cdR 0 Report post Posted November 19, 2004 weh tolong aku sket.maner ntah dtg spyway yg jadikan IE aku kuar benda2 blue je. siap kuar panel utk search sex. Aku dah try anti virus ngan spyware (update skali) tapi masih belum berjaya. So korang ader plan x.sebelum nie kalau aku scan spyware satel terus. Share this post Link to post Share on other sites
RaptorX 0 Report post Posted November 19, 2004 setakat nie aku pakai Lavasoft Ad-aware 6 jerkh.. blom kena hijack lagi ie aku.. anyway sekarang aku prefer pakai mozilla firefox Share this post Link to post Share on other sites
civ3 9 Report post Posted November 19, 2004 (edited) weh tolong aku sket.maner ntah dtg spyway yg jadikan IE aku kuar benda2 blue je. siap kuar panel utk search sex. Aku dah try anti virus ngan spyware (update skali) tapi masih belum berjaya. So korang ader plan x.sebelum nie kalau aku scan spyware satel terus.←hm...masalah kau nie pernah terjadi pd aku gak..... trylah d/l sini.... orsini......hm..selain tuh..try carik die punyer installer dulu....or try pegi registry pegi delete die punyer root tuh....~~tapi selalunyer bler kuar problem camnie..aku akan format jea pc aku tuh....but..other puteranians maybe got other solutions!! Edited November 19, 2004 by civ3 Share this post Link to post Share on other sites
Jeopardice 1 Report post Posted November 19, 2004 mmm...........aku rasa ko delete secara manual kat registry (regedit).......... Share this post Link to post Share on other sites
ruffstuff 0 Report post Posted November 19, 2004 cube macam civ3 cakap.. second option, pakai la browser yg lebih selamat... Share this post Link to post Share on other sites
adr 0 Report post Posted November 19, 2004 lepas run spyware..cuba delete file dlm temp directory. lepas tu run spy ware sekali lagi.last sekali..run register cleaner.thx Share this post Link to post Share on other sites
cdR 0 Report post Posted November 20, 2004 memula aku scan pakai ad aware 6 tapi x de paper.pastu aku dload ad aware SE dapat la tangkap 24 tapi still x berubahpaper pun.pastu aku dload hijackthis dan jumpa 2 registry dan del skrang ok.thanks all. Share this post Link to post Share on other sites
civ3 9 Report post Posted November 20, 2004 u're welcome....so better berhati-hati masa layari internet..kalau nak safe gunelah firefox..... Share this post Link to post Share on other sites
RaptorX 0 Report post Posted November 20, 2004 kalau kita pakai lebih dari 1 antivirus atau spyware bleh ker?just asking nie Share this post Link to post Share on other sites
ruffstuff 0 Report post Posted November 20, 2004 takot AV conflict.. ekk bukan pakai spyware, pakai penghapus spyware... ni kalo lebih takpo... Share this post Link to post Share on other sites
cdR 0 Report post Posted November 20, 2004 aku ingatkan dah satel...aku dah scan del dan macam2 lagi tapi elok pun kejap je. bukak balik browser jadi balik dan IEtoolbar slalu kuar error.nie log dieLogfile of HijackThis v1.98.2Scan saved at 10:16:49 AM, on 11/20/2004Platform: Windows XPÂ (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 (6.00.2600.0000)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\System32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\logonui.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\Explorer.EXEC:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exeC:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXEC:\WINDOWS\System32\winsysec.exeC:\Program Files\Yahoo!\Messenger\ypager.exeC:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exeC:\Program Files\Internet Explorer\IEXPLORE.EXEC:\WINDOWS\System32\wuauclt.exeC:\Program Files\Internet Explorer\IEXPLORE.EXEC:\Program Files\Internet Explorer\IEXPLORE.EXEC:\Documents and Settings\cdr\Local Settings\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://find-on-the-net.com/search.htmR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://web-searcher.infoO2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_5_7_0.dllO2 - BHO: IE Search Toolbar Helper - {2C5175A2-ADF3-4F57-AB70-BA90FD60A383} - C:\Program Files\IESearchToolbar\IESearchToolbar.dllO3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocxO3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_5_7_0.dllO3 - Toolbar: IE Search Toolbar - {EB381422-F797-4A98-A266-9DC490821907} - C:\Program Files\IESearchToolbar\IESearchToolbar.dllO4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exeO4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exeO4 - HKLM\..\Run: [EPSON Stylus C61 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C61 Series" /O6 "USB001" /M "Stylus C61"O4 - HKLM\..\Run: [pcsec] C:\WINDOWS\System32\winsysec.exeO4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /backgroundO4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quietO4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exeO8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htmO8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htmO8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htmO9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dllO9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dllO17 - HKLM\System\CCS\Services\Tcpip\..\{0F74DD07-A6CF-4B14-B7A2-117BC2A30E89}: NameServer = 202.188.1.5,202.188.0.132O17 - HKLM\System\CS1\Services\Tcpip\..\{0F74DD07-A6CF-4B14-B7A2-117BC2A30E89}: NameServer = 202.188.1.5,202.188.0.132O17 - HKLM\System\CS2\Services\Tcpip\..\{0F74DD07-A6CF-4B14-B7A2-117BC2A30E89}: NameServer = 202.188.1.5,202.188.0.132R1 ngan R0 tu kalau ader del pun ader balik. so korang ader suggestion. Jgn cakap format dah la. Share this post Link to post Share on other sites
