Forum Sementara Putera.com

Bersama kita perkemaskan forum ini sementara forum asal dalam pemulihan.

Forum putera dah kembali. Masalah sudah berjaya diselesaikan. Sila lawati http://forum.putera.com/tanya


    tlg cek hijackthis

    Share

    khairulnisa
    Ahli Baharu
    Ahli Baharu

    Number of posts : 11
    Registration date : 10/03/2009

    tlg cek hijackthus

    Post by khairulnisa on Sat Jan 16, 2010 2:53 am

    hijakcthis pon xberapa leh buka..
    malwarebyte langsung la xleh..

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 2:45:29 AM, on 1/16/2010
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
    C:\WINDOWS\system32\ElkCtrl.exe
    C:\Program Files\Sunbelt Software\CounterSpy\SBAMTray.exe
    C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
    C:\Program Files\Panasonic\Ncr3\ncrcore3.exe
    C:\Documents and Settings\User\Local Settings\Application Data\Meebo\Meebo Notifier\MeeboNotifier.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files\Panasonic\Ncr3\Ncrwd.exe
    C:\DOCUME~1\User\LOCALS~1\Temp\RtkBtMnt.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\agrsmsvc.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
    C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    C:\Program Files\Sunbelt Software\CounterSpy\SBAMSvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Mobile Partner\Mobile Partner.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://192.168.10.253/
    O1 - Hosts: 74.125.53.106 msnfix.changelog.fr
    O1 - Hosts: 74.125.53.106 www.incodesolutions.com
    O1 - Hosts: 74.125.53.106 virusinfo.prevx.com
    O1 - Hosts: 74.125.53.106 download.bleepingcomputer.com
    O1 - Hosts: 74.125.53.106 www.dazhizhu.cn
    O1 - Hosts: 74.125.53.106 foro.noticias3d.com
    O1 - Hosts: 74.125.53.106 www.spybotupdates.com
    O1 - Hosts: 74.125.53.106 club.myce.com
    O1 - Hosts: 74.125.53.106 www.k7computing.com
    O1 - Hosts: 74.125.53.106 www.nabble.com
    O1 - Hosts: 74.125.53.106 lurker.clamav.net
    O1 - Hosts: 74.125.53.106 lexikon.ikarus.at
    O1 - Hosts: 74.125.53.106 research.sunbelt-software.com
    O1 - Hosts: 74.125.53.106 www.virusdoctor.jp
    O1 - Hosts: 74.125.53.106 www.elitepvpers.de
    O1 - Hosts: 74.125.53.106 guru.avg.com
    O1 - Hosts: 74.125.53.106 downloads.sophos.com
    O1 - Hosts: 74.125.53.106 share.skype.com
    O1 - Hosts: 74.125.53.106 myantispyware.com
    O1 - Hosts: 74.125.53.106 www.superuser.co.kr
    O1 - Hosts: 74.125.53.106 ntfaq.co.kr
    O1 - Hosts: 74.125.53.106 v.dreamwiz.com
    O1 - Hosts: 74.125.53.106 cit.kookmin.ac.kr
    O1 - Hosts: 74.125.53.106 forums.whatthetech.com
    O1 - Hosts: 74.125.53.106 forum.hijackthis.de
    O1 - Hosts: 74.125.53.106 avg.vo.llnwd.net
    O1 - Hosts: 74.125.53.106 ftp.drweb.com
    O1 - Hosts: 74.125.53.106 www.zonealarm.com
    O1 - Hosts: 74.125.53.106 smadaver.com
    O1 - Hosts: 74.125.53.106 support.emsisoft.com
    O1 - Hosts: 74.125.53.106 www.huaifai.go.th
    O1 - Hosts: 74.125.53.106 www.mostz.com
    O1 - Hosts: 74.125.53.106 www.krupunmai.com
    O1 - Hosts: 74.125.53.106 www.cddchiangmai.net
    O1 - Hosts: 74.125.53.106 forum.malekal.com
    O1 - Hosts: 74.125.53.106 tech.pantip.com
    O1 - Hosts: 74.125.53.106 sapcupgrades.com
    O1 - Hosts: 74.125.53.106 www.elguruinformatico.com
    O1 - Hosts: 74.125.53.106 forums.avg.com
    O1 - Hosts: 74.125.53.106 zastita.com
    O1 - Hosts: 74.125.53.106 support.kaspersky.com
    O1 - Hosts: 74.125.53.106 www.247fixes.com
    O1 - Hosts: 74.125.53.106 forum.sysinternals.com
    O1 - Hosts: 74.125.53.106 forum.telecharger.01net.com
    O1 - Hosts: 74.125.53.106 sophos.com
    O1 - Hosts: 74.125.53.106 foros.softonic.com
    O1 - Hosts: 74.125.53.106 avast-home.uptodown.com
    O1 - Hosts: 74.125.53.106 dr-web-cureit.softonic.com
    O1 - Hosts: 74.125.53.106 heavenward.ru
    O1 - Hosts: 74.125.53.106 forum.smadav.net
    O1 - Hosts: 74.125.53.106 www.forum.kaspersky.com
    O1 - Hosts: 74.125.53.106 www.f-secure.com
    O1 - Hosts: 74.125.53.106 www.chkrootkit.org
    O1 - Hosts: 74.125.53.106 diamondcs.com.au
