dragon

yurckk

HyBriDz

7 posters

Browser infected

DRagon

DRagon: Guest

Post n°1

Browser infected

by DRagon Mon Mar 02, 2009 1:52 pm

ako da pening da ni..ie lam opis ako da kena virus gaknyer...connection ada,tp internet xleh msk..try guna firefox pon xleh...da scan virus pon xdpt resolve gak..wahai sahabat2...tolong la ako..huhuhuhuhu

HyBriDz

HyBriDz: Ahli Baharu; Gender : Male Number of posts : 54
Age : 34
Location : Clunk Valley
Registration date : 13/02/2009

Post n°2

Re: Browser infected

by HyBriDz Wed Mar 04, 2009 3:16 am

aku penah wat benda ni mmg bole, ade software tuk buang ni..tp da mlm ni aku penat la nk tdo..tp klu nk ko pm aku la aku bg ko

yurckk

yurckk: Ahli Baharu; Number of posts : 227
Age : 40
Location : Middle Earth
Registration date : 17/02/2009

Post n°3

Re: Browser infected

by yurckk Wed Mar 04, 2009 9:37 am

Connection yang ade tu LAN ke? cuba ping any online web (cth: Google.com)

Masuk command prompt:

type: ping google.com

Tgk dpt reply ke x. Kalo xdpt, means Internet connection xde.

dragon

dragon: Ahli Baharu; Number of posts : 6
Registration date : 05/03/2009

Post n°4

Re: Browser infected

by dragon Thu Mar 05, 2009 5:53 pm

da ping n connection comfirm ok...tp browser(sume browser),ym,dan yg berkaitan ngan internet xleh bukak...antara gejala2 kena natang ni ialah dia akan kua virtual device camni,padahal ako xde install pon wan miniport tuh..

Browser infected Miniport

yurckk

yurckk: Ahli Baharu; Number of posts : 227
Age : 40
Location : Middle Earth
Registration date : 17/02/2009

Post n°5

Re: Browser infected

by yurckk Thu Mar 05, 2009 7:00 pm

pakai hijackthis, paste scanned log file kt cne. thx.

BasicCX

BasicCX: Ahli Baharu; Gender : Male Number of posts : 230
Registration date : 25/02/2009

Post n°6

Re: Browser infected

by BasicCX Thu Mar 05, 2009 9:21 pm

Check firewall

dragon

dragon: Ahli Baharu; Number of posts : 6
Registration date : 05/03/2009

Post n°7

Re: Browser infected

by dragon Sun Mar 08, 2009 1:33 pm

lagi satu gejala dia..ialah sent & received packets akan sentiasa counting up..dan trus counting...seolah2 ada background xtvt..ako buntu da...after scan virus,malware,spyware n repair windows pon still xleh gak...ape yg ako leh wat cuma format n reinstall windows..stakat ni lom bnyk yg kena leh la wat..sok2 kalo mrebak masak ako..tolon ye kwn2.. Crying or Very sad

dolkeke

dolkeke: Ahli Baharu; Number of posts : 22
Registration date : 03/03/2009

Post n°8

Re: Browser infected

by dolkeke Sun Mar 08, 2009 2:16 pm

try uninstall WAN miniport tu dulu...

arief23

arief23: Ahli Baharu; Number of posts : 36
Registration date : 05/03/2009

Post n°9

Re: Browser infected

by arief23 Tue Mar 10, 2009 2:24 pm

sory la kalo main tanye jer..
mengikut DRagon connection ade tp tenet xleh masuk, bole bg aper error msgnye..?? kekadang kat opis nie dorg pakai proxy... cube cek dulu

dragon

dragon: Ahli Baharu; Number of posts : 6
Registration date : 05/03/2009

Post n°10

Re: Browser infected

by dragon Tue Mar 10, 2009 5:00 pm

xpe2..utk pengetahuan sume,ako da setting sume proxy,da unchek firewall dan sume setting2 yg berkaitan utk dptkn network n internet tp still xleh gak dpt tenet

dragon

dragon: Ahli Baharu; Number of posts : 6
Registration date : 05/03/2009

Post n°11

Re: Browser infected

by dragon Fri Mar 13, 2009 11:26 am

hijackthis scan result,tolong la tgk2 kan ye kwn2..

