shahrizal
-
Content Count
275 -
Joined
-
Last visited
Posts posted by shahrizal
-
-
-
ComboFix 07-08-04.3 - "md_syukor" 2008-07-11 12:23:20.1 [GMT 8:00] - NTFS
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.True
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\WINDOWS\system32\bsva-egihsg52.exe
((((((((((((((((((((((((( Files Created from 2008-06-11 to 2008-07-11 )))))))))))))))))))))))))))))))
2008-07-09 09:28 88,576 --a------ C:\WINDOWS\system32\bdsjbrlo.dll
2008-06-25 18:23 321,920 --a------ C:\WINDOWS\system32\fcccbaWo.dll
2008-06-25 18:23 131,757 --ahs---- C:\WINDOWS\system32\oWabcccf.ini2
2008-06-25 18:19 28,800 --a------ C:\WINDOWS\system32\jkkKeddd.dll
2008-06-25 18:18 28,800 --a------ C:\WINDOWS\system32\nnnnKBur.dll
2008-06-25 18:14 <DIR> d-------- C:\Program Files\Antivirus 2008 PRO
2008-06-25 18:13 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\ADSL Software Ltd
2008-06-25 13:55 15,316 ---hs---- C:\WINDOWS\system32\xiao.vbs
2008-06-25 08:51 <DIR> d-------- C:\DOCUME~1\MD_SYU~1\APPLIC~1\FileOpen
2008-06-25 08:51 <DIR> d-------- C:\DOCUME~1\MD_SYU~1\APPLIC~1\AdobeUM
2008-06-25 08:34 63,488 --------- C:\WINDOWS\system32\dllcache\icardie.dll
2008-06-25 08:34 6,066,176 --------- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-06-25 08:34 52,224 --------- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-06-25 08:34 459,264 --------- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-06-25 08:34 383,488 --------- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-06-25 08:34 267,776 --------- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-06-25 08:34 2,455,488 --------- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-06-25 08:34 13,824 --------- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-06-25 08:25 <DIR> d-------- C:\WINDOWS\network diagnostic
2008-06-23 17:14 <DIR> d-------- C:\Program Files\Windows Media Connect 2
2008-06-23 17:12 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF
2008-06-23 16:33 <DIR> d-------- C:\DOCUME~1\MD_SYU~1\APPLIC~1\Nikon
2008-06-23 15:59 <DIR> d--hs---- C:\DOCUME~1\MD_SYU~1\UserData
2008-06-23 15:38 <DIR> d-------- C:\DOCUME~1\MD_SYU~1\APPLIC~1\Yahoo!
2008-06-23 15:37 2,097,152 --ah----- C:\DOCUME~1\MD_SYU~1\NTUSER.DAT
2008-06-23 15:37 <DIR> d-------- C:\DOCUME~1\MD_SYU~1\APPLIC~1\Symantec
2008-06-23 15:37 <DIR> d-------- C:\DOCUME~1\MD_SYU~1\APPLIC~1\Sonic
2008-06-19 16:08 786,432 --ah----- C:\DOCUME~1\hlow01\NTUSER.DAT
2008-06-19 16:08 <DIR> d-------- C:\DOCUME~1\hlow01\APPLIC~1\Symantec
2008-06-19 16:08 <DIR> d-------- C:\DOCUME~1\hlow01\APPLIC~1\Sonic
2008-06-19 11:42 272,128 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-06-19 11:42 272,128 --------- C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-12 11:57 <DIR> d-------- C:\DOCUME~1\rarvi01\APPLIC~1\Yahoo!
2008-06-12 11:57 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2008-06-12 11:53 --------- d-------- C:\Program Files\Yahoo!
