Forum Sementara Putera.com

Bersama kita perkemaskan forum ini sementara forum asal dalam pemulihan.

Forum putera dah kembali. Masalah sudah berjaya diselesaikan. Sila lawati http://forum.putera.com/tanya


    Iexplore.exe, adakah ia satu adware @ malicious @ spyware ?

    Share

    arief_b4
    Ahli Baharu
    Ahli Baharu

    Number of posts : 6
    Registration date : 26/05/2009

    Iexplore.exe, adakah ia satu adware @ malicious @ spyware ?

    Post by arief_b4 on Tue Dec 22, 2009 3:03 pm

    Salam....

    Saya baru je google kan mengenai iexplore, apa yg saya jumpa, ia adalah adware, sekiranya betul, bagaimana saya nak buangkan adware tersebut.

    bazsh
    Ahli Baharu
    Ahli Baharu

    Gender : Male Number of posts : 401
    Age : 35
    Location : New Castle
    Job/hobbies : Surfing/Games
    Registration date : 20/02/2009

    Re: Iexplore.exe, adakah ia satu adware @ malicious @ spyware ?

    Post by bazsh on Tue Dec 22, 2009 6:23 pm

    Adeh...soklan bro terlalu general
    Bro nak cara automatik @ manual sebenarnya?
    Bro ada install apa2 AV x dalam komputer bro?
    Kalo ada...cuba scan & kalo ada malware tu adakah AV bro boleh buang secara automatik
    Cara lain banyak....boleh try install Anti Malware yg lain
    Kalo still x dapat buang baru la kita cuba cara manual Smile

    test0123
    Ahli Rajin
    Ahli Rajin

    Gender : Male Number of posts : 1002
    Age : 33
    Location : Bandar Tasek Mutiara, Penang
    Job/hobbies : Executive/ Cari Gondang
    Registration date : 20/02/2009

    Re: Iexplore.exe, adakah ia satu adware @ malicious @ spyware ?

    Post by test0123 on Tue Dec 22, 2009 6:34 pm

    "iexplore.exe" is the main executable of the Internet Explorer browser from Mircosoft,ia dari windows operating system(OS)

    p/s:apa saja malware can be named anything - so awak patut check dimana files yg running processes ada pada hdd awk. jika bkn Microsoft".exe file ada pada C:Windows ataw C:WindowsSystem32 folder, kemungkinan itu high risk for a virus, spyware, trojan or worm infection!
    utk kenal pasti scan AV,malwarebytes..pastu run hijackthis..utk analysis log file tu..samada kena virus ataw tidak.

    arief_b4
    Ahli Baharu
    Ahli Baharu

    Number of posts : 6
    Registration date : 26/05/2009

    Re: Iexplore.exe, adakah ia satu adware @ malicious @ spyware ?

    Post by arief_b4 on Wed Dec 23, 2009 8:49 am

    maaflah sekiranya soalan terlampau general, sbb dah cuba google dah, x jumpa jalan penyelesaian, nak install anti malware plak, takut salah download, sbb bila lihat task manager, dia mkn ram sampai 1.7g, dan macam mana nak analisis guna hijackthis?

    TOYSЯUS
    Moderators
    Moderators

    Gender : Male Number of posts : 1571
    Age : 29
    Location : Kolam Kering - 3°5′00″N 101°32′00″E
    Job/hobbies : Pembunuh
    Registration date : 27/02/2009

    Re: Iexplore.exe, adakah ia satu adware @ malicious @ spyware ?

    Post by TOYSЯUS on Wed Dec 23, 2009 8:55 am

    Cuba buat camni:
    1. Buka Task Manager (Ctrl+Shift+ESC)
    2. Buka Processes Tab.
    3. Click menu View >> Select Columns
    4. Tick pada "Image Path Name" supaya column tersebut dipaparkan.

    Pastu tell us "iexplorer.exe" tu datangnya dari folder mana.


