cyberfly 1 Report post Posted January 12, 2008 (edited) Askum.problem ni tertadi selepas member aku scan pendrive dia kat pc aku.Bila aku main game,akan kuar popup mcm ni :Very2 annoying popup tuh.Seingt aku,aku takde pn install apps tuk warning camni.Dan aku dah check lepastu,temp proc aku dlm 50c je bila gaming.Proc Intel C2d e6600.aku pakai Kaspersky 6.0,dah latest update,tp bila scan tak jmpa pn virus.Aku dah try PAV tapi tak jmpa gak.Ni HijackThis logfile aku.harap2 sesape yg tau bleh tlg Hijackthis logfile :Logfile of HijackThis v1.99.0Scan saved at 1:27:43 PM, on 1/12/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\SOUNDMAN.EXEC:\Program Files\VDOTool\TBPanel.exeC:\WINDOWS\system32\RUNDLL32.EXEC:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exeC:\Program Files\DAEMON Tools\daemon.exeC:\Program Files\Unlocker\UnlockerAssistant.exeC:\Program Files\Internet Download Manager\IDMan.exeC:\Program Files\Yahoo!\Messenger\YahooMessenger.exeC:\Program Files\Windows Live\Messenger\MsnMsgr.ExeC:\Program Files\CursorXP\CursorXP.exeC:\Program Files\RocketDock\RocketDock.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Yahoo!\Widgets\YahooWidgets.exeC:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exeC:\WINDOWS\system32\LckFldService.exeC:\WINDOWS\system32\nvsvc32.exeC:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exeC:\Program Files\Yahoo!\Widgets\YahooWidgets.exeC:\Program Files\Yahoo!\Widgets\YahooWidgets.exeC:\Program Files\Yahoo!\Widgets\YahooWidgets.exeC:\Program Files\Yahoo!\Widgets\YahooWidgets.exeC:\Program Files\Yahoo!\Widgets\YahooWidgets.exeC:\Program Files\Windows Live\Contacts\wlcomm.exeC:\Program Files\Windows Live\Messenger\usnsvc.exeC:\WINDOWS\system32\wscntfy.exeC:\WINDOWS\system32\wuauclt.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\DOCUME~1\Aku\LOCALS~1\Temp\524734.exeE:\Setup\Utilities\HijackThis\HijackThis.exeO2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dllO2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dllO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dllO2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXEO4 - HKLM\..\Run: [Gainward] C:\Program Files\VDOTool\TBPanel.exe /AO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [nwiz] nwiz.exe /installO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInitO4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"O4 - HKCU\..\Run: [iDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onbootO4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quietO4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /backgroundO4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exeO4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"O4 - HKCU\..\Run: [PAVAgent] C:\Program Files\Data0.Net Software\Portable Antivirus\portableav16b.exe /silentO4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exeO4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exeO4 - Global Startup: Orbit.lnk = ?O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htmO8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htmO9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dllO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dllO18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLLO18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLLO21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dllO23 - Service: Ad-Aware 2007 Service - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exeO23 - Service: Kaspersky Anti-Virus 6.0 - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exeO23 - Service: LckFldService - Unknown - C:\WINDOWS\system32\LckFldService.exeO23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exeO23 - Service: StarWind iSCSI Service - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exeEDIT : SOLVE!!!!!!!!!! Edited January 12, 2008 by cyberfly Share this post Link to post Share on other sites