azam05 0 Report post Posted April 12, 2005 a'kum. sy dah lama tak msk putera.com ni.sy nak tny mcmana nak clear kan kat adrees bar dlm internet optins. sy dah delete kt history tp link laman web yg kita lawati masih ada. sy dh godek2 termasuk reset web setting. autocomplete, buat default semua kt internet option.jd skarang sy nak wat set kt adress bar www.yahoo.com shj. ade sape2 blh bantu? timer kasih. Quote Share this post Link to post Share on other sites
potong 0 Report post Posted April 12, 2005 (edited) browser apa tu, ie ke?senanag citer ko clearkan semua la, kat tool -> internet options -> clear history,pastu klik delete cookies, -> ok klik delete files -> tick delete all offline contents -> klik okklik oktutup browser, buka semula, check dah hilang tak address tu..atau ko maksudkan default page tu?klu tak berubah juga aku rasa browser tu kena hijack,ko try dgn hijackthis dan spyware remover yg lain.okies~ Edited April 12, 2005 by potong Quote Share this post Link to post Share on other sites
azam05 0 Report post Posted April 12, 2005 aku dah buat cara tu tp masih tak hilang kt adress bar. aku tak mahu ada senarai laman yg telah dilawati kt adress tu. contohnya aku nak ubah dr www.yahoo.com kpd forum.putera.com tp bila kita scroll down, link web site yg pernah dilawati masih ada. so? Quote Share this post Link to post Share on other sites
joetbg_x 0 Report post Posted April 12, 2005 right click kat Taskbar -> Properties -> Start Menu -> Customize... -> Clear.ini kat Windows XP. tp klu nak Windows lain pun, sama je konsep dia. Quote Share this post Link to post Share on other sites
Hackezkk 4 Report post Posted April 12, 2005 ni musti masuk website terlarang nihhh Quote Share this post Link to post Share on other sites
scorps 1 Report post Posted April 12, 2005 right click kat Taskbar -> Properties -> Start Menu -> Customize... -> Clear.ini kat Windows XP. tp klu nak Windows lain pun, sama je konsep dia.←haaa..try buat cam kwn kita bagitau tuu..aku dah try buat,mmg abih semua diclearkan...ilmu baru ni... Quote Share this post Link to post Share on other sites
azam05 0 Report post Posted April 12, 2005 dok aih.. aku download lagu/movie je tp terkeluar gak porn site nih!!tak boleh juga.... ada cara lain tak? Quote Share this post Link to post Share on other sites
civ3 9 Report post Posted April 12, 2005 dok aih.. aku download lagu/movie je tp terkeluar gak porn site nih!!tak boleh juga.... ada cara lain tak?←wahahaha..kantoi!! masuk web porn² ke? aku rasa kau punye IE dah kene hijack tu.... kau pi d/l benda ni dulu.... :sila check ngan spyware software like TMIS 2005microsoft antispywarespyblasterhijackthislavasoftspybotpastu...kalau kau ade d/l hijackthis...kau scan...pastu kau pastekan kau punye log file kat sini....aku nak tgk Quote Share this post Link to post Share on other sites
azam05 0 Report post Posted April 14, 2005 ni aku dah run hijackthis......Logfile of HijackThis v1.99.1Scan saved at 09:58:22, on 04/14/2005Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\System32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exeC:\Program Files\Norton AntiVirus\navapsvc.exeC:\WINDOWS\system32\spupdsvc.exeC:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exeC:\WINDOWS\System32\hkcmd.exeC:\WINDOWS\System32\Msroot.exeC:\Program Files\Common Files\Real\Update_OB\realsched.exeC:\Program Files\Winamp\Winampa.exeC:\WINDOWS\system32\rundll32.exeC:\WINDOWS\system32\qttask.exeC:\PROGRA~1\BUTTER~1\BO1HEL~1.EXEC:\PROGRA~1\NORTON~1\navapw32.exeC:\Program Files\Media Access\MediaAccK.exeC:\Program Files\Media Access\MediaAccess.exeC:\WINDOWS\system32\spnpinst.exeC:\Program Files\Messenger\msmsgs.exeC:\WINDOWS\system32\ctfmon.exeC:\WINDOWS\system32\Sysocmgr.exeC:\Program Files\Microsoft Office\Office10\msoffice.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Winamp\winamp.exeC:\Documents and Settings\Administrator\My Documents\FAIL ZAMRI\HijackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/...rch/search.htmlR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://red.clientapps.yahoo.com/customize/...://my.yahoo.comR1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.comR3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)O1 - Hosts: 12.129.205.209 search.netscape.com12.129.205.209 sitefinder.verisign.comO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dllO2 - BHO: URLLink Class - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet6_38.dllO2 - BHO: (no name) - {82315A18-6CFB-44a7-BDFD-90E36537C252} - (no file)O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dllO3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dllO4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exeO4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exeO4 - HKLM\..\Run: [RPC] C:\WINDOWS\System32\MShosts.exeO4 - HKLM\..