Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Slow Computer


  • Please log in to reply
1 reply to this topic

#1 Shinryuu

Shinryuu

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:50 PM

Posted 27 July 2007 - 08:02 PM

So my friend's computer has been slow for a while. He knows he has some viruses, but doesn't know how to get rid of them. I scanned his computer with Hijackthis, and I'm putting it here, so you can see what's wrong. He has some Korean files on his computer, and therefore might have some korean viruses; noting anything out the ordinary might be good. Here it is, then:

Logfile of HijackThis v1.99.1
Scan saved at 오후 5:58:01, on 2007-07-27
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\AhnLab\Smart Update Utility\AhnSD.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\MSN Messenger\Device Manager\Loc\3099\msnmsgr.exe
C:\Program Files\NATEON\Addin\B926D852-194B-4c62-9C73-3F0ECA8950EA\NateOnMain.exe
C:\WINDOWS\system32\runcheck.exe
C:\Program Files\AhnLab\V3\MonSysNT.exe
C:\Program Files\AhnLab\V3\V3P3AT.exe
C:\WINDOWS\system32\DirectX\Dinput\smss.exe
C:\Program Files\AhnLab\AhnLab SpyZero 2.0\AszTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\4875\Winspss.exe
C:\Program Files\ESTsoft\ALZip\Banner\alzip.exe
C:\Program Files\Ahead\Nero\CDI\neroburn.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\pc\LOCALS~1\Temp\imontmp.exe
C:\DOCUME~1\pc\LOCALS~1\Temp\7montmp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\MWGuide\MWGuide.exe
C:\Program Files\AhnLab\Smart Update Utility\AhnSDsv.exe
C:\PROGRA~1\AhnLab\V3\MonSvcNT.exe
C:\Program Files\Nexon\바람의나라\npkcmsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\Algsvc.exe
C:\Program Files\Common Files\System\Ctfsys.exe
C:\Program Files\Common Files\System\Npchosts.exe
C:\Program Files\Common Files\services\syssvc.exe
C:\Program Files\AhnLab\AhnLab SpyZero 2.0\AszMon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\PROGRA~1\AhnLab\V3\V3IMPro.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\pc\Desktop\HijackThis.exe

R3 - URLSearchHook: 야후! 툴바 - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: InHtml Class - {543A131C-2311-494b-ABDB-056A4DB49BD0} - C:\WINDOWS\system32\atmfd32.dll
O2 - BHO: InHtml Class - {543A131C-2311-494b-ABDB-056A4DB49BD1} - C:\WINDOWS\system32\atmfd32.dll
O2 - BHO: NetCtrl Class - {68FACDB7-76C2-481F-BED0-5176BFC06F40} - C:\WINDOWS\system32\jng.dll
O2 - BHO: chkprc Class - {7DA7BE7D-A382-4AA7-A125-CA55A2070125} - C:\WINDOWS\system32\onpcs.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {900F4412-C5F4-4B5C-BF5D-F73D5D458B9B} - C:\PROGRA~1\POINTP~1\pplus.dll (file missing)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (file missing)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.5672\swg.dll (file missing)