    --------------------------------------------
    TETTT!!

    arief_b4
    Ahli Baharu
    Ahli Baharu

    Number of posts : 6
    Registration date : 26/05/2009

    Re: Iexplore.exe, adakah ia satu adware @ malicious @ spyware ?

    Post by arief_b4 on Wed Dec 23, 2009 9:15 am

    terima kasih, saya dah cuba, tapi x boleh click sbb dia bertanda merah,apa maksudnya?

    TOYSЯUS
    Moderators
    Moderators

    Gender : Male Number of posts : 1571
    Age : 29
    Location : Kolam Kering - 3°5′00″N 101°32′00″E
    Job/hobbies : Pembunuh
    Registration date : 27/02/2009

    Re: Iexplore.exe, adakah ia satu adware @ malicious @ spyware ?

    Post by TOYSЯUS on Wed Dec 23, 2009 9:24 am

    Sama2. Erm. Bertanda merah? Saya tak pasti. Boleh bagi screenshotnya tak?

    -
    Cuba cara ni pula:
    1. Download HijackThis.
    2. Lakukan Scan dan paste resultnya di sini. Jangan fix apa2 dulu..


    --------------------------------------------
    TETTT!!

    arief_b4
    Ahli Baharu
    Ahli Baharu

    Number of posts : 6
    Registration date : 26/05/2009

    Re: Iexplore.exe, adakah ia satu adware @ malicious @ spyware ?

    Post by arief_b4 on Wed Dec 23, 2009 9:34 am

    cuba tgk
    http://img121.imageshack.us/img121/8213/screen001ks.jpg

    arief_b4
    Ahli Baharu
    Ahli Baharu

    Number of posts : 6
    Registration date : 26/05/2009

    Re: Iexplore.exe, adakah ia satu adware @ malicious @ spyware ?

    Post by arief_b4 on Wed Dec 23, 2009 9:35 am

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 9:35:15 AM, on 12/23/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\STacSV.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\Program Files\GVR\GVR.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
    C:\WINDOWS\system32\agrsmsvc.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\system32\PnkBstrB.exe
    C:\WINDOWS\system32\PSIService.exe
    c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
    C:\Program Files\CyberLink\Shared files\RichVideo.exe
    C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
    C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
    C:\WINDOWS\system32\slserv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Pen_Tablet.exe
    C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
    C:\WINDOWS\system32\WTablet\Pen_TabletUser.exe
    C:\WINDOWS\System32\Drivers\WTSRV.EXE
    C:\WINDOWS\system32\Pen_Tablet.exe
    C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Adobe\Adobe Photoshop CS3\Photoshop.exe
    C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    C:\Program Files\Winamp\winamp.exe
    C:\Program Files\FlashGet\flashget.exe
    C:\Program Files\BearShare Applications\BearShare\BearShare.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
    O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O4 - HKLM\..\Run: [GVR4.2] C:\Program Files\GVR\GVR.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKCU\..\Policies\Explorer\Run: [Policies] C:\WINDOWS\system32\msnet\server.exe
    O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
    O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
    O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
    O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
    O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
    O16 - DPF: {459E93B6-150E-45D5-8D4B-45C66FC035FE} (get_atlcom Class) - http://apps.corel.com/nos_dl_manager/plugin/IEGetPlugin.cab
    O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
    O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader2.cab
    O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} - http://service.futuremark.com/virtualmark/tc/FMSI.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
    O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: getPlus(R) Installer - Unknown owner - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe (file missing)
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: Mamsockaa - Unknown owner - (no file)
    O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
    O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
    O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
    O23 - Service: Sentinel Keys Server (SentinelKeysServer) - SafeNet, Inc. - C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
    O23 - Service: Sentinel Protection Server (SentinelProtectionServer) - SafeNet, Inc - C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
    O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\WINDOWS\system32\STacSV.exe
    O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\WINDOWS\system32\Pen_Tablet.exe
    O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
    O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe
    O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.0.51b\bin\mysqld-nt.exe
    O23 - Service: WinTab Service (WinTabService) - Tablet Driver - C:\WINDOWS\System32\Drivers\WTSRV.EXE
    O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

    --
    End of file - 12270 bytes

    TOYSЯUS
    Moderators
    Moderators

    Gender : Male Number of posts : 1571
    Age : 29
    Location : Kolam Kering - 3°5′00″N 101°32′00″E
    Job/hobbies : Pembunuh
    Registration date : 27/02/2009

    Re: Iexplore.exe, adakah ia satu adware @ malicious @ spyware ?

