<?xml version="1.0" encoding="utf-8"?>
<!-- generator="FeedCreator 1.7.2" -->
<rss version="2.0">
    <channel>
        <title>Lowyat.NET: Latest topics by flarev</title>
        <description></description>
        <link>http://forum.lowyat.net/</link>
        <lastBuildDate>Sun, 05 Jul 2026 20:14:29 +0800</lastBuildDate>
        <generator>FeedCreator 1.7.2</generator>
        <item>
            <title>Infected with spyware or virus ?</title>
            <link>http://forum.lowyat.net/topic/506276</link>
            <description>helping friend to post up this problem&lt;br /&gt;&lt;br /&gt;below is the hijackthis log&lt;br /&gt;&lt;br /&gt;&lt;br /&gt;Logfile of HijackThis v1.99.1&lt;br /&gt;Scan saved at 7:46:37 PM, on 8/17/2007&lt;br /&gt;Platform: Windows XP SP2 (WinNT 5.01.2600)&lt;br /&gt;MSIE: Internet Explorer v7.00 (7.00.5730.0011)&lt;br /&gt;&lt;br /&gt;Running processes:&lt;br /&gt;C:&amp;#092;WINDOWS&amp;#092;System32&amp;#092;smss.exe&lt;br /&gt;C:&amp;#092;WINDOWS&amp;#092;system32&amp;#092;winlogon.exe&lt;br /&gt;C:&amp;#092;WINDOWS&amp;#092;system32&amp;#092;services.exe&lt;br /&gt;C:&amp;#092;WINDOWS&amp;#092;system32&amp;#092;lsass.exe&lt;br /&gt;C:&amp;#092;WINDOWS&amp;#092;system32&amp;#092;Ati2evxx.exe&lt;br /&gt;C:&amp;#092;WINDOWS&amp;#092;system32&amp;#092;svchost.exe&lt;br /&gt;C:&amp;#092;WINDOWS&amp;#092;System32&amp;#092;svchost.exe&lt;br /&gt;C:&amp;#092;WINDOWS&amp;#092;system32&amp;#092;Ati2evxx.exe&lt;br /&gt;C:&amp;#092;WINDOWS&amp;#092;system32&amp;#092;spoolsv.exe&lt;br /&gt;C:&amp;#092;Program Files&amp;#092;Kaspersky Lab&amp;#092;Kaspersky Anti-Virus 7.0&amp;#092;avp.exe&lt;br /&gt;C:&amp;#092;Program Files&amp;#092;Common Files&amp;#092;Microsoft Shared&amp;#092;VS7DEBUG&amp;#092;MDM.EXE&lt;br /&gt;C:&amp;#092;WINDOWS&amp;#092;system32&amp;#092;HPZipm12.exe&lt;br /&gt;C:&amp;#092;Program Files&amp;#092;CyberLink&amp;#092;Shared files&amp;#092;RichVideo.exe&lt;br /&gt;C:&amp;#092;WINDOWS&amp;#092;system32&amp;#092;slserv.exe&lt;br /&gt;C:&amp;#092;WINDOWS&amp;#092;system32&amp;#092;svchost.exe&lt;br /&gt;C:&amp;#092;WINDOWS&amp;#092;system32&amp;#092;wuauclt.exe&lt;br /&gt;C:&amp;#092;WINDOWS&amp;#092;Explorer.EXE&lt;br /&gt;C:&amp;#092;WINDOWS&amp;#092;system32&amp;#092;ctfmon.exe&lt;br /&gt;C:&amp;#092;Program Files&amp;#092;Java&amp;#092;jre1.5.0_08&amp;#092;bin&amp;#092;jusched.exe&lt;br /&gt;C:&amp;#092;WINDOWS&amp;#092;RTHDCPL.EXE&lt;br /&gt;C:&amp;#092;WINDOWS&amp;#092;System32&amp;#092;spool&amp;#092;DRIVERS&amp;#092;W32X86&amp;#092;3&amp;#092;E_S4I3V1.EXE&lt;br /&gt;C:&amp;#092;Program Files&amp;#092;HP&amp;#092;HP Software Update&amp;#092;HPWuSchd2.exe&lt;br /&gt;C:&amp;#092;Program Files&amp;#092;Kaspersky Lab&amp;#092;Kaspersky Anti-Virus 7.0&amp;#092;avp.exe&lt;br /&gt;C:&amp;#092;Program Files&amp;#092;ATI Technologies&amp;#092;ATI.ACE&amp;#092;Core-Static&amp;#092;MOM.EXE&lt;br /&gt;C:&amp;#092;Program Files&amp;#092;MSN Messenger&amp;#092;MsnMsgr.Exe&lt;br /&gt;C:&amp;#092;Program Files&amp;#092;ATI Technologies&amp;#092;ATI.ACE&amp;#092;Core-Static&amp;#092;ccc.exe&lt;br /&gt;C:&amp;#092;WINDOWS&amp;#092;system32&amp;#092;wuauclt.exe&lt;br /&gt;C:&amp;#092;Program Files&amp;#092;Internet Explorer&amp;#092;iexplore.exe&lt;br /&gt;C:&amp;#092;Program Files&amp;#092;Common Files&amp;#092;Microsoft Shared&amp;#092;Windows Live&amp;#092;WLLoginProxy.exe&lt;br /&gt;C:&amp;#092;Documents and Settings&amp;#092;User&amp;#092;Desktop&amp;#092;Hijackthis&amp;#092;HijackThis.exe&lt;br /&gt;&lt;br /&gt;R0 - HKCU&amp;#092;Software&amp;#092;Microsoft&amp;#092;Internet Explorer&amp;#092;Main,Start Page = &lt;a href='http://go.microsoft.com/fwlink/?linkid=677' target='_blank'&gt;http://go.microsoft.com/fwlink/?linkid=677&lt;/a&gt;&lt;br /&gt;R1 - HKLM&amp;#092;Software&amp;#092;Microsoft&amp;#092;Internet Explorer&amp;#092;Main,Default_Page_URL = &lt;a href='http://go.microsoft.com/fwlink/?LinkId=69157' target='_blank'&gt;http://go.microsoft.com/fwlink/?LinkId=69157&lt;/a&gt;&lt;br /&gt;R1 - HKLM&amp;#092;Software&amp;#092;Microsoft&amp;#092;Internet Explorer&amp;#092;Main,Default_Search_URL = &lt;a href='http://go.microsoft.com/fwlink/?LinkId=54896' target='_blank'&gt;http://go.microsoft.com/fwlink/?LinkId=54896&lt;/a&gt;&lt;br /&gt;R1 - HKLM&amp;#092;Software&amp;#092;Microsoft&amp;#092;Internet Explorer&amp;#092;Main,Search Page = &lt;a href='http://go.microsoft.com/fwlink/?LinkId=54896' target='_blank'&gt;http://go.microsoft.com/fwlink/?LinkId=54896&lt;/a&gt;&lt;br /&gt;R0 - HKLM&amp;#092;Software&amp;#092;Microsoft&amp;#092;Internet Explorer&amp;#092;Main,Start Page = &lt;a href='http://go.microsoft.com/fwlink/?LinkId=69157' target='_blank'&gt;http://go.microsoft.com/fwlink/?LinkId=69157&lt;/a&gt;&lt;br /&gt;R1 - HKCU&amp;#092;Software&amp;#092;Microsoft&amp;#092;Internet Explorer&amp;#092;Main,Window Title = Hacked by 8BITS&lt;br /&gt;O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:&amp;#092;Program Files&amp;#092;Adobe&amp;#092;Acrobat 7.0&amp;#092;ActiveX&amp;#092;AcroIEHelper.dll&lt;br /&gt;O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:&amp;#092;Program Files&amp;#092;Java&amp;#092;jre1.5.0_08&amp;#092;bin&amp;#092;ssv.dll&lt;br /&gt;O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)&lt;br /&gt;O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:&amp;#092;Program Files&amp;#092;Common Files&amp;#092;Microsoft Shared&amp;#092;Windows Live&amp;#092;WindowsLiveLogin.dll&lt;br /&gt;O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:&amp;#092;Program Files&amp;#092;Windows Live Toolbar&amp;#092;msntb.dll&lt;br /&gt;O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:&amp;#092;Program Files&amp;#092;EPSON&amp;#092;EPSON Web-To-Page&amp;#092;EPSON Web-To-Page.dll&lt;br /&gt;O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:&amp;#092;Program Files&amp;#092;EPSON&amp;#092;EPSON Web-To-Page&amp;#092;EPSON Web-To-Page.dll&lt;br /&gt;O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:&amp;#092;Program Files&amp;#092;Windows Live Toolbar&amp;#092;msntb.dll&lt;br /&gt;O4 - HKLM&amp;#092;..&amp;#092;Run: [SunJavaUpdateSched] &amp;quot;C:&amp;#092;Program Files&amp;#092;Java&amp;#092;jre1.5.0_08&amp;#092;bin&amp;#092;jusched.exe&amp;quot;&lt;br /&gt;O4 - HKLM&amp;#092;..&amp;#092;Run: [IMJPMIG8.1] &amp;quot;C:&amp;#092;WINDOWS&amp;#092;IME&amp;#092;imjp8_1&amp;#092;IMJPMIG.EXE&amp;quot; /Spoil /RemAdvDef /Migration32&lt;br /&gt;O4 - HKLM&amp;#092;..