e_sentinel

e_sentinel: Ahli Baharu; Number of posts : 479
Registration date : 02/03/2009

Post n°12

Re: Browser infected

by e_sentinel Fri Mar 13, 2009 3:30 pm

Paste full text log bro, bukan paste image log ...

dragon

dragon: Ahli Baharu; Number of posts : 6
Registration date : 05/03/2009

Post n°13

Re: Browser infected

by dragon Fri Mar 13, 2009 4:25 pm

ok2...sori..huhuuh

ni dia

Browser infected Untitled

e_sentinel

e_sentinel: Ahli Baharu; Number of posts : 479
Registration date : 02/03/2009

Post n°14

Re: Browser infected

by e_sentinel Fri Mar 13, 2009 5:43 pm

Aiseyy bro, copy dan paste log tu dalam bentuk text, tak perlu upload ke image hosting ... log tu nanti kitaorang nak submit untuk analyse ... jika upload image camana kitaorang nak copy paste log tuh Laughing

dragon

dragon: Ahli Baharu; Number of posts : 6
Registration date : 05/03/2009

Post n°15

Re: Browser infected

by dragon Fri Mar 13, 2009 5:46 pm

ohohoho...sori2...bila paste text cam trabur sket.. tu yg ako paste img tuh..huhuhuhu!!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:18:57 PM, on 3/13/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Winamp\winampa.exe
C:\Program Files\OpenVPN\bin\openvpn-gui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\MsiExec.exe
C:\WINDOWS\system32\MsiExec.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\SearchProtocolHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.7.251:8080
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [openvpn-gui] C:\Program Files\OpenVPN\bin\openvpn-gui.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1236651302140
O17 - HKLM\System\CCS\Services\Tcpip\..\{2D8B0642-1B90-4BFE-B5AB-7BA0F074052F}: NameServer = 202.188.0.133,202.188.1.5
O17 - HKLM\System\CCS\Services\Tcpip\..\{56B97FAB-8306-4C6A-9ADB-8A358FA4405D}: NameServer = 202.188.0.133,202.188.1.5
O17 - HKLM\System\CS1\Services\Tcpip\..\{2D8B0642-1B90-4BFE-B5AB-7BA0F074052F}: NameServer = 202.188.0.133,202.188.1.5
O17 - HKLM\System\CS2\Services\Tcpip\..\{2D8B0642-1B90-4BFE-B5AB-7BA0F074052F}: NameServer = 202.188.0.133,202.188.1.5
O17 - HKLM\System\CS3\Services\Tcpip\..\{2D8B0642-1B90-4BFE-B5AB-7BA0F074052F}: NameServer = 202.188.0.133,202.188.1.5
O23 - Service: dkab_device - Dell - C:\WINDOWS\system32\DKabcoms.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files\OpenVPN\bin\openvpnserv.exe

--
End of file - 4451 bytes

e_sentinel

e_sentinel: Ahli Baharu; Number of posts : 479
Registration date : 02/03/2009

Post n°16

Re: Browser infected

by e_sentinel Fri Mar 13, 2009 6:03 pm

Okeh, ni baru betul Laughing

, nanti otai datang membantu, aku perantara je (peraih) Basketball

Re: Browser infected

by Sponsored content

Forum Sementara Putera.com

Forum putera dah kembali. Masalah sudah berjaya diselesaikan. Sila lawati http://forum.putera.com/tanya

Browser infected

Browser infected

Re: Browser infected

Re: Browser infected

Re: Browser infected

Re: Browser infected

Re: Browser infected

Re: Browser infected

Re: Browser infected

Re: Browser infected

Re: Browser infected

Re: Browser infected

Re: Browser infected

Re: Browser infected

Re: Browser infected

Re: Browser infected

Re: Browser infected

Re: Browser infected

Similar topics

Similar topics