    O1 - Hosts: 74.125.53.106 www.rootkit.nl
    O1 - Hosts: 74.125.53.106 www.sysinternals.com
    O1 - Hosts: 74.125.53.106 z-oleg.com
    O1 - Hosts: 74.125.53.106 espanol.dir.groups.yahoo.com
    O1 - Hosts: 74.125.53.106 ftp01net.telechargement.fr
    O1 - Hosts: 74.125.53.106 modelayu.com
    O1 - Hosts: 74.125.53.106 vaksin.com
    O1 - Hosts: 74.125.53.106 bbs.kaspersky.com.cn
    O1 - Hosts: 74.125.53.106 www.castlecrops.com
    O1 - Hosts: 74.125.53.106 www.misec.net
    O1 - Hosts: 74.125.53.106 safecomputing.umn.edu
    O1 - Hosts: 74.125.53.106 www.antirootkit.com
    O1 - Hosts: 74.125.53.106 www.greatis.com
    O1 - Hosts: 74.125.53.106 ar.answers.yahoo.com
    O1 - Hosts: 74.125.53.106 www.elhacker.org
    O1 - Hosts: 74.125.53.106 research.pandasecurity.com
    O1 - Hosts: 74.125.53.106 www.tpu.ro
    O1 - Hosts: 74.125.53.106 www.pinoyden.com
    O1 - Hosts: 74.125.53.106 www.rootkit.com
    O1 - Hosts: 74.125.53.106 www.pctools.com
    O1 - Hosts: 74.125.53.106 www.pcsupportadvisor.com
    O1 - Hosts: 74.125.53.106 www.resplendence.com
    O1 - Hosts: 74.125.53.106 www.personal.psu.edu
    O1 - Hosts: 74.125.53.106 foro.ethek.com
    O1 - Hosts: 74.125.53.106 foro.elhacker.net
    O1 - Hosts: 74.125.53.106 download.zonealarm.com
    O1 - Hosts: 74.125.53.106 spywarehammer.com
    O1 - Hosts: 74.125.53.106 www.codelain.com
    O1 - Hosts: 74.125.53.106 vil.nail.com
    O1 - Hosts: 74.125.53.106 search.mcafee.com
    O1 - Hosts: 74.125.53.106 wwww.mcafee.com
    O1 - Hosts: 74.125.53.106 download.nai.com
    O1 - Hosts: 74.125.53.106 wwww.experts-exchange.com
    O1 - Hosts: 74.125.53.106 www.bakunos.com
    O1 - Hosts: 74.125.53.106 www.darkclockers.com
    O1 - Hosts: 74.125.53.106 www2.gmer.net
    O1 - Hosts: 74.125.53.106 ariefew.com
    O1 - Hosts: 74.125.53.106 www.emsisoft.com
    O1 - Hosts: 74.125.53.106 forum.romeonet.ro
    O1 - Hosts: 74.125.53.106 www.Merijn.org
    O1 - Hosts: 74.125.53.106 www.spywareinfo.com
    O1 - Hosts: 74.125.53.106 www.spybot.info
    O1 - Hosts: 74.125.53.106 www.viruslist.com
    O1 - Hosts: 74.125.53.106 www.hijackthis.de
    O1 - Hosts: 74.125.53.106 ftp.f-secure.com
    O1 - Hosts: 74.125.53.106 forum.kaspersky.com
    O1 - Hosts: 74.125.53.106 es.trendmicro-europe.com
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
    O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspect
    O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
    O4 - HKLM\..\Run: [ctfmon.exe] ctfmon.exe
    O4 - HKLM\..\Run: [MS Virtual CLS] C:\WINDOWS\system32\wmipxty.exe
    O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [SBAMTray] C:\Program Files\Sunbelt Software\CounterSpy\SBAMTray.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
    O4 - HKCU\..\Run: [Ncr3] C:\Program Files\Panasonic\Ncr3\ncrcore3.exe
    O4 - HKCU\..\Run: [Meebo Notifier] "C:\Documents and Settings\User\Local Settings\Application Data\Meebo\Meebo Notifier\MeeboNotifier.exe" /startup
    O4 - HKCU\..\Run: [MSConfig] C:\Documents and Settings\User\wpvq.exe \u
    O4 - HKUS\S-1-5-18\..\Run: [MSConfig] C:\Documents and Settings\NetworkService\loi.exe \u (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [MSConfig] C:\Documents and Settings\NetworkService\loi.exe \u (User 'Default user')
    O4 - Global Startup: Bluetooth.lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {33704B0F-9EB7-434B-B752-EA6CFFB87423} (pmjpegaudio Class) - http://192.168.10.253/JpegInst.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{2A8CF71D-EDB8-405B-AC6C-0FC6B96DED59}: NameServer = 203.82.64.67 203.82.64.41
    O17 - HKLM\System\CS1\Services\Tcpip\..\{2A8CF71D-EDB8-405B-AC6C-0FC6B96DED59}: NameServer = 203.82.64.67 203.82.64.41
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
    O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
    O23 - Service: CounterSpy Antispyware (SBAMSvc) - Sunbelt Software - C:\Program Files\Sunbelt Software\CounterSpy\SBAMSvc.exe
    O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
    O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe

    --
    End of file - 11470 bytes

    test0123
    Ahli Rajin
    Ahli Rajin

    Gender : Male Number of posts : 1002
    Age : 33
    Location : Bandar Tasek Mutiara, Penang
    Job/hobbies : Executive/ Cari Gondang
    Registration date : 20/02/2009

    Re: tlg cek hijackthis

    Post by test0123 on Sat Jan 16, 2010 5:55 am

    C:\Program Files\SunbeltSoftware\CounterSpy\SBAMTray.exe
    C:\Program Files\Panasonic\Ncr3\ncrcore3.exe
    C:\Documents and Settings\User\LocalSettings\Application Data\Meebo\MeeboNotifier\MeeboNotifier.exe
    C:\Program Files\Panasonic\Ncr3\Ncrwd.exe
    C:\DOCUME~1\User\LOCALS~1\Temp\RtkBtMnt.exe
    C:\Program Files\SunbeltSoftware\CounterSpy\SBAMSvc.exe
    C:\Program Files\Mobile Partner\Mobile Partner.exe
    R1 - HKCU\Software\Microsoft\Internet ConnectionWizard,ShellNext = http://192.168.10.253/
    O1 - Hosts: 74.125.53.106 msnfix.changelog.fr
    O1 - Hosts: 74.125.53.106 www.incodesolutions.com
    O1 - Hosts: 74.125.53.106 virusinfo.prevx.com
    O1 - Hosts: 74.125.53.106 download.bleepingcomputer.com
    O1 - Hosts: 74.125.53.106 www.dazhizhu.cn
    O1 - Hosts: 74.125.53.106 foro.noticias3d.com
    O1 - Hosts: 74.125.53.106 www.spybotupdates.com
    O1 - Hosts: 74.125.53.106 club.myce.com
    O1 - Hosts: 74.125.53.106 www.k7computing.com
    O1 - Hosts: 74.125.53.106 www.nabble.com
    O1 - Hosts: 74.125.53.106 lurker.clamav.net
    O1 - Hosts: 74.125.53.106 lexikon.ikarus.at
    O1 - Hosts: 74.125.53.106 research.sunbelt-software.com
    O1 - Hosts: 74.125.53.106 www.virusdoctor.jp
    O1 - Hosts: 74.125.53.106 www.elitepvpers.de
    O1 - Hosts: 74.125.53.106 guru.avg.com
    O1 - Hosts: 74.125.53.106 downloads.sophos.com
    O1 - Hosts: 74.125.53.106 share.skype.com
    O1 - Hosts: 74.125.53.106 myantispyware.com
    O1 - Hosts: 74.125.53.106 www.superuser.co.kr
    O1 - Hosts: 74.125.53.106 ntfaq.co.kr
    O1 - Hosts: 74.125.53.106 v.dreamwiz.com
    O1 - Hosts: 74.125.53.106 cit.kookmin.ac.kr
    O1 - Hosts: 74.125.53.106 forums.whatthetech.com
    O1 - Hosts: 74.125.53.106 forum.hijackthis.de
    O1 - Hosts: 74.125.53.106 avg.vo.llnwd.net
    O1 - Hosts: 74.125.53.106 ftp.drweb.com
    O1 - Hosts: 74.125.53.106 www.zonealarm.com
    O1 - Hosts: 74.125.53.106 smadaver.com
    O1 - Hosts: 74.125.53.106 support.emsisoft.com
    O1 - Hosts: 74.125.53.106 www.huaifai.go.th
    O1 - Hosts: 74.125.53.106 www.mostz.com
    O1 - Hosts: 74.125.53.106 www.krupunmai.com