&amp;#092;Run: [MSPY2002] C:&amp;#092;WINDOWS&amp;#092;system32&amp;#092;IME&amp;#092;PINTLGNT&amp;#092;ImScInst.exe /SYNC&lt;br /&gt;O4 - HKLM&amp;#092;..&amp;#092;Run: [PHIME2002ASync] C:&amp;#092;WINDOWS&amp;#092;system32&amp;#092;IME&amp;#092;TINTLGNT&amp;#092;TINTSETP.EXE /SYNC&lt;br /&gt;O4 - HKLM&amp;#092;..&amp;#092;Run: [PHIME2002A] C:&amp;#092;WINDOWS&amp;#092;system32&amp;#092;IME&amp;#092;TINTLGNT&amp;#092;TINTSETP.EXE /IMEName&lt;br /&gt;O4 - HKLM&amp;#092;..&amp;#092;Run: [RTHDCPL] RTHDCPL.EXE&lt;br /&gt;O4 - HKLM&amp;#092;..&amp;#092;Run: [Alcmtr] ALCMTR.EXE&lt;br /&gt;O4 - HKLM&amp;#092;..&amp;#092;Run: [EPSON Stylus CX1500 Series] C:&amp;#092;WINDOWS&amp;#092;System32&amp;#092;spool&amp;#092;DRIVERS&amp;#092;W32X86&amp;#092;3&amp;#092;E_S4I3V1.EXE /P26 &amp;quot;EPSON Stylus CX1500 Series&amp;quot; /O6 &amp;quot;USB001&amp;quot; /M &amp;quot;Stylus CX1500&amp;quot;&lt;br /&gt;O4 - HKLM&amp;#092;..&amp;#092;Run: [EPSON Stylus CX1500 Series (Copy 1)] C:&amp;#092;WINDOWS&amp;#092;System32&amp;#092;spool&amp;#092;DRIVERS&amp;#092;W32X86&amp;#092;3&amp;#092;E_S4I3V1.EXE /P35 &amp;quot;EPSON Stylus CX1500 Series (Copy 1)&amp;quot; /O5 &amp;quot;LPT1:&amp;quot; /M &amp;quot;Stylus CX1500&amp;quot;&lt;br /&gt;O4 - HKLM&amp;#092;..&amp;#092;Run: [HP Software Update] C:&amp;#092;Program Files&amp;#092;HP&amp;#092;HP Software Update&amp;#092;HPWuSchd2.exe&lt;br /&gt;O4 - HKLM&amp;#092;..&amp;#092;Run: [AVP] &amp;quot;C:&amp;#092;Program Files&amp;#092;Kaspersky Lab&amp;#092;Kaspersky Anti-Virus 7.0&amp;#092;avp.exe&amp;quot;&lt;br /&gt;O4 - HKCU&amp;#092;..&amp;#092;Run: [ctfmon.exe] C:&amp;#092;WINDOWS&amp;#092;system32&amp;#092;ctfmon.exe&lt;br /&gt;O4 - HKCU&amp;#092;..&amp;#092;Run: [StartCCC] C:&amp;#092;Program Files&amp;#092;ATI Technologies&amp;#092;ATI.ACE&amp;#092;Core-Static&amp;#092;CLIStart.exe&lt;br /&gt;O4 - HKCU&amp;#092;..&amp;#092;Run: [MsnMsgr] &amp;quot;C:&amp;#092;Program Files&amp;#092;MSN Messenger&amp;#092;MsnMsgr.Exe&amp;quot; /background&lt;br /&gt;O7 - HKCU&amp;#092;Software&amp;#092;Microsoft&amp;#092;Windows&amp;#092;CurrentVersion&amp;#092;Policies&amp;#092;System, DisableRegedit=1&lt;br /&gt;O8 - Extra context menu item: &amp;amp;ieSpell Options - res://C:&amp;#092;Program Files&amp;#092;ieSpell&amp;#092;iespell.dll/SPELLOPTION.HTM&lt;br /&gt;O8 - Extra context menu item: &amp;amp;Windows Live Search - res://C:&amp;#092;Program Files&amp;#092;Windows Live Toolbar&amp;#092;msntb.dll/search.htm&lt;br /&gt;O8 - Extra context menu item: Check &amp;amp;Spelling - res://C:&amp;#092;Program Files&amp;#092;ieSpell&amp;#092;iespell.dll/SPELLCHECK.HTM&lt;br /&gt;O8 - Extra context menu item: E&amp;amp;xport to Microsoft Excel - res://C:&amp;#092;PROGRA~1&amp;#092;MICROS~3&amp;#092;OFFICE11&amp;#092;EXCEL.EXE/3000&lt;br /&gt;O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:&amp;#092;Program Files&amp;#092;ieSpell&amp;#092;iespell.dll&lt;br /&gt;O9 - Extra &amp;#39;Tools&amp;#39; menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:&amp;#092;Program Files&amp;#092;ieSpell&amp;#092;iespell.dll&lt;br /&gt;O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:&amp;#092;Program Files&amp;#092;ieSpell&amp;#092;iespell.dll&lt;br /&gt;O9 - Extra &amp;#39;Tools&amp;#39; menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:&amp;#092;Program Files&amp;#092;ieSpell&amp;#092;iespell.dll&lt;br /&gt;O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:&amp;#092;Program Files&amp;#092;Kaspersky Lab&amp;#092;Kaspersky Anti-Virus 7.0&amp;#092;SCIEPlgn.dll&lt;br /&gt;O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:&amp;#092;PROGRA~1&amp;#092;MICROS~3&amp;#092;OFFICE11&amp;#092;REFIEBAR.DLL&lt;br /&gt;O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%&amp;#092;Network Diagnostic&amp;#092;xpnetdiag.exe (file missing)&lt;br /&gt;O9 - Extra &amp;#39;Tools&amp;#39; menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%&amp;#092;Network Diagnostic&amp;#092;xpnetdiag.exe (file missing)&lt;br /&gt;O9 - Extra button: Yahoo&amp;#33; Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:&amp;#092;Program Files&amp;#092;Yahoo&amp;#33;&amp;#092;Messenger&amp;#092;YahooMessenger.exe&lt;br /&gt;O9 - Extra &amp;#39;Tools&amp;#39; menuitem: Yahoo&amp;#33; Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:&amp;#092;Program Files&amp;#092;Yahoo&amp;#33;&amp;#092;Messenger&amp;#092;YahooMessenger.exe&lt;br /&gt;O11 - Options group: [INTERNATIONAL] International*&lt;br /&gt;O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:&amp;#092;PROGRA~1&amp;#092;MSNMES~1&amp;#092;MSGRAP~1.DLL&lt;br /&gt;O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:&amp;#092;Program Files&amp;#092;Common Files&amp;#092;Microsoft Shared&amp;#092;Help&amp;#092;hxds.dll&lt;br /&gt;O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:&amp;#092;PROGRA~1&amp;#092;MSNMES~1&amp;#092;MSGRAP~1.DLL&lt;br /&gt;O20 - Winlogon Notify: klogon - C:&amp;#092;WINDOWS&amp;#092;system32&amp;#092;klogon.dll&lt;br /&gt;O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:&amp;#092;WINDOWS&amp;#092;system32&amp;#092;WPDShServiceObj.dll&lt;br /&gt;O23 - Service: Adobe LM Service - Adobe Systems - C:&amp;#092;Program Files&amp;#092;Common Files&amp;#092;Adobe Systems Shared&amp;#092;Service&amp;#092;Adobelmsvc.exe&lt;br /&gt;O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:&amp;#092;WINDOWS&amp;#092;system32&amp;#092;Ati2evxx.exe&lt;br /&gt;O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Unknown owner - C:&amp;#092;Program Files&amp;#092;Kaspersky Lab&amp;#092;Kaspersky Anti-Virus 7.0&amp;#092;avp.exe&amp;quot; -r (file missing)&lt;br /&gt;O23 - Service: SQL Server (SQLEXPRESS) (MSSQL&amp;#036;SQLEXPRESS) - Unknown owner - C:&amp;#092;Program Files&amp;#092;Microsoft SQL Server&amp;#092;MSSQL.1&amp;#092;MSSQL&amp;#092;Binn&amp;#092;sqlservr.exe&amp;quot; -sSQLEXPRESS (file missing)&lt;br /&gt;O23 - Service: Pml Driver HPZ12 - HP - C:&amp;#092;WINDOWS&amp;#092;system32&amp;#092;HPZipm12.exe&lt;br /&gt;O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:&amp;#092;Program Files&amp;#092;CyberLink&amp;#092;Shared files&amp;#092;RichVideo.exe&lt;br /&gt;O23 - Service: SmartLinkService (SLService) - Smart Link - C:&amp;#092;WINDOWS&amp;#092;SYSTEM32&amp;#092;slserv.exe</description>
            <author>flarev</author>
            <category>Technical Support</category>
            <pubDate>Fri, 17 Aug 2007 19:53:35 +0800</pubDate>
        </item>
    </channel>
</rss>