2008-05-08 20:28 202752 --------- C:\WINDOWS\system32\dllcache\rmcast.sys
2008-05-07 13:18 1287680 --a------ C:\WINDOWS\system32\quartz.dll
2008-05-07 13:18 1287680 --------- C:\WINDOWS\system32\dllcache\quartz.dll
2008-05-06 09:17 4096 --a------ C:\WINDOWS\winsystem.exe
2008-05-06 09:17 4096 --a------ C:\WINDOWS\userconfig9x.dll
2008-05-06 09:17 4096 --a------ C:\WINDOWS\system32\WINWGPX.EXE
2008-05-06 09:17 4096 --a------ C:\WINDOWS\system32\winsystem.exe
2008-05-06 09:17 4096 --a------ C:\WINDOWS\system32\winlogonpc.exe
2008-05-06 09:17 4096 --a------ C:\WINDOWS\system32\vcatchpi.dll
2008-05-06 09:17 4096 --a------ C:\WINDOWS\system32\vbsys2.dll
2008-05-06 09:17 4096 --a------ C:\WINDOWS\system32\thun32.dll
2008-05-06 09:17 4096 --a------ C:\WINDOWS\system32\thun.dll
2008-05-06 09:17 4096 --a------ C:\WINDOWS\system32\temp#01.exe
2008-05-06 09:17 4096 --a------ C:\WINDOWS\system32\taack.exe
2008-05-06 09:17 4096 --a------ C:\WINDOWS\system32\taack.dat
2008-05-06 09:17 4096 --a------ C:\WINDOWS\system32\sysreq.exe
2008-05-06 09:17 4096 --a------ C:\WINDOWS\system32\ssvchost.exe
2008-05-06 09:17 4096 --a------ C:\WINDOWS\system32\ssvchost.com
2008-05-06 09:17 4096 --a------ C:\WINDOWS\system32\ssurf022.dll
2008-05-06 09:17 4096 --a------ C:\WINDOWS\system32\sncntr.exe
2008-05-06 09:17 4096 --a------ C:\WINDOWS\system32\Rundl1.exe
2008-05-06 09:17 4096 --a------ C:\WINDOWS\system32\regm64.dll
2008-05-06 09:17 4096 --a------ C:\WINDOWS\system32\regc64.dll
2008-05-06 09:17 4096 --a------ C:\WINDOWS\system32\psoft1.exe
2008-05-06 09:17 4096 --a------ C:\WINDOWS\system32\psof1.exe
2008-05-06 09:17 4096 --a------ C:\WINDOWS\system32\ps1.exe
2008-05-06 09:17 4096 --a------ C:\WINDOWS\system32\newsd32.exe
2008-05-06 09:17 4096 --a------ C:\WINDOWS\system32\netode.exe
2008-05-06 09:17 4096 --a------ C:\WINDOWS\system32\mwin32.exe
2008-05-06 09:17 4096 --a------ C:\WINDOWS\system32\mtr2.exe
2008-05-06 09:17 4096 --a------ C:\WINDOWS\system32\msvchost.exe
2008-05-06 09:17 4096 --a------ C:\WINDOWS\system32\mssecu.exe
2008-05-06 09:17 4096 --a------ C:\WINDOWS\system32\msnbho.dll
2008-05-06 09:17 4096 --a------ C:\WINDOWS\system32\msgp.exe
2008-05-06 09:17 4096 --a------ C:\WINDOWS\system32\medup020.dll
2008-05-06 09:17 4096 --a------ C:\WINDOWS\system32\medup012.dll
2008-05-06 09:17 4096 --a------ C:\WINDOWS\system32\hxiwlgpm.exe
2008-05-06 09:17 4096 --a------ C:\WINDOWS\system32\hxiwlgpm.dat
2008-05-06 09:17 4096 --a------ C:\WINDOWS\system32\hoproxy.dll
2008-05-06 09:17 4096 --a------ C:\WINDOWS\system32\h@tkeysh@@k.dll
2008-05-06 09:17 4096 --a------ C:\WINDOWS\system32\emesx.dll
2008-05-06 09:17 4096 --a------ C:\WINDOWS\system32\dpcproxy.exe
2008-05-06 09:17 4096 --a------ C:\WINDOWS\system32\bdn.com
2008-05-06 09:17 4096 --a------ C:\WINDOWS\system32\awtoolb.dll
2008-05-06 09:17 4096 --a------ C:\WINDOWS\system32\anticipator.dll
2008-05-06 09:17 4096 --a------ C:\WINDOWS\system32\akttzn.exe
2008-05-06 09:17 4096 --a------ C:\WINDOWS\mssecu.exe
2008-05-06 09:17 4096 --a------ C:\WINDOWS\iTunesMusic.exe
2008-05-06 09:17 4096 --a------ C:\WINDOWS\FVProtect.exe
2008-05-06 09:17 4096 --a------ C:\WINDOWS\bdn.com
2008-05-06 09:17 4096 --a------ C:\WINDOWS\a.bat
2008-04-23 22:16 3591680 --------- C:\WINDOWS\system32\dllcache\mshtml.dll
2008-04-23 12:16 826368 --------- C:\WINDOWS\system32\dllcache\wininet.dll
2008-04-23 12:16 671232 --------- C:\WINDOWS\system32\dllcache\mstime.dll
2008-04-23 12:16 478208 --------- C:\WINDOWS\system32\dllcache\mshtmled.dll
2008-04-23 12:16 44544 --------- C:\WINDOWS\system32\dllcache\pngfilt.dll
2008-04-23 12:16 44544 --------- C:\WINDOWS\system32\dllcache\iernonce.dll
2008-04-23 12:16 384512 --------- C:\WINDOWS\system32\dllcache\iedkcs32.dll
2008-04-23 12:16 347136 --------- C:\WINDOWS\system32\dllcache\dxtmsft.dll
2008-04-23 12:16 27648 --------- C:\WINDOWS\system32\dllcache\jsproxy.dll