    Post by TOYSЯUS on Wed Dec 23, 2009 10:13 am

    Dari apa yang saya nampak, iexplorer.exe yang running dalam pc awak tu adalah Internet Explorer, dan bukannya adware.
    Tapi apa yang menyebabkan IE awak makan banyak RAM tu saya tak pasti. Saya rasa sebab addons dan toolbar tapi tak mungkin sampai 1 gig lebih.. Kita tunggu comment dr yang lain..


    --------------------------------------------
    TETTT!!

    arief_b4
    Ahli Baharu
    Ahli Baharu

    Number of posts : 6
    Registration date : 26/05/2009

    Re: Iexplore.exe, adakah ia satu adware @ malicious @ spyware ?

    Post by arief_b4 on Wed Dec 23, 2009 10:16 am

    ohoh, maknanya komputer saya mmg bebas dari segala spyware, dan macam lagilah ya, dan terima kasih Very Happy, sbb saya x pandai nak tgk log hijackthis

    TOYSЯUS
    Moderators
    Moderators

    Gender : Male Number of posts : 1571
    Age : 29
    Location : Kolam Kering - 3°5′00″N 101°32′00″E
    Job/hobbies : Pembunuh
    Registration date : 27/02/2009

    Re: Iexplore.exe, adakah ia satu adware @ malicious @ spyware ?

    Post by TOYSЯUS on Wed Dec 23, 2009 10:22 am

    Nak kata bebas dari spyware tu tak tau la, awak kena scan guna antispyware or antivirus la..
    Untuk scan spyware boleh guna Spybot S&D: http://www.safer-networking.org/en/index.html


    --------------------------------------------
    TETTT!!

    e_sentinel
    Ahli Baharu
    Ahli Baharu

    Number of posts : 479
    Registration date : 02/03/2009

    Re: Iexplore.exe, adakah ia satu adware @ malicious @ spyware ?

    Post by e_sentinel on Wed Dec 23, 2009 12:43 pm

    Network related .. what is this?

    Code:
    O4 - HKCU\..\Policies\Explorer\Run: [Policies] C:\WINDOWS\system32\msnet\server.exe

    test0123
    Ahli Rajin
    Ahli Rajin

    Gender : Male Number of posts : 1002
    Age : 33
    Location : Bandar Tasek Mutiara, Penang
    Job/hobbies : Executive/ Cari Gondang
    Registration date : 20/02/2009

    Re: Iexplore.exe, adakah ia satu adware @ malicious @ spyware ?

    Post by test0123 on Wed Dec 23, 2009 2:32 pm

    C:\WINDOWS\system32\STacSV.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Autodesk\3ds Max C:\mentalray\satellite\raysat_3dsmax9_32server.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\system32\PnkBstrB.exe
    C:\WINDOWS\system32\PSIService.exe
    c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
    :\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
    C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
    C:\WINDOWS\system32\Pen_Tablet.exe
    C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
    C:\WINDOWS\system32\WTablet\Pen_TabletUser.exe
    C:\WINDOWS\System32\Drivers\WTSRV.EXE
    C:\WINDOWS\system32\Pen_Tablet.exe
    C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
    O16 - DPF: {459E93B6-150E-45D5-8D4B-45C66FC035FE}(get_atlcom Class) -http://apps.corel.com/nos_dl_manager/plugin/IEGetPlugin.cab
    O4 - HKCU\..\Policies\Explorer\Run: [Policies] C:\WINDOWS\system32\msnet\server.exe
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
    O16 - DPF: {459E93B6-150E-45D5-8D4B-45C66FC035FE} (get_atlcom Class) - http://apps.corel.com/nos_dl_manager/plugin/IEGetPlugin.cab
    O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07
    .28_v5.5.8.1/FacebookPhotoUploader55.cab
    O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader2.cab
    O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} - http://service.futuremark.com/virtualmark/tc/FMSI.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