O2 - BHO: EDLApp Class - {BAA2F47D-9CF7-4015-8A29-89C46824A448} - C:\WINDOWS\upcontrol.dll
O2 - BHO: ppext - {CE52C857-01EB-4FA2-996E-52C8D6879632} - C:\PROGRA~1\PEXTSE~1\ppext.dll
O2 - BHO: ErWindow Class - {D12D2157-33E5-45f0-8E58-4D65035D2983} - C:\Program Files\erWindow\ErWindow.dll (file missing)
O2 - BHO: ApoUp Class - {DA96C092-D3A6-4772-AB95-21523D152BEA} - C:\WINDOWS\system32\apo.dll
O2 - BHO: IEHelp Class - {FBF33E65-97E3-4F9F-A61E-32D42FA1A85A} - C:\WINDOWS\system32\Iehelpcode.dll
O2 - BHO: (no name) - {FF71FF86-04AC-4cb2-A35A-1262BF791A01} - (no file)
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AHNSD] "C:\Program Files\AhnLab\Smart Update Utility\AhnSD.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [iRiver Updater] \Updater.exe
O4 - HKLM\..\Run: [FPM Exe] "C:\Program Files\Fasoo DRM\fpm.exe"
O4 - HKLM\..\Run: [FPH Exe] "C:\Program Files\Fasoo DRM\fph.exe"
O4 - HKLM\..\Run: [MSNMessenger] "C:\Program Files\MSN Messenger\Device Manager\Loc\3099\msnmsgr.exe"
O4 - HKLM\..\Run: [NateOnMain] C:\Program Files\NATEON\Addin\B926D852-194B-4c62-9C73-3F0ECA8950EA\NateOnMain.exe
O4 - HKLM\..\Run: [Xweb] "C:\Program Files\SoftForum\XecureWeb\ActiveX\Xecureweb.exe"
O4 - HKLM\..\Run: [vaccine-system] "C:\Program Files\vaccine-system\VSUpdater.exe"
O4 - HKLM\..\Run: [바이러스백신] C:\Program Files\바이러스백신\vivaccine.exe 1
O4 - HKLM\..\Run: [asro] C:\WINDOWS\asrotray.exe
O4 - HKLM\..\Run: [피씨세이프] C:\Program Files\피씨세이프\pcsafe.exe 1
O4 - HKLM\..\Run: [pcmedic] C:\Program Files\pcmedic\pcmedic.exe Icon
O4 - HKLM\..\Run: [bmalert] C:\Program Files\pcmedic\bmalert.exe
O4 - HKLM\..\Run: [ati2evxx] "C:\Program Files\ATI Technologies\ATI HYDRAVISION\ati2evxx.exe"
O4 - HKLM\..\Run: [runcheck] C:\WINDOWS\system32\runcheck.exe
O4 - HKLM\..\Run: [plusup] C:\Program Files\pointplus\plusup.exe
O4 - HKLM\..\Run: [smss] "C:\WINDOWS\system32\DirectX\Dinput\smss.exe"
O4 - HKLM\..\Run: [msdirect] C:\Program Files\Common Files\System\msdirect.exe
O4 - HKLM\..\Run: [qwcjo] C:\WINDOWS\system32\ryfnt.exe
O4 - HKLM\..\Run: [dllon] C:\Program Files\Internet Explorer\PLUGINS\dllon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AntiSpyware SpyxPro] C:\Program Files\SpyxPro\spsvc.exe /run
O4 - HKLM\..\Run: [AVP sub] C:\WINDOWS\system32\4875\Winspss.exe
O4 - HKLM\..\Run: [svcman] C:\Program Files\Common Files\Microsoft Shared\svcman.exe
O4 - HKLM\..\Run: [csrsss] "C:\WINDOWS\Help\csrsss.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [iyesb7] C:\WINDOWS\system32\iyesb7.exe
O4 - HKLM\..\Run: [b8ttui] C:\WINDOWS\system32\b8ttui.exe
O4 - HKLM\..\Run: [IG] C:\Program Files\IGood\IGInit.exe