2008-04-23 12:16 233472 --------- C:\WINDOWS\system32\dllcache\webcheck.dll
2008-04-23 12:16 230400 --------- C:\WINDOWS\system32\dllcache\ieaksie.dll
2008-04-23 12:16 214528 --------- C:\WINDOWS\system32\dllcache\dxtrans.dll
2008-04-23 12:16 193024 --------- C:\WINDOWS\system32\dllcache\msrating.dll
2008-04-23 12:16 153088 --------- C:\WINDOWS\system32\dllcache\ieakeng.dll
2008-04-23 12:16 133120 --------- C:\WINDOWS\system32\dllcache\extmgr.dll
2008-04-23 12:16 124928 --------- C:\WINDOWS\system32\dllcache\advpack.dll
2008-04-23 12:16 1159680 --------- C:\WINDOWS\system32\dllcache\urlmon.dll
2008-04-23 12:16 105984 --------- C:\WINDOWS\system32\dllcache\url.dll
2008-04-23 12:16 102912 --------- C:\WINDOWS\system32\dllcache\occache.dll
2008-04-22 15:40 625664 --------- C:\WINDOWS\system32\dllcache\iexplore.exe
2008-04-22 15:39 70656 --------- C:\WINDOWS\system32\dllcache\ie4uinit.exe
2008-04-21 15:04 474112 --------- C:\WINDOWS\system32\dllcache\shlwapi.dll
2008-04-21 15:04 1494528 --------- C:\WINDOWS\system32\dllcache\shdocvw.dll
2008-04-21 15:03 151040 --------- C:\WINDOWS\system32\dllcache\cdfview.dll
2008-04-21 15:03 1054208 --------- C:\WINDOWS\system32\dllcache\danim.dll
2008-04-21 15:03 1023488 --------- C:\WINDOWS\system32\dllcache\browseui.dll
2008-04-20 13:07 161792 --------- C:\WINDOWS\system32\dllcache\ieakui.dll
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{39D67F39-6F48-438A-80A2-F86FE363C215}]
2008-06-25 18:18 28800 --a------ C:\WINDOWS\system32\nnnnKBur.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7E53D4E9-4C2D-40FA-AFB8-83BA12C58DDB}]
2008-06-25 18:23 321920 --a------ C:\WINDOWS\system32\fcccbaWo.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OfficeScanNT Monitor"="C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe" [2005-08-31 15:21]
"3a81bac8"="C:\WINDOWS\system32\bdsjbrlo.dll" [2008-07-09 09:28]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-14 00:24]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 16:00]
"antivirus-2008pro.exe"="C:\Program Files\Antivirus 2008 PRO\antivirus-2008pro.exe" [2008-06-25 18:14]
"WinSpywareProtect"="C:\Documents and Settings\All Users\Application Data\ADSL Software Ltd\WinSpywareProtect\winspywareprotect.exe" [2008-06-25 18:16]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
"Explorer"=xiao.vbs
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{39D67F39-6F48-438A-80A2-F86FE363C215}"= C:\WINDOWS\system32\nnnnKBur.dll [2008-06-25 18:18 28800]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\nnnnKBur]
nnnnKBur.dll 2008-06-25 18:18 28800 C:\WINDOWS\system32\nnnnKBur.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\acaegmgr.exe]
DEBUGGER=SDF
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ahnsd.exe]
DEBUGGER=SDF
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ahnsdsv.exe]
DEBUGGER=SDF
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\APVXDWIN.exe]
DEBUGGER=SDF
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\arvmon.exe]
DEBUGGER=SDF
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\auto.exe]
DEBUGGER=SDF
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\AVENGINE.exe]
DEBUGGER=SDF
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avg.exe]
DEBUGGER=SDF
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avgnt.exe]
DEBUGGER=SDF
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avguard.exe]
DEBUGGER=SDF
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ccapp.exe]
DEBUGGER=SDF
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ccevtmgr.exe]
DEBUGGER=SDF
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ccsetmgr.exe]
DEBUGGER=SDF
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\defwatch.exe]
DEBUGGER=SDF
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\egui.exe]
DEBUGGER=SDF
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ekrn.exe]
DEBUGGER=SDF