\Run: [iMClass] C:\WINDOWS\System32\Msroot.exeO4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osbootO4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe"O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -sO4 - HKLM\..\Run: [QuickTime Task] C:\WINDOWS\system32\qttask.exeO4 - HKLM\..\Run: [bO1HelperStartUp] C:\PROGRA~1\BUTTER~1\BO1HEL~1.EXE /partner BO1O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exeO4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exeO4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exeO4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /backgroundO4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXEO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000O9 - Extra button: Clean - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\cprivacyFree\cPrivacy (file missing)O9 - Extra 'Tools' menuitem: &C-Privacy - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\cprivacyFree\cPrivacy (file missing)O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO10 - Hijacked Internet access by New.NetO10 - Hijacked Internet access by New.NetO10 - Hijacked Internet access by New.NetO10 - Hijacked Internet access by New.NetO16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/CDT/ie/bridge-c18.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{3803C3E6-F4DE-48F3-A5DB-6445C971F28E}: NameServer = 10.20.16.2,10.20.16.3O17 - HKLM\System\CCS\Services\Tcpip\..\{4EBA62D8-2B5D-44CF-8FDF-181B62A856C1}: NameServer = 10.20.16.3,10.20.16.2O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dllO23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exeO23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exeO23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exeO23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exeso mcmana? aku dah check kt internet option tp ado gak link tu. ponin... Quote Share this post Link to post Share on other sites
darkjedi 0 Report post Posted April 14, 2005 Windows Washer 5.5 Retail Version ftp://ftp.tm.net.my/incoming/darkvader/windowsWasher_5.5.exeKo download sini install okies Quote Share this post Link to post Share on other sites
civ3 9 Report post Posted April 14, 2005 (edited) buang benda useless ni :C:\Program Files\Media Access\MediaAccK.exefix benda ni:R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)O1 - Hosts: 12.129.205.209 search.netscape.com12.129.205.209 sitefinder.verisign.comO2 - BHO: URLLink Class - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet6_38.dlO2 - BHO: (no name) - {82315A18-6CFB-44a7-BDFD-90E36537C252} - (no file)O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -sO4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exeO9 - Extra button: Clean - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\cprivacyFree\cPrivacy (file missing)O9 - Extra 'Tools' menuitem: &C-Privacy - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\cprivacyFree\cPrivacy (file missing)O10 - Hijacked Internet access by New.NetO16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/CDT/ie/bridge-c18.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{3803C3E6-F4DE-48F3-A5DB-6445C971F28E}: NameServer = 10.20.16.2,10.20.16.3O17 - HKLM\System\CCS\Services\Tcpip\..\{4EBA62D8-2B5D-44CF-8FDF-181B62A856C1}: NameServer = 10.20.16.3,10.20.16.2O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dlaku galakkan kau d/l spybot kat sini..pastu masuk safemode..pastu scan dan fixedkan dan juga pastikan kau imunizekan sume benda yg kau dah scan ni.. Edited April 14, 2005 by civ3 Quote Share this post Link to post Share on other sites
azam05 0 Report post Posted April 15, 2005 ok aku dah dpt buang. install spybot dan hijackthis.thank all. Quote Share this post Link to post Share on other sites
civ3 9 Report post Posted April 15, 2005 so IE kau tu dah ok ke? dah kembali pada yg asal? Quote Share this post Link to post Share on other sites
SleepSheep 0 Report post Posted April 15, 2005 R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)O1 - Hosts: 12.129.205.209 search.netscape.com12.129.205.209 sitefinder.verisign.comO2 - BHO: URLLink Class - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet6_38.dlO2 - BHO: (no name) - {82315A18-6CFB-44a7-BDFD-90E36537C252} - (no file)O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -sO4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exeO9 - Extra button: Clean - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\cprivacyFree\cPrivacy (file missing)O9 - Extra 'Tools' menuitem: &C-Privacy - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\cprivacyFree\cPrivacy (file missing)O10 - Hijacked Internet access by New.NetO16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/CDT/ie/bridge-c18.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{3803C3E6-F4DE-48F3-A5DB-6445C971F28E}: NameServer = 10.20.16.2,10.20.16.3O17 - HKLM\System\CCS\Services\Tcpip\..\{4EBA62D8-2B5D-44CF-8FDF-181B62A856C1}: NameServer = 10.20.16.3,10.20.16.2O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dlR3,01,02,04...020 tue semua adalah code number..so sape yg taktau lagi makna code2 tersebut ...leh check kt sini...http://castlecops.com/HijackThis.html..harap dapat membantu Quote Share this post Link to post Share on other sites
