C-fu Dan Lain2

[cili 0]

Logfile of HijackThis v1.99.1

Scan saved at 11:22:00 AM, on 1/29/2006

Platform: Windows XP (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:

C:\WINNT\System32\smss.exe

C:\WINNT\system32\winlogon.exe

C:\WINNT\system32\services.exe

C:\WINNT\system32\lsass.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\System32\svchost.exe

C:\WINNT\system32\LEXBCES.EXE

C:\WINNT\system32\spoolsv.exe

C:\WINNT\system32\LEXPPS.EXE

C:\WINNT\Explorer.EXE

C:\WINNT\system32\dla\tfswctrl.exe

C:\Program Files\QuickTime\qttask.exe

C:\WINNT\VM_STI.EXE

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\WINNT\System32\P2P Networking\P2P Networking.exe

C:\Program Files\SurfAccuracy\SAcc.exe

D:\Winamp\winampa.exe

C:\Program Files\MediaGateway\MediaGateway.exe

C:\Program Files\Kazaa\kazaa.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe

C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

C:\Program Files\Sonique\sqstart.exe

C:\Program Files\Messenger\msmsgs.exe

C:\WINNT\System32\ctfmon.exe

C:\Program Files\TBONBin\tbon.exe

C:\Program Files\Yahoo!\Messenger\ypager.exe

C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe

C:\Program Files\Common Files\Sonic Shared\cinetray.exe

C:\Program Files\VIA Technologies, Inc\VIA Audio Driver Setup Program\AudioDeck\AudioDeck.exe

C:\Program Files\palmOne\HOTSYNC.EXE

C:\Program Files\ScanSoft\NaturallySpeaking\Program\natspeak.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

C:\WINNT\System32\CTsvcCDA.EXE

C:\WINNT\System32\gearsec.exe

C:\WINNT\System32\nvsvc32.exe

C:\WINNT\System32\svchost.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\WINNT\System32\wuauclt.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Documents and Settings\IMRAN1\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com

R3 - Default URLSearchHook is missing

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: RXResultTracker Class - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - C:\PROGRA~1\RXTOOL~1\sfcont.dll

O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINNT\system32\dla\tfswshx.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll

O3 - Toolbar: RX Toolbar - {25D8BACF-3DE2-4B48-AE22-D659B8D835B0} - C:\Program Files\RXToolBar\RXToolBar.dll

O3 - Toolbar: Zango Toolbar - {EA0D26BD-9029-431A-86E0-83152D67828A} - C:\Program Files\Zango Programs\Zango Toolbar\ZangoTB.dll (file missing)

O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon

O4 - HKLM\..\Run: [dla] C:\WINNT\system32\dla\tfswctrl.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [bigDogPath] C:\WINNT\VM_STI.EXE VIMICRO USB PC Camera

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [updateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r

O4 - HKLM\..\Run: [P2P Networking] C:\WINNT\System32\P2P Networking\P2P Networking.exe /AUTOSTART

O4 - HKLM\..\Run: [bEQCEfdoD] C:\WINNT\qwkhrnm.exe

O4 - HKLM\..\Run: [surfAccuracy] C:\Program Files\SurfAccuracy\SAcc.exe

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [WinampAgent] D:\Winamp\winampa.exe

O4 - HKLM\..\Run: [MediaGateway] C:\Program Files\MediaGateway\MediaGateway.exe

O4 - HKLM\..\Run: [KAZAA] C:\Program Files\Kazaa\kazaa.exe /SYSTRAY

O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe

O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKCU\..\Run: [soniqueQuickStart] C:\Program Files\Sonique\sqstart.exe -nostick

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINNT\System32\ctfmon.exe

O4 - HKCU\..\Run: [tbon] C:\Program Files\TBONBin\tbon.exe /r

O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet

O4 - Startup: HotSync Manager.lnk = C:\Program Files\palmOne\HOTSYNC.EXE

O4 - Startup: Dragon NaturallySpeaking.lnk = C:\Program Files\ScanSoft\NaturallySpeaking\Program\natspeak.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe

O4 - Global Startup: Sonic CinePlayer Quick Launch.lnk = C:\Program Files\Common Files\Sonic Shared\cinetray.exe

O4 - Global Startup: AudioDeck.lnk = C:\Program Files\VIA Technologies, Inc\VIA Audio Driver Setup Program\AudioDeck\AudioDeck.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O8 - Extra context menu item: &Search - http://kl.bar.need2find.com/KL/menusearch.html?p=KL

O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm

O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm

O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll

O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O17 - HKLM\System\CCS\Services\Tcpip\..\{C604C0B6-2644-4C07-A0D5-8199EDD2442D}: NameServer = 202.188.0.133 202.188.1.5

O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\PROGRA~1\RXTOOL~1\sfcont.dll

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINNT\System32\CTsvcCDA.EXE

O23 - Service: Gear Security Service (GEARSecurity) - GEAR Software - C:\WINNT\System32\gearsec.exe

O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINNT\system32\LEXBCES.EXE

O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe

apa problem comp aku ?

perlu reinstall win xp tak ?

[BraDeRz 0]

buat tajuk yg bagus2 sket "sila periksa hiujackthis aku" ke..

buat aku suspen jek...

[C-Fu 0]

apa problem comp aku ?

←

ntah

ape prob pc ko?

[Langiler 0]

hehehe... terkejut beso den...

Ingat kan C-Fu kita dah buat masalah kat kom ko...

oi.. kalo dah x tau apa prob kom ko tu.. format jer la..

macam den.. 2 kali sebulan den format kom...

Sekuriti...

[C-Fu 0]

tu bodo bukan sekuriti

[polyfuze_4336 0]

uii ayat..tak ingat...biar la kat die nk format komp die 2 kali sebulan pun...die rajin..

[witchblade 0]

uii ayat..tak ingat...biar la kat die nk format komp die 2 kali sebulan pun...die rajin..

←

AII KALAU NAK DENGAR AYAT YG BEST2..AKU RASA JGN HARAP DARI CIPU LA..

[polyfuze_4336 0]

tapi sebnarnye kalau ade masalah sket2 format tak bagus gak..tu macam cari jalan mudah nak kuar dari masalah..sampai bile pun tak maju dalam bidang nie..baik bile ade masalah ngan komp or OS ..cube cari dulu apa sebabnyer..apa solution2 yang mungkin...pastu try troubleshoot satu persaatu..maybe lambat sket dari terus format je..tapi ilmu yang bole dapat is so much more...n then if all else fails baru la format komp tue..

this is just my opinion though...

[joetbg_x 0]

format tu mcm bunuh diri. mmg settle masalah dunia..

[bata 0]

aku setuju dgn polyfuze.....

format tu mencarik jln mudah ntuk kluar.....

Chow.

[C-Fu 0]

aah

same macam jalan mudah untuk dapat duit ngan join program haram autosurf

[zer0Nehza 7]

melalut laei dah!!!!

[Langiler 0]

hahaha.. saja nak beli HDD baru..

tapi den x format sangat kebelakangan nie..

caranya mudah gila.. install balik win dalam partittion yg sama..and delete win lama.. heheh.. cara selamat....

[cili 0]

la bukan hari tu korang yg suruh cut n paste hijack punye log.

byk problem. cthnya tiba2 asyik dumping memory.

kalau firefox. asik tibe2 jer nak tutup semenjak dua menjak nih.

[enn0suke 0]

aku cadangkan kalau ko nak buat analisis utk hijackthis log tu ko gi kat http://hijackthis.de & paste log kau kat sana. nanti dia akan kuar analisis mana satu yang perlu direpair. blh belajar repair sendiri & tak harap nak format terus jer.

good luck!

[kuri 0]

Huih.buat suspen ajo ha! pegi link yag ino kasik tue...sure cepat ko boleh solve problem ko...

Edited January 29, 2006 by kuri

[polyfuze_4336 0]

aku rasa threadstarter bole la close topic nie..kalau ko dah analyze hijack this tu..tak paham bole la buka post lain kot

thanks