    O1 - Hosts: 74.125.53.106 www.cddchiangmai.net
    O1 - Hosts: 74.125.53.106 forum.malekal.com
    O1 - Hosts: 74.125.53.106 tech.pantip.com
    O1 - Hosts: 74.125.53.106 sapcupgrades.com
    O1 - Hosts: 74.125.53.106 www.elguruinformatico.com
    O1 - Hosts: 74.125.53.106 forums.avg.com
    O1 - Hosts: 74.125.53.106 zastita.com
    O1 - Hosts: 74.125.53.106 support.kaspersky.com
    O1 - Hosts: 74.125.53.106 www.247fixes.com
    O1 - Hosts: 74.125.53.106 forum.sysinternals.com
    O1 - Hosts: 74.125.53.106 forum.telecharger.01net.com
    O1 - Hosts: 74.125.53.106 sophos.com
    O1 - Hosts: 74.125.53.106 foros.softonic.com
    O1 - Hosts: 74.125.53.106 avast-home.uptodown.com
    O1 - Hosts: 74.125.53.106 dr-web-cureit.softonic.com
    O1 - Hosts: 74.125.53.106 heavenward.ru
    O1 - Hosts: 74.125.53.106 forum.smadav.net
    O1 - Hosts: 74.125.53.106 www.forum.kaspersky.com
    O1 - Hosts: 74.125.53.106 www.f-secure.com
    O1 - Hosts: 74.125.53.106 www.chkrootkit.org
    O1 - Hosts: 74.125.53.106 diamondcs.com.au
    O1 - Hosts: 74.125.53.106 www.rootkit.nl
    O1 - Hosts: 74.125.53.106 www.sysinternals.com
    O1 - Hosts: 74.125.53.106 z-oleg.com
    O1 - Hosts: 74.125.53.106 espanol.dir.groups.yahoo.com
    O1 - Hosts: 74.125.53.106 ftp01net.telechargement.fr
    O1 - Hosts: 74.125.53.106 modelayu.com
    O1 - Hosts: 74.125.53.106 vaksin.com
    O1 - Hosts: 74.125.53.106 bbs.kaspersky.com.cn
    O1 - Hosts: 74.125.53.106 www.castlecrops.com
    O1 - Hosts: 74.125.53.106 www.misec.net
    O1 - Hosts: 74.125.53.106 safecomputing.umn.edu
    O1 - Hosts: 74.125.53.106 www.antirootkit.com
    O1 - Hosts: 74.125.53.106 www.greatis.com
    O1 - Hosts: 74.125.53.106 ar.answers.yahoo.com
    O1 - Hosts: 74.125.53.106 www.elhacker.org
    O1 - Hosts: 74.125.53.106 research.pandasecurity.com
    O1 - Hosts: 74.125.53.106 www.tpu.ro
    O1 - Hosts: 74.125.53.106 www.pinoyden.com
    O1 - Hosts: 74.125.53.106 www.rootkit.com
    O1 - Hosts: 74.125.53.106 www.pctools.com
    O1 - Hosts: 74.125.53.106 www.pcsupportadvisor.com
    O1 - Hosts: 74.125.53.106 www.resplendence.com
    O1 - Hosts: 74.125.53.106 www.personal.psu.edu
    O1 - Hosts: 74.125.53.106 foro.ethek.com
    O1 - Hosts: 74.125.53.106 foro.elhacker.net
    O1 - Hosts: 74.125.53.106 download.zonealarm.com
    O1 - Hosts: 74.125.53.106 spywarehammer.com
    O1 - Hosts: 74.125.53.106 www.codelain.com
    O1 - Hosts: 74.125.53.106 vil.nail.com
    O1 - Hosts: 74.125.53.106 search.mcafee.com
