Ardy 2 Report post Posted June 2, 2008 Logfile of Trend Micro HijackThis v2.0.0 (BETA)Scan saved at 8:47:03, on 02/06/2008Platform: Windows XP SP2 (WinNT 5.01.2600)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Unlocker\UnlockerAssistant.exeC:\program files\lclock\lclock.exeC:\WINDOWS\system32\rundll32.exeC:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exeC:\Program Files\Stardock\ObjectDock\ObjectDock.exeC:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\cisvc.exeC:\WINDOWS\system32\nvsvc32.exeC:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\wscntfy.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\alg.exeC:\WINDOWS\system32\cidaemon.exeG:\e - TOOLS\@rDy's toolzâ„¢\BootCD\WinTools\StartupMonitor.exeC:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32Info.exeG:\e - TOOLS\@rDy's toolzâ„¢\Emergency.Virus.Fix.Tools.[update 260308]\HijackThis\HiJackThis [v2.0].exeC:\WINDOWS\system32\wbem\wmiprvse.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blankO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dllO4 - HKLM\..\Run: [unlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe -HO4 - HKLM\..\Run: [LClock] c:\program files\lclock\lclock.exeO4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgentO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartupO4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exeO4 - Global Startup: BlueSoleil.lnk = ?O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLLO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dllO22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dllO22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dllO23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exeO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exeO23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exeO23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exeO23 - Service: Windows Driver Foundation - User-mode Driver Framework (WudfSvc) - Unknown owner - hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,6b,00,20,00,57,00,75,00,64,00,66,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,47,00,72,00,6f,00,75,00,70,00,00,00 (file missing)--End of file - 5256 bytes Quote Share this post Link to post Share on other sites
baok 0 Report post Posted June 2, 2008 (edited) Ada sebarang masalah ke? Atau saja nak mintak tolong cek log?by the way.. uninstall HijackThis dari Emergency Fix Tools tu.. dah outdated..some of Emergency Fix Tools punye application is outdated/need update..Download HijackThis dari laman web di bawah dan install kat Default location..http://www.trendsecure.com/portal/en-US/_d.../HJTInstall.exe Edited June 2, 2008 by baok Quote Share this post Link to post Share on other sites