vaLve 0 Report post Posted April 15, 2005 leww. sng pakai software windows washer tuh. better beb. bez. dia clear smua history pc n lain2 lagik. bleh setting. okek ? Quote Share this post Link to post Share on other sites
civ3 9 Report post Posted April 15, 2005 leww. sng pakai software windows washer tuh. better beb. bez. dia clear smua history pc n lain2 lagik. bleh setting. okek ? ←pakai Hijackthis lagi besh! boleh explore registry lagi..... Quote Share this post Link to post Share on other sites
civ3 9 Report post Posted April 15, 2005 azam05..kau boleh gak d/l CWShredder (search kat google)....utk merestorekan IE kau kepada yg asal... Quote Share this post Link to post Share on other sites
vaLve 0 Report post Posted April 15, 2005 Hijackthis nk dpt kt mna ekk ? bagik screen shot dia sket bleyh x ? Quote Share this post Link to post Share on other sites
civ3 9 Report post Posted April 15, 2005 (edited) hijackthistgk kat sini gambar Edited April 15, 2005 by civ3 Quote Share this post Link to post Share on other sites
alucard 0 Report post Posted April 15, 2005 Sebab tuu aku lebih prefer guna web browser yang lain macam firefox kee opera kee...pasal IExplorer mudah sangat kena hijack ... security dia lack betul ... aku punya IExplorer dulu pun dah kena hijack ... susah2 format terus komputer...skrang dah jarang guna Iexplorer ... peliknya webrowser yang lain tak pernah plak kena hijack ??? Quote Share this post Link to post Share on other sites
civ3 9 Report post Posted April 15, 2005 Sebab tuu aku lebih prefer guna web browser yang lain macam firefox kee opera kee...pasal IExplorer mudah sangat kena hijack ... security dia lack betul ... aku punya IExplorer dulu pun dah kena hijack ... susah2 format terus komputer...skrang dah jarang guna Iexplorer ... peliknya webrowser yang lain tak pernah plak kena hijack ???←format bukan jalan yg bijak....kalau dah kene hijack....kenelah tau cara² nak fix IE tu semula.....huhu...gunalah firefox kalau nak elakkan kene hijack..... Quote Share this post Link to post Share on other sites
scorps 1 Report post Posted April 17, 2005 format bukan jalan yg bijak....kalau dah kene hijack....kenelah tau cara² nak fix IE tu semula.....huhu...gunalah firefox kalau nak elakkan kene hijack..... ←opera pon boleh juga .....heheheeehehhee.... Quote Share this post Link to post Share on other sites
azam05 0 Report post Posted April 20, 2005 buang benda useless ni :C:\Program Files\Media Access\MediaAccK.exefix benda ni:R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)O1 - Hosts: 12.129.205.209 search.netscape.com12.129.205.209 sitefinder.verisign.comO2 - BHO: URLLink Class - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet6_38.dlO2 - BHO: (no name) - {82315A18-6CFB-44a7-BDFD-90E36537C252} - (no file)O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -sO4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exeO9 - Extra button: Clean - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\cprivacyFree\cPrivacy (file missing)O9 - Extra 'Tools' menuitem: &C-Privacy - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\cprivacyFree\cPrivacy (file missing)O10 - Hijacked Internet access by New.NetO16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/CDT/ie/bridge-c18.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{3803C3E6-F4DE-48F3-A5DB-6445C971F28E}: NameServer = 10.20.16.2,10.20.16.3O17 - HKLM\System\CCS\Services\Tcpip\..\{4EBA62D8-2B5D-44CF-8FDF-181B62A856C1}: NameServer = 10.20.16.3,10.20.16.2O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dlaku galakkan kau d/l spybot kat sini..pastu masuk safemode..pastu scan dan fixedkan dan juga pastikan kau imunizekan sume benda yg kau dah scan ni..←a'kum civ3. aku tak bleh clear plak. ari tu blh. link kt adress bar tu tak mau hilang dah. dah mask spybot, hijackthis dan ad ware SE aku dah buat ape yg ko ajar tu. run dlm sspybot dlm save mode pun.... takbleh dah. Quote Share this post Link to post Share on other sites
civ3 9 Report post Posted April 20, 2005 a'kum civ3. aku tak bleh clear plak. ari tu blh. link kt adress bar tu tak mau hilang dah. dah mask spybot, hijackthis dan ad ware SE aku dah buat ape yg ko ajar tu. run dlm sspybot dlm save mode pun.... takbleh dah.←w'kumslm w.h.t...... hm..... kau try CWShredder kat sinilepas d/l tuh..kau double klik...pastuh kau klik fix... Quote Share this post Link to post Share on other sites
heaven x 6 Report post Posted April 20, 2005 nih sah² root spyware tuh dok main nyorok² nih..aku rasa dulu ada org kasik cara nak clean spyware mcm ko tuh..tapi panjang woo teknik dia..nanti aku cari kalo jumpa.. Quote Share this post Link to post Share on other sites