    O1 - Hosts: 74.125.53.106 wwww.mcafee.com
    O1 - Hosts: 74.125.53.106 download.nai.com
    O1 - Hosts: 74.125.53.106 wwww.experts-exchange.com
    O1 - Hosts: 74.125.53.106 www.bakunos.com
    O1 - Hosts: 74.125.53.106 www.darkclockers.com
    O1 - Hosts: 74.125.53.106 www2.gmer.net
    O1 - Hosts: 74.125.53.106 ariefew.com
    O1 - Hosts: 74.125.53.106 www.emsisoft.com
    O1 - Hosts: 74.125.53.106 forum.romeonet.ro
    O1 - Hosts: 74.125.53.106 www.Merijn.org
    O1 - Hosts: 74.125.53.106 www.spywareinfo.com
    O1 - Hosts: 74.125.53.106 www.spybot.info
    O1 - Hosts: 74.125.53.106 www.viruslist.com
    O1 - Hosts: 74.125.53.106 www.hijackthis.de
    O1 - Hosts: 74.125.53.106 ftp.f-secure.com
    O1 - Hosts: 74.125.53.106 forum.kaspersky.com
    O1 - Hosts: 74.125.53.106 es.trendmicro-europe.com
    O4 - HKLM\..\Run: [ctfmon.exe] ctfmon.exe
    O4 - HKLM\..\Run: [MS Virtual CLS]C:\WINDOWS\system32\wmipxty.exe
    O4 - HKLM\..\Run: [SBAMTray] C:\ProgramFiles\Sunbelt Software\CounterSpy\SBAMTray.exe
    O4 - HKCU\..\Run: [Messenger (Yahoo!)]"C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
    O4 - HKCU\..\Run: [Ncr3] C:\ProgramFiles\Panasonic\Ncr3\ncrcore3.exe
    O4 - HKCU\..\Run: [Meebo Notifier] "C:\Documentsand Settings\User\Local Settings\ApplicationData\Meebo\Meebo Notifier\MeeboNotifier.exe"/startup
    O4 - HKCU\..\Run: [MSConfig] C:\Documents andSettings\User\wpvq.exe \u
    O4 - HKUS\S-1-5-18\..\Run: [MSConfig] C:\Documentsand Settings\NetworkService\loi.exe \u (User'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [MSConfig] C:\Documentsand Settings\NetworkService\loi.exe \u (User'DefaultO16 - DPF: {33704B0F-9EB7-434B-B752-EA6CFFB87423}(pmjpegaudio Class) -http://192.168.10.253/JpegInst.cab
    user')
    O17 -HKLM\System\CCS\Services\Tcpip\..\{2A8CF71D-EDB8-405B-AC6C-0FC6B96DED59}: NameServer = 203.82.64.67203.82.64.41
    O17 -HKLM\System\CS1\Services\Tcpip\..\{2A8CF71D-EDB8-405B-AC6C-0FC6B96DED59}: NameServer = 203.82.64.67203.82.64.41
    O23 - Service: Remote Packet Capture Protocol v.0(experimental) (rpcapd) - CACE Technologies, Inc.- C:\Program Files\WinPcap\rpcapd.exe
    O23 - Service: CounterSpy Antispyware (SBAMSvc) -Sunbelt Software - C:\Program Files\SunbeltSoftware\CounterSpy\SBAMSvc.exe
    O23 - Service: wampapache - Apache SoftwareFoundation -c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
    O23 - Service: wampmysqld - Unknown owner -c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe

    Fix semua ni

    hampeh
    Ahli
    Ahli

    Number of posts : 866
    Registration date : 28/02/2009

    Re: tlg cek hijackthis

    Post by hampeh on Sat Jan 16, 2010 6:18 am

    banyak betul host file kena fixed....

    bazsh
    Ahli Baharu
    Ahli Baharu

    Gender : Male Number of posts : 401
    Age : 35
    Location : New Castle
    Job/hobbies : Surfing/Games
    Registration date : 20/02/2009

    Re: tlg cek hijackthis

    Post by bazsh on Sun Jan 17, 2010 7:11 am

    TS x cuba scan dalam safe mode ker yg cakap MBAM xleh bukak tu?

    khairulnisa
    Ahli Baharu
    Ahli Baharu

    Number of posts : 11
    Registration date : 10/03/2009

    Re: tlg cek hijackthis

    Post by khairulnisa on Mon Jan 18, 2010 1:03 am

    nk wat camne?
    br je format ari tu..
    xkn nk gi format blk kot..
    tension tol..
    dh la tgh siapkan fyp..

    khairulnisa
    Ahli Baharu
    Ahli Baharu

    Number of posts : 11
    Registration date : 10/03/2009

    Re: tlg cek hijackthis

    Post by khairulnisa on Tue Jan 19, 2010 10:35 am

    dh ok dah sket..
    bley tlg cek dh clean blom?

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 10:32:45 AM, on 1/19/2010
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\Program Files\Winamp\winampa.exe
    C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
    C:\WINDOWS\system32\ElkCtrl.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Google\Google Talk\googletalk.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
    C:\Program Files\Google\Update\GoogleUpdate.exe
    C:\DOCUME~1\User\LOCALS~1\Temp\RtkBtMnt.exe
    C:\WINDOWS\system32\agrsmsvc.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
    C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Google\Update\GoogleUpdate.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.uthm.edu.my:8080
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost; 127.0.0.1; *.uthm.edu.my; 10.*.*.*;<local>
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
    O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspect
    O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
    O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-18\..\Run: [MSConfig] C:\Documents and Settings\NetworkService\loi.exe \u (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [MSConfig] C:\Documents and Settings\NetworkService\loi.exe \u (User 'Default user')
    O4 - Global Startup: Bluetooth.lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {33704B0F-9EB7-434B-B752-EA6CFFB87423} (pmjpegaudio Class) - http://192.168.10.253/JpegInst.cab
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe