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fwmain.exe]
DEBUGGER=SDF
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\gr9x3863r.exe]
DEBUGGER=SDF
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\guid.exe]
DEBUGGER=SDF
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\kissvc.exe]
DEBUGGER=SDF
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\kvxp.exe]
DEBUGGER=SDF
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\kvxp_1.exe]
DEBUGGER=SDF
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Mcshield.exe]
DEBUGGER=SDF
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mpstart.exe]
DEBUGGER=SDF
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\navw32.exe]
DEBUGGER=SDF
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\PAVFNSVR.exe]
DEBUGGER=SDF
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\psview.exe]
DEBUGGER=SDF
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\SMC.exe]
DEBUGGER=SDF
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\snipesword.exe]
DEBUGGER=SDF
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\spidernet.exe]
DEBUGGER=SDF
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\srgui.exe]
DEBUGGER=SDF
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ssm.exe]
DEBUGGER=SDF
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Tbmon.exe]
DEBUGGER=SDF
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\TBSCAN.exe]
DEBUGGER=SDF
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\THGUARD.exe]
DEBUGGER=SDF
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\TrojanHunter.exe]
DEBUGGER=SDF
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\woptiutilities.exe]
DEBUGGER=SDF
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\wsyscheck.exe]
DEBUGGER=SDF
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ZONEALARM.exe]
DEBUGGER=SDF
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\fcccbaWo
"Notification Packages"= scecli AsWlnPkg
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-2000478354-1682526488-839522115-8399\Scripts\Logon\0\0]
"Script"=sa.bat
SafeBoot registry key needs repairs. This machine cannot enter Safe Mode.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys]
@="Driver"
R1 AmdK8;AMD Processor Driver;C:\WINDOWS\system32\DRIVERS\AmdK8.sys
R1 ClntMgmt.sys;ClntMgmt.sys;C:\WINDOWS\system32\Drivers\ClntMgmt.sys
R1 eabfiltr;EABFiltr;\??\C:\WINDOWS\system32\drivers\EABFiltr.sys
R1 IPSECDRV;SafeNet IPSec Plugin;\??\C:\WINDOWS\system32\Drivers\IPSECDRV.sys
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI;C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
R2 ASChannel;Local Communication Channel;C:\WINDOWS\System32\svchost.exe -k Cognizance
R2 Crypto;Crypto;\??\C:\WINDOWS\system32\Drivers\Crypto.sys
R2 ntrtscan;OfficeScanNT RealTime Scan;C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
R2 TM_CFW;Common Firewall Driver;\??\C:\Program Files\Trend Micro\OfficeScan Client\tm_cfw.sys
R2 TmFilter;Trend Micro Filter;\??\C:\Program Files\Trend Micro\OfficeScan Client\TmXPFlt.sys
R2 tmlisten;OfficeScanNT Listener;C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe
R2 TmPreFilter;Trend Micro PreFilter;\??\C:\Program Files\Trend Micro\OfficeScan Client\TmPreFlt.sys
R2 VSApiNt;Trend Micro VSAPI NT;\??\C:\Program Files\Trend Micro\OfficeScan Client\VSApiNt.sys
R3 CAMCAUD;Conexant AMC Audio;C:\WINDOWS\system32\drivers\camc6aud.sys
R3 CAMCHALA;CAMCHALA;C:\WINDOWS\system32\drivers\camc6hal.sys
R3 DNE;Deterministic Network Enhancer Miniport;C:\WINDOWS\system32\DRIVERS\dne2000.sys
R3 DniVap;SafeNet WAN Miniport (VA);C:\WINDOWS\system32\DRIVERS\vap.sys
R3 HSFHWATI;HSFHWATI;C:\WINDOWS\system32\DRIVERS\HSFHWATI.sys
R3 SynTP;Synaptics TouchPad Driver;C:\WINDOWS\system32\DRIVERS\SynTP.sys
S3 eabusb;eabusb;\??\C:\WINDOWS\system32\drivers\eabusb.sys
S3 GTIPCI21;GTIPCI21;C:\WINDOWS\system32\DRIVERS\gtipci21.sys
