cili 0 Report post Posted January 29, 2006 Logfile of HijackThis v1.99.1Scan saved at 11:22:00 AM, on 1/29/2006Platform: Windows XP (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 (6.00.2600.0000)Running processes:C:\WINNT\System32\smss.exeC:\WINNT\system32\winlogon.exeC:\WINNT\system32\services.exeC:\WINNT\system32\lsass.exeC:\WINNT\system32\svchost.exeC:\WINNT\System32\svchost.exeC:\WINNT\system32\LEXBCES.EXEC:\WINNT\system32\spoolsv.exeC:\WINNT\system32\LEXPPS.EXEC:\WINNT\Explorer.EXEC:\WINNT\system32\dla\tfswctrl.exeC:\Program Files\QuickTime\qttask.exeC:\WINNT\VM_STI.EXEC:\Program Files\Common Files\Real\Update_OB\realsched.exeC:\WINNT\System32\P2P Networking\P2P Networking.exeC:\Program Files\SurfAccuracy\SAcc.exeD:\Winamp\winampa.exeC:\Program Files\MediaGateway\MediaGateway.exeC:\Program Files\Kazaa\kazaa.exeC:\Program Files\iTunes\iTunesHelper.exeC:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exeC:\Program Files\Java\jre1.5.0_06\bin\jusched.exeC:\Program Files\Sonique\sqstart.exeC:\Program Files\Messenger\msmsgs.exeC:\WINNT\System32\ctfmon.exeC:\Program Files\TBONBin\tbon.exeC:\Program Files\Yahoo!\Messenger\ypager.exeC:\Program Files\Common Files\DataViz\DvzIncMsgr.exeC:\Program Files\Common Files\Sonic Shared\cinetray.exeC:\Program Files\VIA Technologies, Inc\VIA Audio Driver Setup Program\AudioDeck\AudioDeck.exeC:\Program Files\palmOne\HOTSYNC.EXEC:\Program Files\ScanSoft\NaturallySpeaking\Program\natspeak.exeC:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exeC:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exeC:\WINNT\System32\CTsvcCDA.EXEC:\WINNT\System32\gearsec.exeC:\WINNT\System32\nvsvc32.exeC:\WINNT\System32\svchost.exeC:\Program Files\iPod\bin\iPodService.exeC:\WINNT\System32\wuauclt.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Documents and Settings\IMRAN1\Desktop\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.htmlR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.comR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.htmlR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.comR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.comR3 - Default URLSearchHook is missingO2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dllO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dllO2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO2 - BHO: RXResultTracker Class - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - C:\PROGRA~1\RXTOOL~1\sfcont.dllO2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dllO2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINNT\system32\dla\tfswshx.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dllO3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocxO3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dllO3 - Toolbar: RX Toolbar - {25D8BACF-3DE2-4B48-AE22-D659B8D835B0} - C:\Program Files\RXToolBar\RXToolBar.dllO3 - Toolbar: Zango Toolbar - {EA0D26BD-9029-431A-86E0-83152D67828A} - C:\Program Files\Zango Programs\Zango Toolbar\ZangoTB.dll (file missing)O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logonO4 - HKLM\..\Run: [dla] C:\WINNT\system32\dla\tfswctrl.exeO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [nwiz] nwiz.exe /installO4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottimeO4 - HKLM\..\Run: [bigDogPath] C:\WINNT\VM_STI.EXE VIMICRO USB PC CameraO4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osbootO4 - HKLM\..\Run: [updateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /rO4 - HKLM\..\Run: [P2P Networking] C:\WINNT\System32\P2P Networking\P2P Networking.exe /AUTOSTARTO4 - HKLM\..\Run: [bEQCEfdoD] C:\WINNT\qwkhrnm.exeO4 - HKLM\..\Run: [surfAccuracy] C:\Program Files\SurfAccuracy\SAcc.exeO4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -kO4 - HKLM\..\Run: [WinampAgent] D:\Winamp\winampa.exeO4 - HKLM\..\Run: [MediaGateway] C:\Program Files\MediaGateway\MediaGateway.exeO4 - HKLM\..\Run: [KAZAA] C:\Program Files\Kazaa\kazaa.exe /SYSTRAYO4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exeO4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUPO4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exeO4 - HKCU\..\Run: [soniqueQuickStart] C:\Program Files\Sonique\sqstart.exe -nostickO4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /backgroundO4 - HKCU\..\Run: [ctfmon.exe] C:\WINNT\System32\ctfmon.exeO4 - HKCU\..\Run: [tbon] C:\Program Files\TBONBin\tbon.exe /rO4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quietO4 - Startup: HotSync Manager.lnk = C:\Program Files\palmOne\HOTSYNC.EXEO4 - Startup: Dragon NaturallySpeaking.lnk = C:\Program Files\ScanSoft\NaturallySpeaking\Program\natspeak.exeO4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXEO4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Common Files\DataViz\DvzIncMsgr.exeO4 - Global Startup: Sonic CinePlayer Quick Launch.lnk = C:\Program Files\Common Files\Sonic Shared\cinetray.exeO4 - Global Startup: AudioDeck.lnk = C:\Program Files\VIA Technologies, Inc\VIA Audio Driver Setup Program\AudioDeck\AudioDeck.exeO4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exeO8 - Extra context menu item: &Search - http://kl.bar.need2find.com/KL/menusearch.html?p=KLO8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htmO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htmO8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htmO8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htmO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dllO9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dllO16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) - O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dllO17 - HKLM\System\CCS\Services\Tcpip\..