O4 - HKLM\..\Run: [컴퓨터백신] C:\Program Files\컴퓨터백신\updater.exe
O4 - HKLM\..\Run: [WebSite.exe] C:\Program Files\WebSite\WebSite.exe
O4 - HKLM\..\Run: [Esearch.exe] C:\Program Files\Esearch\Esearch.exe
O4 - HKLM\..\Run: [alzip] "C:\Program Files\ESTsoft\ALZip\Banner\alzip.exe"
O4 - HKLM\..\Run: [neroburn] "C:\Program Files\Ahead\Nero\CDI\neroburn.exe"
O4 - HKLM\..\Run: [222vz] C:\WINDOWS\system32\oobe\html\mouse\images\2i266\222vz.exe
O4 - HKLM\..\Run: [acb] C:\WINDOWS\system32\oobe\html\mouse\images\c0c\acb.exe
O4 - HKLM\..\Run: [PPService] c:\program files\pextservice\ppextup.exe start
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [nwproc] C:\Program Files\nwproc\nwproc.exe
O4 - HKCU\..\Run: [NeedWeb] C:\Program Files\NeedWeb\NeedWeb.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [internet_webplayer] C:\Program Files\internet_webplayer\internet_webplayer.exe /WS
O4 - HKCU\..\Run: [MSNMessenger] "C:\Program Files\MSN Messenger\Device Manager\Loc\3099\msnmsgr.exe"
O4 - HKCU\..\Run: [NateOnMain] C:\Program Files\NATEON\Addin\B926D852-194B-4c62-9C73-3F0ECA8950EA\NateOnMain.exe
O4 - HKCU\..\Run: [Xweb] "C:\Program Files\SoftForum\XecureWeb\ActiveX\Xecureweb.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [erWindow] C:\Program Files\erWindow\erWindow.exe
O4 - HKCU\..\Run: [asro] C:\WINDOWS\asrotray.exe
O4 - HKCU\..\Run: [mswasie.exe] C:\WINDOWS\system32\mswasie.exe
O4 - HKCU\..\Run: [memo32] C:\WINDOWS\system32\memo32.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [npx32] C:\WINDOWS\system32\npx32.exe
O4 - HKCU\..\Run: [ati2evxx] "C:\Program Files\ATI Technologies\ATI HYDRAVISION\ati2evxx.exe"
O4 - HKCU\..\Run: [MWGuide] C:\Program Files\MWGuide\MWGuide.exe
O4 - HKCU\..\Run: [ntios32] C:\WINDOWS\system32\ntios32.exe
O4 - HKCU\..\Run: [smss] "C:\WINDOWS\system32\DirectX\Dinput\smss.exe"
O4 - HKCU\..\Run: [befile] C:\WINDOWS\befile.exe
O4 - HKCU\..\Run: [csrsss] "C:\WINDOWS\Help\csrsss.exe"
O4 - HKCU\..\Run: [alzip] "C:\Program Files\ESTsoft\ALZip\Banner\alzip.exe"
O4 - HKCU\..\Run: [neroburn] "C:\Program Files\Ahead\Nero\CDI\neroburn.exe"
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: LCDPlayer.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00001023-A15C-11D4-97A4-0050BF0FBE67} (NetmarbleStarter23 Class) - http://download.netmarble.com/web/nmstarter/NMStarter23.cab
O16 - DPF: {00001024-A15C-11D4-97A4-0050BF0FBE67} (NetmarbleStarter24 Class) - http://download.netmarble.com/web/nmstarter/NMStarter24.cab
O16 - DPF: {00001024-B831-448B-9ABD-3D3DF187F359} (DaumGameStarter24 Class) - http://download.netmarble.com/web/nmstarte...meStarter24.cab
O16 - DPF: {00001025-B831-448B-9ABD-3D3DF187F359} (DaumGameStarter25 Class) - http://download.netmarble.com/web/nmstarte...meStarter25.cab
