variants. Unless it's creator decides to do a major overhaul of the worm, this tool should disinfect almost all Brontok cases.
Edit: Ver 6.04.11 - Improved heuristics. Less leftover files. Also fixed some bugs
[right][snapback]6577860[/snapback][/right]

QUOTE(sUBs @ Jun 8 2006, 01:22 AM)

Download this... It works !!

* Download Dr.Web CureIt to the desktop:
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe

Doubleclick the drweb-cureit.exe file and Allow to run the express scan
This will scan the files currently running in memory and when something is found, click the yes button when it asks you if you want to cure it. This is only a short scan.
Once the short scan has finished, mark the drives that you want to scan.
Select all drives. A red dot shows which drives have been chosen.
Click the green arrow at the right, and the scan will start.
Click 'Yes to all' if it asks if you want to cure/move the file.
When the scan has finished, look if you can click next icon next to the files found:
If so, click it and then click the next icon right below and select Move incurable as you'll see in next image:

This will move it to the %userprofile%\DoctorWeb\quarantaine-folder if it can't be cured.
After selecting, in the Dr.Web CureIt menu on top, click file and choose save report list
Save the report to your desktop. The report will be called DrWeb.csv
Close Dr.Web Cureit.
Reboot your computer!! Because it could be possible that files in use will be moved/deleted during reboot.

[right][snapback]7376888[/snapback][/right]

VB 6

eggy — Mon, 06 Mar 2006 10:37:11 +0800

err..
how to show my answer on 2 decimal points?

eg.
if the answer is 2.31213445 i want it to print out 2.31 only..

thnx in advance

VB6 Chat Program

eggy — Thu, 16 Feb 2006 15:12:39 +0800

im doin a vb6 program and need some example with it..
anyone know which site i should go?
thanx