civ3 9 Report post Posted November 20, 2004 hohoh..belum setel lagi? kalau belum..nampaknyer....kene serahkan kes nie pd yf arif....hanye C-Fu jea yg boleh tolong.....C-Fu..help me to solve this problem.... Share this post Link to post Share on other sites
Jeopardice 1 Report post Posted November 20, 2004 tu maknanyer R1 ngan R0 dah "tertanam" dlm pc ko...........senang citer.........bukak "regedit".............slow2 carik binari dier........pastu delete...........aku pon penah kena camtu.........scan pakai hijack pastu fix tapi x elok2 gak........pastu delete manual kat regedit baru ok........... Share this post Link to post Share on other sites
DarkWan 3 Report post Posted November 20, 2004 mm .. dh terai edit manual kat registry tak ? ko kata delete tu .. tak jelas sangat. delete dlm registry ke? in case jawapan ko is no .. den cube regedit dan carik kat siniHKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Mainko carik string yg value name dia Search Bar, whereas value data dia http://find-on-the-net.com/search.htm, ko delete. ko carik string yg value name dia Start Page, whereas value data dia http://web-searcher.info, ko delete.cadangan aku utk R0 dan R1 .. Share this post Link to post Share on other sites
izwan 1 Report post Posted November 20, 2004 Tak pernah lagi kena spyware dengan Firefox.. mungkin bebila agaknya.. Share this post Link to post Share on other sites
XIJMX 0 Report post Posted November 20, 2004 run HijackThis tu.. pastikan application lain tak running.. (tutup semua window kecuali hijackthis ni..) pastu scan dan tanda menda ni..R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://find-on-the-net.com/search.htmR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://web-searcher.infoO2 - BHO: IE Search Toolbar Helper - {2C5175A2-ADF3-4F57-AB70-BA90FD60A383} - C:\Program Files\IESearchToolbar\IESearchToolbar.dllO3 - Toolbar: IE Search Toolbar - {EB381422-F797-4A98-A266-9DC490821907} - C:\Program Files\IESearchToolbar\IESearchToolbar.dlldan klik fix checked..:: tambahan :: kalo nak buang yg ni pon ok jgk... O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /backgroundO4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quietO4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exelepas tu restart dan try scan balik Share this post Link to post Share on other sites
BigBurn 0 Report post Posted November 21, 2004 cuba scan gune CWShredder 2.0...download kat sini Share this post Link to post Share on other sites
cdR 0 Report post Posted November 21, 2004 cara XIJMX aku dah buat dari semalam lagi. tapi benda tu tumbuh balik.Darkwan nyer cara delete manual pun aku dah delete/modify tapi jadi jugak lagi.Nak try Big Burn nyer solution jap. Share this post Link to post Share on other sites
cdR 0 Report post Posted November 21, 2004 Cara big burn pun mendapat jalan buntu. Detect tapi lepas delete bukak balik browser ader balik. Perghhh kotoran degil betul.Barapa kali dah aku del kat regedit, refrest balik die ader balik.... poning den. Share this post Link to post Share on other sites
DarkWan 3 Report post Posted November 21, 2004 aku rasa kan .. ada program yg tengah main sembunyik sembunyik. bila ko delete entri dlm registry .. dia create balik.cube ko tengok log personal firewall ko .. ko tengok balik program apa yg cube nk connect ke Internet. harap .. dapat membantu ko carik program yg tengah sembunyik tu .. pastu kalo jumpe .. ko delete terus. kalo ko ragu ragu ..ko move je dulu kat disket ke .. in case tu fail windows .. ko copy kan balik fail asal. Share this post Link to post Share on other sites
psychoX 6 Report post Posted November 21, 2004 aku tak pernah try.. tapi harap membantu aaa. kalau sambung ngan ADSL ke modem ke.off kan dulu dari internet. pastu masuk save mode.. try fix melalui save mode.. Share this post Link to post Share on other sites
oshiri 0 Report post Posted November 21, 2004 Aku cadangkan korang semua install yahoo toolbar baru yg ada anti-spy tu.Lepas tu ko run aje anti-spy tu...................... Share this post Link to post Share on other sites
XIJMX 0 Report post Posted November 21, 2004 aik tak setel lagi ke...pc ko tu system restore tgh on ke.. cuba ko Disable system restore tu kejap.. dan tutup semua program lain yg tgh running.. ie, window explorer, etc etc... scan pakai hijackthis.. buang menda2 yg mengarut tu.. dan jgn lupa delete folder C:\Program Files\IESearchToolbar\restart.. scan pakai spybot atau adaware (pastikan update yg latest)..dan pastu cuba paste log terbarup/s: last sekali jgn lupa reenable system restore dan buat restore point baru (kalo ko nak pakai system restore la) Share this post Link to post Share on other sites
ruffstuff 0 Report post Posted November 21, 2004 yepp... tutup system restore.... Share this post Link to post Share on other sites
potong 0 Report post Posted November 21, 2004 aku raser ader lg ler file tu kat x:/windows/system atau system32takpun ader file yg dah infected. Share this post Link to post Share on other sites