O16 - DPF: {0249F8C1-DF09-4D21-9AD0-6D90A1F9814E} (Ctrl_GetMySpecOCX Control) - http://onair.ohdio.com/ohdio/OnAirLauncher...irOnlineOCX.cab
O16 - DPF: {04E7BADF-F3B9-420D-B82D-8D8CADEFE4F9} (CyImage2Ctl Class) - http://cyimg6.cyworld.nate.com/ImageUpload...mageUpload2.cab
O16 - DPF: {072039AB-2117-4ED5-A85F-9B9EB903E021} (NowStarter Control) - http://www.clubbox.co.kr/neo.fld/NowStarter.cab
O16 - DPF: {0CBF7EDC-17EC-442C-8AE9-5E804707B6CA} (NeffyClient Class) - http://dist.cdnetworks.co.kr/cdndist/neffy/Neffy.cab
O16 - DPF: {15AECD82-DA7D-4EC5-B57F-ED578D84C3F9} (DaumFileControl Control) - http://file.daum.net/down/DaumFile.cab
O16 - DPF: {15C4019C-C917-4905-999A-99B4EC71B7CF} (DaumPlayerPan Class) - http://listen.daum.net/52st/DaumMPlayer/DaumMPlayer.dll
O16 - DPF: {1DE9BB01-B121-401D-8877-BCD5ED5B7EE5} (Tpwin Control) - http://www.crezio.com/test/leeyunho/AlwaysOn/AlwaysOn.CAB
O16 - DPF: {21FDDE58-51A6-402A-8040-39DA033DC196} (Pull0PlayerX Control) - http://image.pullbbang.com/newTop/Pull0Control.ocx
O16 - DPF: {26F6DA1C-EDCF-4188-B94E-1501A56D1404} (CNeopleInstallAXCtlKor8 Object) - http://d-fighter.nefficient.co.kr/samsungd...e_installer.cab
O16 - DPF: {28C2B1EF-48A4-49F0-A7B5-414DB174E745} (DekaronPMang Control) - http://file.dekaron.co.kr/_DownUtil/syscab/DekaronPMang.cab
O16 - DPF: {2931566C-B8A6-46C5-BF4D-E6AB9251E953} (Nexon Package Manager Control) - http://s.nx.com/activex/public_new/nxpm.cab
O16 - DPF: {3270EED1-B285-4828-A0A7-F55913A9B724} (S2PlayerPan Class) - http://listen.daum.net/52st/52street/S2MusicPlayer.dll
O16 - DPF: {3695B964-7E17-4B45-AF5F-666C3D84CD4D} (Qplay Connection Control) - http://qplay.nx.com/ActiveX/Public/QxConn.cab
O16 - DPF: {377FF862-62E0-4F33-B6E5-F58E0BC0F209} (NlsComm Component Class) - http://login.hanbiton.com/cab/NLSnSSO.cab
O16 - DPF: {4207C2D0-DABA-445B-B40E-A8E1A072FBE6} (CNeopleInstallAXCtl6 Object) - http://d-fighter.nefficient.co.kr/samsungd...e_installer.cab
O16 - DPF: {4F091885-8A80-478E-8F48-C53508CA12FD} (DekaronAutoPlay Control) - http://file.dekaron.co.kr/_DownUtil/syscab/Dekaron.CAB
O16 - DPF: {5876CAD0-1636-42EA-AC50-4C06F3196089} (HanGamePlugin19 Class) - http://down.hangame.com/dist/activex/HanGamePlugin19.cab
O16 - DPF: {5C093CC9-78CC-41FA-A655-B40EDC632E8C} (CHanInstallShieldXI Object) - http://d-fighter.nefficient.co.kr/samsungd...e_installer.cab
O16 - DPF: {6A2E758A-028B-46BB-A11D-0608AB5A4ED3} (DaumBGMCtrl Class) - http://listen.daum.net/52st/bgmplayer/Daum52stBGMPlayer.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1009874502593
O16 - DPF: {7606693A-C18D-4567-AF85-6194FF70761E} (GomWeb Control) - http://app.ipop.co.kr/gom/GomWeb.cab