    removed ni

    e_sentinel
    Ahli Baharu
    Ahli Baharu

    Number of posts : 479
    Registration date : 02/03/2009

    Re: Iexplore.exe, adakah ia satu adware @ malicious @ spyware ?

    Post by e_sentinel on Wed Dec 23, 2009 4:52 pm

    Kebanyakan yang test0123 beri tu adalah processes .. bagaimana nak totally remove processes? Kalau end process masih ada jika reboot bukan? Boleh detail tak? Nak belajaq nih ..

    test0123
    Ahli Rajin
    Ahli Rajin

    Gender : Male Number of posts : 1002
    Age : 33
    Location : Bandar Tasek Mutiara, Penang
    Job/hobbies : Executive/ Cari Gondang
    Registration date : 20/02/2009

    Re: Iexplore.exe, adakah ia satu adware @ malicious @ spyware ?

    Post by test0123 on Wed Dec 23, 2009 6:21 pm

    sebenarnya aku pun tak la berapa pandai sgt..tolong setakat mana yg aku tahu la..
    semua process running background tu yg makan ram yg byk..
    actually benda tu semua tak perlu ada dlm registry sbb dlm data registry tak wujud..
    harap bro arief fix semua tu..tgk cemana ..ada perubahan tak...
    jika tak run hijacklog dan paste lagi skali tu analysis..

    e_sentinel
    Ahli Baharu
    Ahli Baharu

    Number of posts : 479
    Registration date : 02/03/2009

    Re: Iexplore.exe, adakah ia satu adware @ malicious @ spyware ?

    Post by e_sentinel on Wed Dec 23, 2009 7:43 pm

    Okay, satu lagi soalan bro test0123,

    Jika processes tu dibuang (bukan sekadar exit) maka file EXE tersebut sememang didelete dari computer, bukan? Jadi, apa yang berlaku jika kita nak guna aplikasi2 tersebut, walhal kita dah buang executable file dia, sebab ia bukannya startup entry yang hanya tercatat di Registry untuk arahkan sesuatu EXE file run pada startup ... err,betul tak ni?

    Adakah kita perlu install semula aplikasi2 tersebut untuk membolehkan kita guna ia semula?

    Bagaimana kalau kita disable aje kat Services, jika nak guna kita enable balik, boleh tak begitu?

    test0123
    Ahli Rajin
    Ahli Rajin

    Gender : Male Number of posts : 1002
    Age : 33
    Location : Bandar Tasek Mutiara, Penang
    Job/hobbies : Executive/ Cari Gondang
    Registration date : 20/02/2009

    Re: Iexplore.exe, adakah ia satu adware @ malicious @ spyware ?

    Post by test0123 on Wed Dec 23, 2009 10:04 pm

    1.ye..file exe tu permanent delete dari comuter..sbb bukan startup entry dlm registry..
    2.perlu di install semula sbb registry dah di delete...
    3.tak semua yg aplication tu ada dlm service..
    jika ada boleh disable.. Very Happy

    e_sentinel
    Ahli Baharu
    Ahli Baharu

    Number of posts : 479
    Registration date : 02/03/2009

    Re: Iexplore.exe, adakah ia satu adware @ malicious @ spyware ?

    Post by e_sentinel on Thu Dec 24, 2009 1:15 am

    Hahaha ... sorry bro test0123 .. sekadar menduga .. peace cheers

    Sponsored content

    Re: Iexplore.exe, adakah ia satu adware @ malicious @ spyware ?

    Post by Sponsored content Today at 4:25 am


      Current date/time is Mon Dec 05, 2016 4:25 am