i dun have the permit to upload the extension. lol

mediafire also fine.

http://www.4shared.com/file/nEXfeNub/hijackthis.html?

this is the trojan

This post has been edited by chahupping: Dec 25 2012, 10:44 PM


Attached thumbnail(s)

^ your HOSTS file have been tampered?

Fix all these entries from HJT or edit your HOSTS file.

how? isit tick on HJT and fix it? if it is i done it.

This post has been edited by chahupping: Dec 25 2012, 10:45 PM

rescan with HJT to check if the entries really gone and then open command prompt with admin powah and run ipconfig /flushdns

succesfully flush but the HJT entries still cant fix..

can you edit the HOSTS file yourself?

hows?

if ur UAC is disabled, paste this in run command


else, go to c:\windows\system32\drivers\etc\ and open file name HOSTS with word editor like notepad.

ok open d. so what should i edti?

uh.. attach the file here. change the extension to .txt first.

# Copyright © 1993-2006 Microsoft

Corp.
#
# This is a sample HOSTS file used by

Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP

addresses to host names. Each
# entry should be kept on an individual

line. The IP address should
# be placed in the first column followed

by the corresponding host name.
# The IP address and the host name

should be separated by at least one
# space.
#
# Additionally, comments (such as these)

may be inserted on individual
# lines or following the machine name

denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com

# source server
# 38.25.63.10 x.acme.com

# x client host

127.0.0.1 localhost
::1 localhost








































































































































































































199.193.118.246 www.google-

analytics.com.
199.193.118.246 ad-emea.doubleclick.net.
199.193.118.246 www.statcounter.com.
199.193.118.246 connect.facebook.net.
93.115.241.27 www.google-analytics.com.
93.115.241.27 ad-emea.doubleclick.net.
93.115.241.27 www.statcounter.com.
93.115.241.27 connect.facebook.net.

delete
199.193.118.246 www.google-

analytics.com.
199.193.118.246 ad-emea.doubleclick.net.
199.193.118.246 www.statcounter.com.
199.193.118.246 connect.facebook.net.
93.115.241.27 www.google-analytics.com.
93.115.241.27 ad-emea.doubleclick.net.
93.115.241.27 www.statcounter.com.
93.115.241.27 connect.facebook.net.

and save

saved but the thing wont removed.

ur UAC is disabled right?

and check the hosts file is read-only or not.

oh wait.. did you save it as HOSTS or HOSTS.txt? If the latter, remove the txt extension.

i saved it name as hosts only, but the file i save as .txt

This post has been edited by chahupping: Dec 25 2012, 11:41 PM


Attached thumbnail(s)

don't save as hosts.txt,
save it as hosts.
Choose the type as All Files (*.*)