http://forum.lowyat.net/ Sun, 14 Jun 2026 08:48:53 +0800 FeedCreator 1.7.2 http://forum.lowyat.net/topic/544872 Hi,<br /><br />I&#39;m facing this weird problem, try to search or google but none can give the best solution.<br /><br />About every 5 seconds explorer.exe tries to make an http request to an bad ip through svchost.exe. Now they&#39;re showing as the parent being services.exe, but still through svchost.exe to the &#39;bad&#39; ip. Info I&#39;ve found on the IP (81.29.248.50 and 81.29.248.56). I&#39;m using comodo firewall that log the connection. My Antivirus is latest Avast Anti Virus daily update. I&#39;m also scan using Kaspersky online but none of virus or trojan found. Already try combofix but nothing found. Already test using avg rootkit and sophos rootkit scanner still no luck. <br /><br />From googling i found that this ip is bad ip<br /><br />Click here info from mcafee site advisor <br /><br />Some info from <a href='http://www.siteadvisor.com/sites/onsafepro.com/postid/?p=537635' target='_blank'>http://www.siteadvisor.com/sites/onsafepro...ostid/?p=537635</a><br />Suggested solution <a href='http://www.siteadvisor.com/sites/videoaccesscodec.com/postid/?p=428507#post428507' target='_blank'>http://www.siteadvisor.com/sites/videoacce...8507#post428507</a> (cannot use this solution because no trace of video access codec)<br /><br />Here i&#39;m paste the Hijacklog (found nothing suspicious) <br /><br /><!--SPOILER BEGIN--><div class="spoilertop" onClick="openClose('7aa51e96f246b4c5fab4bd96d7b8dcdf')" style="font-weight: bold"><u>&raquo; Click to show Spoiler - click again to hide... &laquo;</u></div><div class="spoilermain" id="7aa51e96f246b4c5fab4bd96d7b8dcdf" style="display:none"><!--SPOILER END-->Logfile of Trend Micro HijackThis v2.0.2<br />Scan saved at 13:46:43, on 30/10/2007<br />Platform: Windows XP SP2 (WinNT 5.01.2600)<br />MSIE: Internet Explorer v7.00 (7.00.6000.16544)<br />Boot mode: Normal<br /><br />Running processes:<br />C:&#092;WINDOWS&#092;System32&#092;smss.exe<br />C:&#092;WINDOWS&#092;system32&#092;winlogon.exe<br />C:&#092;WINDOWS&#092;system32&#092;services.exe<br />C:&#092;WINDOWS&#092;system32&#092;lsass.exe<br />C:&#092;WINDOWS&#092;system32&#092;Ati2evxx.exe<br />C:&#092;WINDOWS&#092;system32&#092;svchost.exe<br />C:&#092;WINDOWS&#092;System32&#092;svchost.exe<br />C:&#092;WINDOWS&#092;system32&#092;Ati2evxx.exe<br />C:&#092;Program Files&#092;Alwil Software&#092;Avast4&#092;aswUpdSv.exe<br />C:&#092;Program Files&#092;Alwil Software&#092;Avast4&#092;ashServ.exe<br />C:&#092;WINDOWS&#092;system32&#092;spoolsv.exe<br />C:&#092;Program Files&#092;Comodo&#092;Firewall&#092;cmdagent.exe<br />C:&#092;Program Files&#092;Hewlett-Packard&#092;HP Software Update&#092;HPWuSchd2.exe<br />C:&#092;WINDOWS&#092;System32&#092;svchost.exe<br />C:&#092;WINDOWS&#092;system32&#092;taskswitch.exe<br />C:&#092;Program Files&#092;Hewlett-Packard&#092;Toolbox&#092;StatusClient&#092;StatusClient.exe<br />C:&#092;Program Files&#092;Microsoft IntelliPoint&#092;ipoint.exe<br />C:&#092;Program Files&#092;Common Files&#092;LightScribe&#092;LSSrvc.exe<br />C:&#092;Program Files&#092;HP&#092;hpcoretech&#092;hpcmpmgr.exe<br />C:&#092;WINDOWS&#092;system32&#092;hphmon06.exe<br />C:&#092;Program Files&#092;Google&#092;Gmail Notifier&#092;gnotify.exe<br />C:&#092;Program Files&#092;Hewlett-Packard&#092;Toolbox&#092;jre&#092;bin&#092;javaw.exe<br />C:&#092;Program Files&#092;CyberLink&#092;PowerDVD&#092;PDVDServ.exe<br />C:&#092;Program Files&#092;Common Files&#092;Microsoft Shared&#092;VS7DEBUG&#092;MDM.EXE<br />C:&#092;PROGRA~1&#092;ALWILS~1&#092;Avast4&#092;ashDisp.exe<br />C:&#092;WINDOWS&#092;system32&#092;poweroff.exe<br />C:&#092;Program Files&#092;CyberLink&#092;Shared files&#092;RichVideo.exe<br />C:&#092;WINDOWS&#092;system32&#092;svchost.exe<br />C:&#092;WINDOWS&#092;system32&#092;spool&#092;drivers&#092;w32x86&#092;3&#092;hpztsb11.exe<br />C:&#092;Program Files&#092;UPHClean&#092;uphclean.exe<br />C:&#092;Program Files&#092;Java&#092;jre1.6.0_03&#092;bin&#092;jusched.exe<br />C:&#092;Program Files&#092;HP&#092;hpcoretech&#092;comp&#092;hptskmgr.exe<br />C:&#092;WINDOWS&#092;RTHDCPL.EXE<br />C:&#092;Program Files&#092;Google&#092;GoogleToolbarNotifier&#092;GoogleToolbarNotifier.exe<br />C:&#092;Program Files&#092;ATI Technologies&#092;ATI.ACE&#092;Core-Static&#092;MOM.EXE<br />C:&#092;Program Files&#092;Blue Coat K9 Web Protection&#092;k9filter.exe<br />C:&#092;Program Files&#092;UltraVNC&#092;WinVNC.exe<br />C:&#092;WINDOWS&#092;system32&#092;ctfmon.exe<br />C:&#092;Program Files&#092;Alwil Software&#092;Avast4&#092;ashMaiSv.exe<br />C:&#092;Program Files&#092;Alwil Software&#092;Avast4&#092;ashWebSv.exe<br />C:&#092;WINDOWS&#092;system32&#092;hpbpro.exe<br />C:&#092;WINDOWS&#092;system32&#092;hpzipm12.exe<br />C:&#092;Program Files&#092;hp&#092;Digital Imaging&#092;bin&#092;hpqgalry.exe<br />C:&#092;Program Files&#092;ATI Technologies&#092;ATI.ACE&#092;Core-Static&#092;ccc.exe<br />C:&#092;Program Files&#092;Comodo&#092;Firewall&#092;cpf.exe<br />C:&#092;WINDOWS&#092;explorer.exe<br />C:&#092;WINDOWS&#092;system32&#092;igfxsrvc.exe<br />C:&#092;Program Files&#092;Mozilla Firefox&#092;firefox.exe<br />C:&#092;WINDOWS&#092;system32&#092;NOTEPAD.EXE<br />C:&#092;Program Files&#092;Trend Micro&#092;HijackThis&#092;HijackThis.exe<br /><br />R0 - HKCU&#092;Software&#092;Microsoft&#092;Internet Explorer&#092;Main,Start Page = <a href='http://welcome.hp.com/country/my/en/welcome.html' target='_blank'>http://welcome.hp.com/country/my/en/welcome.html</a><br />O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:&#092;Program Files&#092;FlashGet&#092;jccatch.dll<br />O2 - BHO: Spybot-S&amp;D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:&#092;PROGRA~1&#092;SPYBOT~1&#092;SDHelper.dll<br />O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:&#092;Program Files&#092;Java&#092;jre1.6.0_03&#092;bin&#092;ssv.dll<br />O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:&#092;program files&#092;google&#092;googletoolbar3.dll<br />O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:&#092;Program Files&#092;Google&#092;GoogleToolbarNotifier&#092;2.0.301.7164&#092;swg.dll<br />O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:&#092;Program Files&#092;FlashGet&#092;getflash.dll<br />O3 - Toolbar: FlashGet - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:&#092;Program Files&#092;FlashGet&#092;fgiebar.dll<br />O3 - Toolbar: &amp;Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:&#092;program files&#092;google&#092;googletoolbar3.dll<br />O4 - HKLM&#092;..&#092;Run: [IMJPMIG8.1] &quot;C:&#092;WINDOWS&#092;IME&#092;imjp8_1&#092;IMJPMIG.EXE&quot; /Spoil /RemAdvDef /Migration32<br />O4 - HKLM&#092;..&#092;Run: [PHIME2002ASync] C:&#092;WINDOWS&#092;system32&#092;IME&#092;TINTLGNT&#092;TINTSETP.EXE /SYNC<br />O4 - HKLM&#092;..&#092;Run: [PHIME2002A] C:&#092;WINDOWS&#092;system32&#092;IME&#092;TINTLGNT&#092;TINTSETP.EXE /IMEName<br />O4 - HKLM&#092;..&#092;Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe<br />O4 - HKLM&#092;..&#092;Run: [HP Software Update] &quot;C:&#092;Program Files&#092;Hewlett-Packard&#092;HP Software Update&#092;HPWuSchd2.exe&quot;<br />O4 - HKLM&#092;..&#092;Run: [CoolSwitch] C:&#092;WINDOWS&#092;system32&#092;taskswitch.exe<br />O4 - HKLM&#092;..&#092;Run: [NeroFilterCheck] C:&#092;WINDOWS&#092;system32&#092;NeroCheck.exe<br />O4 - HKLM&#092;..&#092;Run: [StatusClient 2.6] C:&#092;Program Files&#092;Hewlett-Packard&#092;Toolbox&#092;StatusClient&#092;StatusClient.exe /auto<br />O4 - HKLM&#092;..&#092;Run: [TomcatStartup 2.5] C:&#092;Program Files&#092;Hewlett-Packard&#092;Toolbox&#092;hpbpsttp.exe<br />O4 - HKLM&#092;..&#092;Run: [IntelliPoint] &quot;C:&#092;Program Files&#092;Microsoft IntelliPoint&#092;ipoint.exe&quot;<br />O4 - HKLM&#092;..&#092;Run: [gemstrmw] C:&#092;WINDOWS&#092;system32&#092;gemstrmw.exe /r<br />O4 - HKLM&#092;..&#092;Run: [HPHUPD06] C:&#092;Program Files&#092;hp&#092;{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}&#092;hphupd06.exe<br />O4 - HKLM&#092;..&#092;Run: [HP Component Manager] &quot;C:&#092;Program Files&#092;HP&#092;hpcoretech&#092;hpcmpmgr.exe&quot;<br />O4 - HKLM&#092;..&#092;Run: [HPHmon06] C:&#092;WINDOWS&#092;system32&#092;hphmon06.exe<br />O4 - HKLM&#092;..&#092;Run: [WinVNC] &quot;C:&#092;Program Files&#092;UltraVNC&#092;WinVNC.exe&quot; -servicehelper<br />O4 - HKLM&#092;..&#092;Run: [WinHandAutoClean] &quot;C:&#092;Program Files&#092;Madonote&#092;AUTOCLN.EXE&quot;<br />O4 - HKLM&#092;..&#092;Run: [ISUSPM Startup] &quot;C:&#092;Program Files&#092;Common Files&#092;InstallShield&#092;UpdateService&#092;ISUSPM.exe&quot; -startup<br />O4 - HKLM&#092;..&#092;Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:&#092;Program Files&#092;Google&#092;Gmail Notifier&#092;gnotify.exe<br />O4 - HKLM&#092;..&#092;Run: [RemoteControl] &quot;C:&#092;Program Files&#092;CyberLink&#092;PowerDVD&#092;PDVDServ.exe&quot;<br />O4 - HKLM&#092;..&#092;Run: [LanguageShortcut] &quot;C:&#092;Program Files&#092;CyberLink&#092;PowerDVD&#092;Language&#092;Language.exe&quot;<br />O4 - HKLM&#092;..