S3 odserv;Microsoft Office Diagnostics Service;"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE"
S3 sdbus;sdbus;C:\WINDOWS\system32\DRIVERS\sdbus.sys
S3 tifm21;tifm21;C:\WINDOWS\system32\drivers\tifm21.sys
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Cognizance ASChannel
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{45d83df0-4bbb-11dd-8c6f-babef0cd1183}]
AutoRun\command- wscript.exe xiao.vbs
find\Command- wscript.exe xiao.vbs
open\Command- wscript.exe xiao.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{654e6360-40f7-11dd-8c53-babea0cb1183}]
AutoRun\command- wscript.exe xiao.vbs
find\Command- wscript.exe xiao.vbs
open\Command- wscript.exe xiao.vbs
Contents of the 'Scheduled Tasks' folder
2008-07-11 04:22:00 C:\WINDOWS\Tasks\At1.job
************************************************************
**************
catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-11 12:28:55
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Reinstall\\24\xe1\21]
"DisplayName"="\x9458\x225\x9458\x225\1"
"DeviceDesc"="\x9458\x225\x9458\x225\1"
"ProviderName"="\xfed4\21\xee18\x7c90\xff44\21\b"
"MFG"="\x564"
"ReinstallString"="C:\WINDOWS\System32\ReinstallBackups\\xe114\21\x80\xc010\DriverFiles\.INF"
"DeviceInstanceIds"=str(7):"c:\swsetup\vid2\sbdrv\smbus\smbusati.inf"
scanning hidden files ...
scan completed successfully
hidden files: 0
************************************************************
**************
Completion time: 2008-07-11 12:30:16
C:\ComboFix-quarantined-files.txt ... 2008-07-11 12:30
--- E O F ---
nie dia dari combo fix
-
sory la geng......
IE tu aku dah try setkan default homepage dia...... tapi dia aku kuar jugak about:blank.... tapi yang peliknya FF ok je run cantik... aku pakai firefox... tapi nak tahu cam ne nak solve kan benda nie..... ke ada spyware atau malware atau virus yang block nie
-
tu repeater yang di pacthes ..dan pengunaan pada linksys model WRT54GL..kalau model lain.. kan naya.. tak configure...
pada sharizal ... ko leh bagi tau tak model apa nak guna.. kalau takde router lagi leh la beli model tu keduanya sekali... kalau ada satu contoh dlink or aztech.. mean ko kena beli wireless repeater plus acces point....
kalau nak pakai cable beli wireless extended....
kena pakai sama brand la router wireless tu... em nampaknya x ble buat la.... coz satu cap PROLONIK satu CAP WRT54GL.........
kena pakai cable jugak la....
-
akum
kenape ie akutak boleh surf..... cam kena block je....
kat address bar kuar about:blank je.... homepage kuar kosong....... tapi monzila ok
plze
-
selain tu apa cara nak bunang spyware tu
-
nk tk aku bg apachee mereng ngn apachee mengganas..???kang moderator band aku plak...cam takut je bunyi...... apa benda tu.....
MOD takm kisah kot... coz nak try AV je bukan nak buat apa-apa pun...
apa effect klu kena serang dek Virus ko tu
-
akum
kat labtop aku dah kena spyware kot.... kuar iklan mcm2 suruh beli... aku dah buat dengan combo fix... dan smartfraudfix tapi x hilang benda tu.... aku try uninstall tapi tak ble.... try buang kat program files kat C tetap tak ble cma ne nak buang benda yang menyusahkan nie
plze help me
-
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
dia kuar benda tu nape
aku update slalu AV aku....
aku rasa ok kot AV aku coz aku tak ble download benda tu...... dan tgkj kat protection status mmg ada yang site diblok
pendapat ko.... tapi x kuar mesej cam ko
-
salam all....ada tak sesapa ble ajar sya wat web site utk web sklh...sya tgh merangkak buat guna dreamweaver mx...tapi masih baru ngan program ni n masih blur g.....
so ble la kta sama2 belajar kpd membe2 yg terer wat web site
aku syor guna JOOMLa sng dan mudah cepat siap
sekadar pandangan
-
ko dah update blm? nak tau bkesan ke x ko cari virus la letak dlm pc ko tu...masalahnya ada satu benda di download kat pc memeber aku pakai AVG terus detect tapi ESET tak ada apa-apa pun...