    --
    End of file - 6159 bytes

    test0123
    Ahli Rajin
    Ahli Rajin

    Gender : Male Number of posts : 1002
    Age : 33
    Location : Bandar Tasek Mutiara, Penang
    Job/hobbies : Executive/ Cari Gondang
    Registration date : 20/02/2009

    Re: tlg cek hijackthis

    Post by test0123 on Tue Jan 19, 2010 6:32 pm

    C:\Program Files\Google\Update\GoogleUpdate.exe
    C:\DOCUME~1\User\LOCALS~1\Temp\RtkBtMnt.exe
    R1 -HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer =proxy.uthm.edu.my:8080
    R1 -HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;127.0.0.1; *.uthm.edu.my; 10.*.*.*;
    O4 - HKUS\S-1-5-18\..\Run: [MSConfig] C:\Documentsand Settings\NetworkService\loi.exe \u (User'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [MSConfig] C:\Documentsand Settings\NetworkService\loi.exe \u (User'Default user')
    O16 - DPF: {33704B0F-9EB7-434B-B752-EA6CFFB87423}(pmjpegaudio Class) -http://192.168.10.253/JpegInst.cab
    O23 - Service: Google Update Service (gupdate)(gupdate) - Google Inc. - C:\ProgramFiles\Google\Update\GoogleUpdate.exe
    O23 - Service: Remote Packet Capture Protocol v.0(experimental) (rpcapd) - CACE Technologies, Inc.- C:\Program Files\WinPcap\rpcapd.exe

    Fix semua ni..reboot pasti ..win awk dah ok..

    khairulnisa
    Ahli Baharu
    Ahli Baharu

    Number of posts : 11
    Registration date : 10/03/2009

    Re: tlg cek hijackthis

    Post by khairulnisa on Wed Jan 20, 2010 9:16 am

    C:\Program Files\Google\Update\GoogleUpdate.exe
    C:\DOCUME~1\User\LOCALS~1\Temp\RtkBtMnt.exe

    camne nk fixed yg ni?

    test0123
    Ahli Rajin
    Ahli Rajin

    Gender : Male Number of posts : 1002
    Age : 33
    Location : Bandar Tasek Mutiara, Penang
    Job/hobbies : Executive/ Cari Gondang
    Registration date : 20/02/2009

    Re: tlg cek hijackthis

    Post by test0123 on Wed Jan 20, 2010 5:53 pm

    semasa awk scan hijack ..akan kuar logfile kan..fix kat situ ler..just tick and fix it

    khairulnisa
    Ahli Baharu
    Ahli Baharu

    Number of posts : 11
    Registration date : 10/03/2009

    Re: tlg cek hijackthis

    Post by khairulnisa on Thu Jan 21, 2010 12:26 am

    yela..yg dua tu xde pon time nk tick tu..
    apsal lepas fix google talk xley guna ek?

    test0123
    Ahli Rajin
    Ahli Rajin

    Gender : Male Number of posts : 1002
    Age : 33
    Location : Bandar Tasek Mutiara, Penang
    Job/hobbies : Executive/ Cari Gondang
    Registration date : 20/02/2009

    Re: tlg cek hijackthis

    Post by test0123 on Sat Jan 23, 2010 6:13 pm

    sbb original file tu dah infected..uninstall google talk tu guna revo..reboot ..then install semula..siap..

    Sponsored content

    Re: tlg cek hijackthis

    Post by Sponsored content Today at 8:30 am


      Current date/time is Mon Dec 05, 2016 8:30 am