&#092;Run: [avast&#33;] C:&#092;PROGRA~1&#092;ALWILS~1&#092;Avast4&#092;ashDisp.exe<br />O4 - HKLM&#092;..&#092;Run: [COMODO Firewall Pro] &quot;C:&#092;Program Files&#092;Comodo&#092;Firewall&#092;CPF.exe&quot; /background<br />O4 - HKLM&#092;..&#092;Run: [WeatherMate] &quot;C:&#092;Program Files&#092;WeatherMate&#092;WeatherMate.exe&quot;<br />O4 - HKLM&#092;..&#092;Run: [HPDJ Taskbar Utility] C:&#092;WINDOWS&#092;system32&#092;spool&#092;drivers&#092;w32x86&#092;3&#092;hpztsb11.exe<br />O4 - HKLM&#092;..&#092;Run: [SunJavaUpdateSched] &quot;C:&#092;Program Files&#092;Java&#092;jre1.6.0_03&#092;bin&#092;jusched.exe&quot;<br />O4 - HKLM&#092;..&#092;Run: [StartCCC] &quot;C:&#092;Program Files&#092;ATI Technologies&#092;ATI.ACE&#092;Core-Static&#092;CLIStart.exe&quot;<br />O4 - HKLM&#092;..&#092;Run: [RTHDCPL] RTHDCPL.EXE<br />O4 - HKCU&#092;..&#092;Run: [swg] C:&#092;Program Files&#092;Google&#092;GoogleToolbarNotifier&#092;GoogleToolbarNotifier.exe<br />O4 - HKCU&#092;..&#092;Run: [ctfmon.exe] C:&#092;WINDOWS&#092;system32&#092;ctfmon.exe<br />O4 - HKUS&#092;S-1-5-18&#092;..&#092;Run: [ctfmon.exe] C:&#092;WINDOWS&#092;system32&#092;ctfmon.exe (User &#39;SYSTEM&#39;)<br />O4 - HKUS&#092;.DEFAULT&#092;..&#092;Run: [ctfmon.exe] C:&#092;WINDOWS&#092;system32&#092;ctfmon.exe (User &#39;Default user&#39;)<br />O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:&#092;Program Files&#092;Adobe&#092;Acrobat 7.0&#092;Reader&#092;reader_sl.exe<br />O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:&#092;Program Files&#092;HP&#092;Digital Imaging&#092;bin&#092;hpqtra08.exe<br />O4 - Global Startup: HP Image Zone Fast Start.lnk = C:&#092;Program Files&#092;HP&#092;Digital Imaging&#092;bin&#092;hpqthb08.exe<br />O8 - Extra context menu item: &amp;Download All with FlashGet - C:&#092;Program Files&#092;FlashGet&#092;jc_all.htm<br />O8 - Extra context menu item: &amp;Download with DownloadPlus&#33; - C:&#092;Program Files&#092;DownloadPlus&#092;downloadplus.htm<br />O8 - Extra context menu item: &amp;Download with FlashGet - C:&#092;Program Files&#092;FlashGet&#092;jc_link.htm<br />O8 - Extra context menu item: Add to Media Manager... - C:&#092;Program Files&#092;MP3 Player Utilities 4.00&#092;MediaManager&#092;grab.html<br />O8 - Extra context menu item: AMV convert tool grab multimedia file - C:&#092;Program Files&#092;MP3 Player Utilities 4.00&#092;AMVConverter&#092;grab.html<br />O8 - Extra context menu item: E&amp;xport to Microsoft Excel - res://C:&#092;PROGRA~1&#092;MICROS~2&#092;OFFICE11&#092;EXCEL.EXE/3000<br />O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:&#092;Program Files&#092;Java&#092;jre1.6.0_03&#092;bin&#092;ssv.dll<br />O9 - Extra &#39;Tools&#39; menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:&#092;Program Files&#092;Java&#092;jre1.6.0_03&#092;bin&#092;ssv.dll<br />O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:&#092;Program Files&#092;Microsoft ActiveSync&#092;INetRepl.dll<br />O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:&#092;Program Files&#092;Microsoft ActiveSync&#092;INetRepl.dll<br />O9 - Extra &#39;Tools&#39; menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:&#092;Program Files&#092;Microsoft ActiveSync&#092;INetRepl.dll<br />O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:&#092;PROGRA~1&#092;MICROS~2&#092;OFFICE11&#092;REFIEBAR.DLL<br />O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:&#092;Program Files&#092;FlashGet&#092;FlashGet.exe<br />O9 - Extra &#39;Tools&#39; menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:&#092;Program Files&#092;FlashGet&#092;FlashGet.exe<br />O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:&#092;PROGRA~1&#092;SPYBOT~1&#092;SDHelper.dll<br />O9 - Extra &#39;Tools&#39; menuitem: Spybot - Search &amp; Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:&#092;PROGRA~1&#092;SPYBOT~1&#092;SDHelper.dll<br />O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:&#092;WINDOWS&#092;Network Diagnostic&#092;xpnetdiag.exe<br />O9 - Extra &#39;Tools&#39; menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:&#092;WINDOWS&#092;Network Diagnostic&#092;xpnetdiag.exe<br />O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:&#092;Program Files&#092;Messenger&#092;msmsgs.exe<br />O9 - Extra &#39;Tools&#39; menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:&#092;Program Files&#092;Messenger&#092;msmsgs.exe<br />O15 - Trusted IP range: <a href='http://192.168.1.1' target='_blank'>http://192.168.1.1</a><br />O16 - DPF: {14C1B87C-3342-445F-9B5E-365FF330A3AC} (Hewlett-Packard Online Support Services) - <a href='http://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB' target='_blank'>http://h50203.www5.hp.com/HPISWeb/Customer...DataManager.CAB</a><br />O16 - DPF: {156BF4B7-AE3A-4365-BD88-95A75AF8F09D} (HPSDDX Class) - <a href='http://www.hp.com/cpso-support-new/SDD/hpsddObjSigned.cab' target='_blank'>http://www.hp.com/cpso-support-new/SDD/hpsddObjSigned.cab</a><br />O23 - Service: avast&#33; iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:&#092;Program Files&#092;Alwil Software&#092;Avast4&#092;aswUpdSv.exe<br />O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:&#092;WINDOWS&#092;system32&#092;Ati2evxx.exe<br />O23 - Service: ATI Smart - Unknown owner - C:&#092;WINDOWS&#092;system32&#092;ati2sgag.exe<br />O23 - Service: avast&#33; Antivirus - ALWIL Software - C:&#092;Program Files&#092;Alwil Software&#092;Avast4&#092;ashServ.exe<br />O23 - Service: avast&#33; Mail Scanner - ALWIL Software - C:&#092;Program Files&#092;Alwil Software&#092;Avast4&#092;ashMaiSv.exe<br />O23 - Service: avast&#33; Web Scanner - ALWIL Software - C:&#092;Program Files&#092;Alwil Software&#092;Avast4&#092;ashWebSv.exe<br />O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:&#092;Program Files&#092;Comodo&#092;Firewall&#092;cmdagent.exe<br />O23 - Service: Google Updater Service (gusvc) - Google - C:&#092;Program Files&#092;Google&#092;Common&#092;Google Updater&#092;GoogleUpdaterService.exe<br />O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:&#092;WINDOWS&#092;system32&#092;hpbpro.exe<br />O23 - Service: HP Status Server - Hewlett-Packard Company - C:&#092;WINDOWS&#092;system32&#092;hpboid.exe<br />O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:&#092;Program Files&#092;Common Files&#092;InstallShield&#092;Driver&#092;1150&#092;Intel 32&#092;IDriverT.exe<br />O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:&#092;Program Files&#092;Common Files&#092;LightScribe&#092;LSSrvc.exe<br />O23 - Service: Pml Driver HPZ12 - HP - C:&#092;WINDOWS&#092;system32&#092;hpzipm12.exe<br />O23 - Service: Poweroff - Jorgen Bosman - C:&#092;WINDOWS&#092;system32&#092;poweroff.exe<br />O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:&#092;Program Files&#092;CyberLink&#092;Shared files&#092;RichVideo.exe<br />O23 - Service: Blue Coat K9 Web Protection (WebFilter) - Unknown owner - C:&#092;Program Files&#092;Blue Coat K9 Web Protection&#092;k9filter.exe<br />O23 - Service: VNC Server (winvnc) - UltraVNC - C:&#092;Program Files&#092;UltraVNC&#092;WinVNC.exe<br /><br />--<br />End of file - 11200 bytes<br /><!--SPOILER DIV--></div><!--SPOILER DIV--><br /><br />[addedon]October 31, 2007, 11:08 am[/addedon]Logfile of Trend Micro HijackThis v2.0.2<br />Scan saved at 13:46:43, on 30/10/2007<br />Platform: Windows XP SP2 (WinNT 5.01.2600)<br />MSIE: Internet Explorer v7.00 (7.00.6000.16544)<br />Boot mode: Normal<br /><br />Running processes:<br />C:&#092;WINDOWS&#092;System32&#092;smss.exe<br />C:&#092;WINDOWS&#092;system32&#092;winlogon.exe<br />C:&#092;WINDOWS&#092;system32&#092;services.exe<br />C:&#092;WINDOWS&#092;system32&#092;lsass.exe<br />C:&#092;WINDOWS&#092;system32&#092;Ati2evxx.exe<br />C:&#092;WINDOWS&#092;system32&#092;svchost.exe<br />C:&#092;WINDOWS&#092;System32&#092;svchost.exe<br />C:&#092;WINDOWS&#092;system32&#092;Ati2evxx.exe<br />C:&#092;Program Files&#092;Alwil Software&#092;Avast4&#092;aswUpdSv.exe<br />C:&#092;Program Files&#092;Alwil Software&#092;Avast4&#092;ashServ.exe<br />C:&#092;WINDOWS&#092;system32&#092;spoolsv.exe<br />C:&#092;Program Files&#092;Comodo&#092;Firewall&#092;cmdagent.exe<br />C:&#092;Program Files&#092;Hewlett-Packard&#092;HP Software Update&#092;HPWuSchd2.exe<br />C:&#092;WINDOWS&#092;System32&#092;svchost.exe<br />C:&#092;WINDOWS&#092;system32&#092;taskswitch.exe<br />C:&#092;Program Files&#092;Hewlett-Packard&#092;Toolbox&#092;StatusClient&#092;StatusClient.exe<br />C:&#092;Program Files&#092;Microsoft IntelliPoint&#092;ipoint.exe<br />C:&#092;Program Files&#092;Common Files&#092;LightScribe&#092;LSSrvc.exe<br />C:&#092;Program Files&#092;HP&#092;hpcoretech&#092;hpcmpmgr.exe<br />C:&#092;WINDOWS&#092;system32&#092;hphmon06.exe<br />C:&#092;Program Files&#092;Google&#092;Gmail Notifier&#092;gnotify.exe<br />C:&#092;Program Files&#092;Hewlett-Packard&#092;Toolbox&#092;jre&#092;bin&#092;javaw.exe<br />C:&#092;Program Files&#092;CyberLink&#092;PowerDVD&#092;PDVDServ.exe<br />C:&#092;Program Files&#092;Common Files&#092;Microsoft