-
akum semua
aku ada pakai esest nod 32 yang biskut tawar... tapi aku duk tgk dia tak ada detect apa2 pun so cam ne tahu tahu AV yang didownload tu berkesan... contohnya cam virus yang mudah nak bagi test kat AV tu
-
cube tgok info di situtq
dah faham ttg WDS... tapi cam ne nak setting dia kat site tu kurang faham coz masalah bahasa
-
ngko punyer kes pun sama mcm aku nak buat...aku guna 2 router wrt54gl, pastu aku sambung guna WDS.
save sket x pyh nak tarik cable panjang2....
wpun jd separuh, tp still ok lg speed dia...
WDS apa dia ye kurang tahu la ... cam nme nak buat line tanpa pakai wire coz cdg aku sok nak tarik wayar dari AP 1 ke AP 2(wrt54gl) tapi dah try ok jln ....
-
jarak wireless baru tu tak jauh dalam 50 meter...... yang lama untuk tingkat bawah yang baru untuk tingkat atas.... wirelea router yang baru linsys WRT54G..... apa kaedah yang paling senang nak buat.... coz aku pun kurang lagi ilmu dalam network nie....
-
akum semua
cam gambar kat atas cam ne nak setkan router wireless yang baru tu ... nak setkan sebagai apa.....repeater ke......coz nak letak satu lagi access point kat blok lain
-
uiks... monitor bleh jd cam ular? bahaya tu...mesti monitor ko dah lama pakai kan? aku aku rasa monitor ko dah cukup umur kot... beli jela monitor baru..
ye ke bukan grafik kad ke... duit lagi
-
akum semua
kenapa monitor aku gambar nya tetiba jadi senget... jadi cam ular... maksudnya screen tak betul.... monitor rosak ke.... atau ada sebab lain
-
macam mana plak dengan wireless.... member sebelah dapat kita plak limited ... apa problemnya
-
Setahu aku.. kalau router tu tukar mode modem nye jadi bridge maka aktif remote end point jadi 1 sahaja utk pppoe .. dlm kes ni.. kalau pc tu dlm keaadan biasa maka pc tu boleh buat session pppoe.... manakala wireless tu tidak.. cam tu la sebaliknya.so kalau keadaan mcm ni sila config balik router tu as pppoe client dan run NAT mcm biasa.. so pc dan wireless run internet bersama.
maksud tuan.... router x ble setting sebagai bridge la kena setup bagi PPOE... emmm tq...
satu lagi nak tanya NAT kena disable ke enable....... apa fungsi NAT nie
-
dns ko betul ke?kena ejah dns gak ke... apa nombor dns tu dns tu letak kat pc ke lap top
-
akum aku ada satu prob
aku punya router di sambungkan dengan PC aku dan wireles aku ada password
aku punya router setting sebagai bridge x pakao PPOE maksudnya kena dial la baru ble connect..... masalahnya bila nak connect kat laptop x ble masuk aku dah masukkan password.. dan kat display bawah kat jam dah tunjukk dah connect... apa kena nie aku x tahu... aku try ping router ok je... ping yahoo x dapat.... harap jasa baik kawan2 dan otai2 bantu saya
-
akum semua
aku nak tau cam ne nak tukar warna brush.... coz asyik warna putih je.... cam ne nak tukar warna bagi warna lain
-
akum semua
aku test speed intenet aku dengan 3 cara
1) TM NET SPEEDO METER : DOWNLOAD :402kbps
UPLOAD : 390kbps
2) http://speedtest.net/ :DOWNLOAD : 171
UPLOAD : 117
30 http://www.speed.jaring.my/ :DOWNLOAD :27.2
UPLOAD :227
nak tahu kenapa berbeza x sama keputusan speed intenet dan mana satu nak percaya nie...
Conection Interuprt
in Pejabat & Internet
Posted · Report reply
Connection Interrupted
The connection to the server was reset while the page was loading.
The network link was interrupted while negotiating a connection. Please try again.
kenapa selalu kuar mesej tu bla aku pakai intenet.... apa maslahnya