\{C604C0B6-2644-4C07-A0D5-8199EDD2442D}: NameServer = 202.188.0.133 202.188.1.5O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\PROGRA~1\RXTOOL~1\sfcont.dllO23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exeO23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exeO23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINNT\System32\CTsvcCDA.EXEO23 - Service: Gear Security Service (GEARSecurity) - GEAR Software - C:\WINNT\System32\gearsec.exeO23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINNT\system32\LEXBCES.EXEO23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exeapa problem comp aku ?perlu reinstall win xp tak ? Share this post Link to post Share on other sites
BraDeRz 0 Report post Posted January 29, 2006 buat tajuk yg bagus2 sket "sila periksa hiujackthis aku" ke..buat aku suspen jek... Share this post Link to post Share on other sites
C-Fu 0 Report post Posted January 29, 2006 apa problem comp aku ?←ntahape prob pc ko? Share this post Link to post Share on other sites
Langiler 0 Report post Posted January 29, 2006 hehehe... terkejut beso den...Ingat kan C-Fu kita dah buat masalah kat kom ko...oi.. kalo dah x tau apa prob kom ko tu.. format jer la..macam den.. 2 kali sebulan den format kom...Sekuriti... Share this post Link to post Share on other sites
C-Fu 0 Report post Posted January 29, 2006 tu bodo bukan sekuriti Share this post Link to post Share on other sites
polyfuze_4336 0 Report post Posted January 29, 2006 uii ayat..tak ingat...biar la kat die nk format komp die 2 kali sebulan pun...die rajin.. Share this post Link to post Share on other sites
witchblade 0 Report post Posted January 29, 2006 uii ayat..tak ingat...biar la kat die nk format komp die 2 kali sebulan pun...die rajin.. ←AII KALAU NAK DENGAR AYAT YG BEST2..AKU RASA JGN HARAP DARI CIPU LA.. Share this post Link to post Share on other sites
polyfuze_4336 0 Report post Posted January 29, 2006 tapi sebnarnye kalau ade masalah sket2 format tak bagus gak..tu macam cari jalan mudah nak kuar dari masalah..sampai bile pun tak maju dalam bidang nie..baik bile ade masalah ngan komp or OS ..cube cari dulu apa sebabnyer..apa solution2 yang mungkin...pastu try troubleshoot satu persaatu..maybe lambat sket dari terus format je..tapi ilmu yang bole dapat is so much more...n then if all else fails baru la format komp tue..this is just my opinion though... Share this post Link to post Share on other sites
joetbg_x 0 Report post Posted January 29, 2006 format tu mcm bunuh diri. mmg settle masalah dunia.. Share this post Link to post Share on other sites
bata 0 Report post Posted January 29, 2006 aku setuju dgn polyfuze.....format tu mencarik jln mudah ntuk kluar.....Chow. Share this post Link to post Share on other sites
C-Fu 0 Report post Posted January 29, 2006 aahsame macam jalan mudah untuk dapat duit ngan join program haram autosurf Share this post Link to post Share on other sites
zer0Nehza 7 Report post Posted January 29, 2006 melalut laei dah!!!! Share this post Link to post Share on other sites
Langiler 0 Report post Posted January 29, 2006 hahaha.. saja nak beli HDD baru..tapi den x format sangat kebelakangan nie..caranya mudah gila.. install balik win dalam partittion yg sama..and delete win lama.. heheh.. cara selamat.... Share this post Link to post Share on other sites
cili 0 Report post Posted January 29, 2006 la bukan hari tu korang yg suruh cut n paste hijack punye log.byk problem. cthnya tiba2 asyik dumping memory.kalau firefox. asik tibe2 jer nak tutup semenjak dua menjak nih. Share this post Link to post Share on other sites
enn0suke 0 Report post Posted January 29, 2006 aku cadangkan kalau ko nak buat analisis utk hijackthis log tu ko gi kat http://hijackthis.de & paste log kau kat sana. nanti dia akan kuar analisis mana satu yang perlu direpair. blh belajar repair sendiri & tak harap nak format terus jer.good luck! Share this post Link to post Share on other sites
kuri 0 Report post Posted January 29, 2006 (edited) Huih.buat suspen ajo ha! pegi link yag ino kasik tue...sure cepat ko boleh solve problem ko... Edited January 29, 2006 by kuri Share this post Link to post Share on other sites
polyfuze_4336 0 Report post Posted January 29, 2006 aku rasa threadstarter bole la close topic nie..kalau ko dah analyze hijack this tu..tak paham bole la buka post lain kotthanks Share this post Link to post Share on other sites