Shared&#092;VS7DEBUG&#092;MDM.EXE<br />C:&#092;PROGRA~1&#092;ALWILS~1&#092;Avast4&#092;ashDisp.exe<br />C:&#092;WINDOWS&#092;system32&#092;poweroff.exe<br />C:&#092;Program Files&#092;CyberLink&#092;Shared files&#092;RichVideo.exe<br />C:&#092;WINDOWS&#092;system32&#092;svchost.exe<br />C:&#092;WINDOWS&#092;system32&#092;spool&#092;drivers&#092;w32x86&#092;3&#092;hpztsb11.exe<br />C:&#092;Program Files&#092;UPHClean&#092;uphclean.exe<br />C:&#092;Program Files&#092;Java&#092;jre1.6.0_03&#092;bin&#092;jusched.exe<br />C:&#092;Program Files&#092;HP&#092;hpcoretech&#092;comp&#092;hptskmgr.exe<br />C:&#092;WINDOWS&#092;RTHDCPL.EXE<br />C:&#092;Program Files&#092;Google&#092;GoogleToolbarNotifier&#092;GoogleToolbarNotifier.exe<br />C:&#092;Program Files&#092;ATI Technologies&#092;ATI.ACE&#092;Core-Static&#092;MOM.EXE<br />C:&#092;Program Files&#092;Blue Coat K9 Web Protection&#092;k9filter.exe<br />C:&#092;Program Files&#092;UltraVNC&#092;WinVNC.exe<br />C:&#092;WINDOWS&#092;system32&#092;ctfmon.exe<br />C:&#092;Program Files&#092;Alwil Software&#092;Avast4&#092;ashMaiSv.exe<br />C:&#092;Program Files&#092;Alwil Software&#092;Avast4&#092;ashWebSv.exe<br />C:&#092;WINDOWS&#092;system32&#092;hpbpro.exe<br />C:&#092;WINDOWS&#092;system32&#092;hpzipm12.exe<br />C:&#092;Program Files&#092;hp&#092;Digital Imaging&#092;bin&#092;hpqgalry.exe<br />C:&#092;Program Files&#092;ATI Technologies&#092;ATI.ACE&#092;Core-Static&#092;ccc.exe<br />C:&#092;Program Files&#092;Comodo&#092;Firewall&#092;cpf.exe<br />C:&#092;WINDOWS&#092;explorer.exe<br />C:&#092;WINDOWS&#092;system32&#092;igfxsrvc.exe<br />C:&#092;Program Files&#092;Mozilla Firefox&#092;firefox.exe<br />C:&#092;WINDOWS&#092;system32&#092;NOTEPAD.EXE<br />C:&#092;Program Files&#092;Trend Micro&#092;HijackThis&#092;HijackThis.exe<br /><br />R0 - HKCU&#092;Software&#092;Microsoft&#092;Internet Explorer&#092;Main,Start Page = <a href='http://welcome.hp.com/country/my/en/welcome.html' target='_blank'>http://welcome.hp.com/country/my/en/welcome.html</a><br />O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:&#092;Program Files&#092;FlashGet&#092;jccatch.dll<br />O2 - BHO: Spybot-S&amp;D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:&#092;PROGRA~1&#092;SPYBOT~1&#092;SDHelper.dll<br />O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:&#092;Program Files&#092;Java&#092;jre1.6.0_03&#092;bin&#092;ssv.dll<br />O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:&#092;program files&#092;google&#092;googletoolbar3.dll<br />O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:&#092;Program Files&#092;Google&#092;GoogleToolbarNotifier&#092;2.0.301.7164&#092;swg.dll<br />O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:&#092;Program Files&#092;FlashGet&#092;getflash.dll<br />O3 - Toolbar: FlashGet - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:&#092;Program Files&#092;FlashGet&#092;fgiebar.dll<br />O3 - Toolbar: &amp;Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:&#092;program files&#092;google&#092;googletoolbar3.dll<br />O4 - HKLM&#092;..&#092;Run: [IMJPMIG8.1] &quot;C:&#092;WINDOWS&#092;IME&#092;imjp8_1&#092;IMJPMIG.EXE&quot; /Spoil /RemAdvDef /Migration32<br />O4 - HKLM&#092;..&#092;Run: [PHIME2002ASync] C:&#092;WINDOWS&#092;system32&#092;IME&#092;TINTLGNT&#092;TINTSETP.EXE /SYNC<br />O4 - HKLM&#092;..&#092;Run: [PHIME2002A] C:&#092;WINDOWS&#092;system32&#092;IME&#092;TINTLGNT&#092;TINTSETP.EXE /IMEName<br />O4 - HKLM&#092;..&#092;Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe<br />O4 - HKLM&#092;..&#092;Run: [HP Software Update] &quot;C:&#092;Program Files&#092;Hewlett-Packard&#092;HP Software Update&#092;HPWuSchd2.exe&quot;<br />O4 - HKLM&#092;..&#092;Run: [CoolSwitch] C:&#092;WINDOWS&#092;system32&#092;taskswitch.exe<br />O4 - HKLM&#092;..&#092;Run: [NeroFilterCheck] C:&#092;WINDOWS&#092;system32&#092;NeroCheck.exe<br />O4 - HKLM&#092;..&#092;Run: [StatusClient 2.6] C:&#092;Program Files&#092;Hewlett-Packard&#092;Toolbox&#092;StatusClient&#092;StatusClient.exe /auto<br />O4 - HKLM&#092;..&#092;Run: [TomcatStartup 2.5] C:&#092;Program Files&#092;Hewlett-Packard&#092;Toolbox&#092;hpbpsttp.exe<br />O4 - HKLM&#092;..&#092;Run: [IntelliPoint] &quot;C:&#092;Program Files&#092;Microsoft IntelliPoint&#092;ipoint.exe&quot;<br />O4 - HKLM&#092;..&#092;Run: [gemstrmw] C:&#092;WINDOWS&#092;system32&#092;gemstrmw.exe /r<br />O4 - HKLM&#092;..&#092;Run: [HPHUPD06] C:&#092;Program Files&#092;hp&#092;{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}&#092;hphupd06.exe<br />O4 - HKLM&#092;..&#092;Run: [HP Component Manager] &quot;C:&#092;Program Files&#092;HP&#092;hpcoretech&#092;hpcmpmgr.exe&quot;<br />O4 - HKLM&#092;..&#092;Run: [HPHmon06] C:&#092;WINDOWS&#092;system32&#092;hphmon06.exe<br />O4 - HKLM&#092;..&#092;Run: [WinVNC] &quot;C:&#092;Program Files&#092;UltraVNC&#092;WinVNC.exe&quot; -servicehelper<br />O4 - HKLM&#092;..&#092;Run: [WinHandAutoClean] &quot;C:&#092;Program Files&#092;Madonote&#092;AUTOCLN.EXE&quot;<br />O4 - HKLM&#092;..&#092;Run: [ISUSPM Startup] &quot;C:&#092;Program Files&#092;Common Files&#092;InstallShield&#092;UpdateService&#092;ISUSPM.exe&quot; -startup<br />O4 - HKLM&#092;..&#092;Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:&#092;Program Files&#092;Google&#092;Gmail Notifier&#092;gnotify.exe<br />O4 - HKLM&#092;..&#092;Run: [RemoteControl] &quot;C:&#092;Program Files&#092;CyberLink&#092;PowerDVD&#092;PDVDServ.exe&quot;<br />O4 - HKLM&#092;..&#092;Run: [LanguageShortcut] &quot;C:&#092;Program Files&#092;CyberLink&#092;PowerDVD&#092;Language&#092;Language.exe&quot;<br />O4 - HKLM&#092;..&#092;Run: [avast&#33;] C:&#092;PROGRA~1&#092;ALWILS~1&#092;Avast4&#092;ashDisp.exe<br />O4 - HKLM&#092;..&#092;Run: [COMODO Firewall Pro] &quot;C:&#092;Program Files&#092;Comodo&#092;Firewall&#092;CPF.exe&quot; /background<br />O4 - HKLM&#092;..&#092;Run: [WeatherMate] &quot;C:&#092;Program Files&#092;WeatherMate&#092;WeatherMate.exe&quot;<br />O4 - HKLM&#092;..&#092;Run: [HPDJ Taskbar Utility] C:&#092;WINDOWS&#092;system32&#092;spool&#092;drivers&#092;w32x86&#092;3&#092;hpztsb11.exe<br />O4 - HKLM&#092;..&#092;Run: [SunJavaUpdateSched] &quot;C:&#092;Program Files&#092;Java&#092;jre1.6.0_03&#092;bin&#092;jusched.exe&quot;<br />O4 - HKLM&#092;..&#092;Run: [StartCCC] &quot;C:&#092;Program Files&#092;ATI Technologies&#092;ATI.ACE&#092;Core-Static&#092;CLIStart.exe&quot;<br />O4 - HKLM&#092;..&#092;Run: [RTHDCPL] RTHDCPL.EXE<br />O4 - HKCU&#092;..&#092;Run: [swg] C:&#092;Program Files&#092;Google&#092;GoogleToolbarNotifier&#092;GoogleToolbarNotifier.exe<br />O4 - HKCU&#092;..&#092;Run: [ctfmon.exe] C:&#092;WINDOWS&#092;system32&#092;ctfmon.exe<br />O4 - HKUS&#092;S-1-5-18&#092;..&#092;Run: [ctfmon.exe] C:&#092;WINDOWS&#092;system32&#092;ctfmon.exe (User &#39;SYSTEM&#39;)<br />O4 - HKUS&#092;.DEFAULT&#092;..&#092;Run: [ctfmon.exe] C:&#092;WINDOWS&#092;system32&#092;ctfmon.exe (User &#39;Default user&#39;)<br />O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:&#092;Program Files&#092;Adobe&#092;Acrobat 7.0&#092;Reader&#092;reader_sl.exe<br />O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:&#092;Program Files&#092;HP&#092;Digital Imaging&#092;bin&#092;hpqtra08.exe<br />O4 - Global Startup: HP Image Zone Fast Start.lnk = C:&#092;Program Files&#092;HP&#092;Digital Imaging&#092;bin&#092;hpqthb08.exe<br />O8 - Extra context menu item: &amp;Download All with FlashGet - C:&#092;Program Files&#092;FlashGet&#092;jc_all.htm<br />O8 - Extra context menu item: &amp;Download with DownloadPlus&#33; - C:&#092;Program Files&#092;DownloadPlus&#092;downloadplus.htm<br />O8 - Extra context menu item: &amp;Download with FlashGet - C:&#092;Program Files&#092;FlashGet&#092;jc_link.htm<br />O8 - Extra context menu item: Add to Media Manager... - C:&#092;Program Files&#092;MP3 Player Utilities 4.00&#092;MediaManager&#092;grab.html<br />O8 - Extra context menu item: AMV convert tool grab multimedia file - C:&#092;Program Files&#092;MP3 Player Utilities 4.00&#092;AMVConverter&#092;grab.html<br />O8 - Extra context menu item: E&amp;xport to Microsoft Excel - res://C:&#092;PROGRA~1&#092;MICROS~2&#092;OFFICE11&#092;EXCEL.EXE/3000<br />O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:&#092;Program Files&#092;Java&#092;jre1.6.0_03&#092;bin&#092;ssv.dll<br />O9 - Extra &#39;Tools&#39; menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:&#092;Program Files&#092;Java&#092;jre1.6.0_03&#092;bin&#092;ssv.dll<br />O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:&#092;Program Files&#092;Microsoft ActiveSync&#092;INetRepl.dll<br />O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:&#092;Program Files&#092;Microsoft ActiveSync&#092;INetRepl.dll<br />O9 - Extra &#39;Tools&#39; menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:&#092;Program Files&#092;Microsoft ActiveSync&#092;INetRepl.dll<br />O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:&#092;PROGRA~1&#092;MICROS~2&#092;OFFICE11&#092;REFIEBAR.DLL<br />O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:&#092;Program Files&#092;FlashGet&#092;FlashGet.exe<br />O9 - Extra &#39;Tools&#39; menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:&#092;Program Files&#092;FlashGet&#092;FlashGet.exe<br />O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:&#092;PROGRA~1&#092;SPYBOT~1&#092;SDHelper.dll<br />O9 - Extra &#39;Tools&#39; menuitem: Spybot - Search &amp; Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:&#092;PROGRA~1&#092;SPYBOT~1&#092;SDHelper.dll<br />O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:&#092;WINDOWS&#092;Network Diagnostic&#092;xpnetdiag.exe<br />O9 - Extra &#39;Tools&#39; menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:&#092;WINDOWS&#092;Network Diagnostic&#092;xpnetdiag.exe<br />O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:&#092;Program Files&#092;Messenger&#092;msmsgs.exe<br />O9 - Extra &#39;Tools&#39; menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:&#092;Program Files&#092;Messenger&#092;msmsgs.exe<br />O15 - Trusted IP range: <a href='http://192.168.1.1' target='_blank'>http://192.168.1.1</a><br />O16 - DPF: {14C1B87C-3342-445F-9B5E-365FF330A3AC} (Hewlett-Packard Online Support Services) - <a href='http://h50203.www5.hp.com/HPISWeb/Customer...DataManager.CAB' target='_blank'>http://h50203.www5.hp.com/HPISWeb/Customer...DataManager.CAB</a><br />O16 - DPF: {156BF4B7-AE3A-4365-BD88-95A75AF8F09D} (HPSDDX Class) - <a href='http://www.hp.com/cpso-support-new/SDD/hpsddObjSigned.cab' target='_blank'>http://www.hp.com/cpso-support-new/SDD/hpsddObjSigned.cab</a><br />O23 - Service: avast&#33; iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:&#092;Program Files&#092;Alwil Software&#092;Avast4&#092;aswUpdSv.exe<br />O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:&#092;WINDOWS&#092;system32&#092;Ati2evxx.exe<br />O23 - Service: ATI Smart - Unknown owner - C:&#092;WINDOWS&#092;system32&#092;ati2sgag.exe<br />O23 - Service: avast&#33; Antivirus - ALWIL Software - C:&#092;Program Files&#092;Alwil Software&#092;Avast4&#092;ashServ.exe<br />O23 - Service: avast&#33; Mail Scanner - ALWIL Software - C:&#092;Program Files&#092;Alwil Software&#092;Avast4&#092;ashMaiSv.exe<br />O23 - Service: avast&#33; Web Scanner - ALWIL Software - C:&#092;Program Files&#092;Alwil Software&#092;Avast4&#092;ashWebSv.exe<br />O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:&#092;Program Files&#092;Comodo&#092;Firewall&#092;cmdagent.exe<br />O23 - Service: Google Updater Service (gusvc) - Google - C:&#092;Program Files&#092;Google&#092;Common&#092;Google Updater&#092;GoogleUpdaterService.exe<br />O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:&#092;WINDOWS&#092;system32&#092;hpbpro.exe<br />O23 - Service: HP Status Server - Hewlett-Packard Company - C:&#092;WINDOWS&#092;system32&#092;hpboid.exe<br />O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:&#092;Program Files&#092;Common Files&#092;InstallShield&#092;Driver&#092;1150&#092;Intel 32&#092;IDriverT.exe<br />O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:&#092;Program Files&#092;Common Files&#092;LightScribe&#092;LSSrvc.exe<br />O23 - Service: Pml Driver HPZ12 - HP - C:&#092;WINDOWS&#092;system32&#092;hpzipm12.exe<br />O23 - Service: Poweroff - Jorgen Bosman - C:&#092;WINDOWS&#092;system32&#092;poweroff.exe<br />O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:&#092;Program Files&#092;CyberLink&#092;Shared files&#092;RichVideo.exe<br />O23 - Service: Blue Coat K9 Web Protection (WebFilter) - Unknown owner - C:&#092;Program Files&#092;Blue Coat K9 Web Protection&#092;k9filter.exe<br />O23 - Service: VNC Server (winvnc) - UltraVNC - C:&#092;Program Files&#092;UltraVNC&#092;WinVNC.exe<br /><br />--<br />End of file - 11200 bytes<br /><br />[addedon]October 31, 2007, 5:43 pm[/addedon]<!--emo&:cry:--><img src='http://static.lowyat.net/style_emoticons/default/cry.gif' border='0' style='vertical-align:middle' alt='cry.gif' /><!--endemo--> Sobb sobb sobb, Nobody wan to help me to figure out this problem.<br /><br /> <!--emo&:hmm:--><img src='http://static.lowyat.net/style_emoticons/default/hmm.gif' border='0' style='vertical-align:middle' alt='hmm.gif' /><!--endemo--> By the way my pc no longer received the bad ip message anymore. That make more weird. Comparing with previous hijacklog with current one nothing is changed. Still same running process. <!--emo&:stars:--><img src='http://static.lowyat.net/style_emoticons/default/rclxub.gif' border='0' style='vertical-align:middle' alt='rclxub.gif' /><!--endemo--> <br /><br />Either already clean up or completely affected by this trojan downloader. I&#39;m also monitor the network packet by using m&#036; network monitor but no sign of this pc contacting bad ip anymore. Hmmm.<br /><br />Tqvm. <!--emo&:respect:--><img src='http://static.lowyat.net/style_emoticons/default/notworthy.gif' border='0' style='vertical-align:middle' alt='notworthy.gif' /><!--endemo--> vsx70 Technical Support Tue, 30 Oct 2007 14:15:46 +0800 http://forum.lowyat.net/topic/486948 <!--emo&:D--><img src='http://static.lowyat.net/style_emoticons/default/biggrin.gif' border='0' style='vertical-align:middle' alt='biggrin.gif' /><!--endemo--> Hi Dearest All Lowyatian,<br /><br />I have a new problem, last week i got a new cheap graphic card MSI 8500GT. This card actually doesn&#39;t have any problem.<br /><br />First I&#39;m tested on first PC <br /><br />Intel Pentium 4 3Ghz,<br />MSI 7133 Intel 915<br />512MB RAM<br />160 GB Sata Western Digital<br />Liteon dvdrw<br />AnV ATX 400W<br />Current Graphic is nx6600 128MB changes to nx8500 256MB<br />All smooth without problem. even can use to play all the 3d game in this pc such as nfsc , aoe3 and so-on so-on:clap: <br /><br />Then tested on second PC (actually this is the PC i want to put new graphic card)<br />AMD Sempron 3200++<br />MSI 7135 K8n Neo3 (Nforce 4-4x)<br />160 GB Sata Seagate<br />LG dvdrw<br />Combo drive<br />1GB RAM<br />Anv ATX 400w<br />Current Graphic Card is ATI x300 128MB changes to nx8500 256MB)<br />Hang on windows loading, cannot access safe mode, also try try to reset the bios, <!--emo&:hmm:--><img src='http://static.lowyat.net/style_emoticons/default/hmm.gif' border='0' style='vertical-align:middle' alt='hmm.gif' /><!--endemo--> <br /><br /> <!--emo&:P--><img src='http://static.lowyat.net/style_emoticons/default/tongue.gif' border='0' style='vertical-align:middle' alt='tongue.gif' /><!--endemo--> All the procedure same such as uninstall graphic drive, remove the card and put the new one.<br /> <!--emo&:P--><img src='http://static.lowyat.net/style_emoticons/default/tongue.gif' border='0' style='vertical-align:middle' alt='tongue.gif' /><!--endemo--> All mother board latest bios even the second pc can use nx6600 without problem.<br /> <!--emo&:shakehead:--><img src='http://static.lowyat.net/style_emoticons/default/shakehead.gif' border='0' style='vertical-align:middle' alt='shakehead.gif' /><!--endemo--> I try to searching in the msi forum and other forum to see if any fellow that have same problem with me. But none maybe they dont use this board. <!--emo&:stars:--><img src='http://static.lowyat.net/style_emoticons/default/rclxub.gif' border='0' style='vertical-align:middle' alt='rclxub.gif' /><!--endemo--> <br />What have done is,<br />Change the PSU to 450W chap ayam no luck,<br />Try to put empty hard disk so maybe can try clean format but still stuck on cd loading.<br />Disconnect other thing such as fan and leave the basic thing hd, only or sometimes nothing just run linuxlive on dvd.hehehe<br />Pray and pray.<br /><br />SO my dear fellow can u suggest some sort of solution to me.<br />Thanks. <!--emo&:thumbs:--><img src='http://static.lowyat.net/style_emoticons/default/thumbup.gif' border='0' style='vertical-align:middle' alt='thumbup.gif' /><!--endemo--> vsx70 Technical Support Thu, 12 Jul 2007 11:22:36 +0800 http://forum.lowyat.net/topic/418793 <!--emo&:(--><img src='http://static.lowyat.net/style_emoticons/default/sad.gif' border='0' style='vertical-align:middle' alt='sad.gif' /><!--endemo--> <br /><br />Hi , dear fellow,<br /><br />Currently i&#39;m adding New Sata HD into my RIG as a System. Clean Install. But i disconnect the PATA Drive during that transition. Having no problem can use and watch dvdrw.<br /><br />Atter a week i&#39;m trying to use both with existing PATA drive, because a lot of data and mp3 inside. I dont notice anything wrong until last night i realised that i cannot use the dvdrw anymore(It detect in windows and i still can using nero info tool to read the info, but cannot read and write)) . (PATA Hard disk and DVDRW is in separate port . So no conflict.(My dvdrw still new). <br /><br />I tried by disconnecting the PATA drive and my dvdrw is working again. <!--emo&:stars:--><img src='http://static.lowyat.net/style_emoticons/default/rclxub.gif' border='0' style='vertical-align:middle' alt='rclxub.gif' /><!--endemo--> <br /><br />I&#39;m already tried by changing jumper, cable, update driver, no luck...<br /><br />Maybe someone and somebody can help me............<br /><br />Tqvm..<br /><br /><br /><br /> vsx70 Technical Support Tue, 27 Feb 2007 12:12:48 +0800