O16 - DPF: {7623BE59-D4CF-4379-ABC4-B39E11854D66} (MabinogiWebAvatarRenderer Class) - http://avatar.mabinogi.com:88/renderer/mab....2006.12.27.cab
O16 - DPF: {7A27CAE3-09E1-4A3D-A409-D8DE9AD041C7} (JoyOn Control) - http://joyon.nefficient.co.kr/joyon/board/...tiveX/joyon.cab
O16 - DPF: {7B41B7AC-3496-4C13-A70F-DE6B60A6A8A8} (MGAME manager Class) - http://download.mgame.com/download/cab/mgmanagerv1001.cab
O16 - DPF: {7C564BC7-73BD-4750-A90A-8FF2D8C8C64B} (SysInfo Control) - http://www.cabal.co.kr/Include/SysInfo.cab
O16 - DPF: {81402E2F-73D7-441D-9992-2DBD07B00E21} (SunReportX Control) - http://www.sunonline.co.kr/Common/SunReportX.cab
O16 - DPF: {81DC74C9-7B3E-4708-849A-1745754666BA} (MUPY Control) - http://music.freechal.com/player/MUPY.cab
O16 - DPF: {8AB8BEAA-001B-4F5E-AB26-46D5611B10DE} (CM9ActiveX Object) - http://joyon.nefficient.co.kr/joyon/twitch...X/M9ActiveX.cab
O16 - DPF: {8FAC8093-435B-440A-B5C0-9130B7180844} - http://down.bugkorea.net/bugkorea.cab
O16 - DPF: {92E82FBB-DA00-41E0-ABFE-95482E21A4F6} (NMTransX Module) - http://download.netmarble.com/NMChatX/NMTransX.cab
O16 - DPF: {934CEFDC-E880-446F-880F-6560F613D8AA} (FCliVer Class) - http://www.conpia.com/0511/tv/Fasoo/Client...(v1.2.28.0).cab
O16 - DPF: {938527D1-CDB7-4147-998A-B20FCA5CC976} (Cdmcco Class) - http://cafeimg.hanmail.net/cab9_1/dmcc2.cab?Version=1,0,0,10
O16 - DPF: {9B75502C-BBED-4BBD-8FE2-822E5E0AD32C} (MagicLockOCX Control) - http://www.diodeo.com/DioDeoPlayer.cab
O16 - DPF: {9CDD57AC-CA86-464C-B920-3228A388CC78} (NaverFileControl Control) - http://file.naver.com/down/NaverFile.cab
O16 - DPF: {A4508A45-F1C4-40F3-99B4-0CA08AC77E3B} (Kdfense8 Control) - http://download.netmarble.com/kdefence/kdfense8237.cab
O16 - DPF: {A5F3B5CF-A05F-479E-B684-13AA512A7B93} (YGLauncher Control) - http://kr.pubbase.yahoo.com/gamesetup/YGLauncher2.cab
O16 - DPF: {A61CDB30-2B8F-4910-B57B-ED2A503A523D} (PlenusBrowser Control) - http://download.netmarble.com/web/6N/Comn/...otoTool1005.cab
O16 - DPF: {A6557A7B-E56F-4C38-806B-9C2C0C8066EE} (CNeopleInstallAXCtl4 Object) - http://d-fighter.nefficient.co.kr/samsungd...e_installer.cab
O16 - DPF: {A977FF0C-8757-4E76-8533-482F91946233} (Neowiz Login Control) - http://dl.sayclub.com/sayclub/sayctl/sayax.cab
O16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} (NeffyLauncherCtl Class) - http://dist.cdnetworks.co.kr/cdndist/neffy...ffyLauncher.cab
O16 - DPF: {AB4ADC0F-2B4B-4B08-8B5C-CA4D6188A180} (P3Xfer Loader Class) - http://package.hyosungcdn.com/download/p3xset.cab
O16 - DPF: {AF60D574-F249-4243-8040-5521AAA5BB5E} (PandoraTVSet Class) - http://imgcdn.pandora.tv/pan_img/p3player/...ge/pdrtvset.cab
O16 - DPF: {B005D02C-E461-4851-8A79-C7FDC8563C07} (BBNPort Class) - http://user.buddybuddy.co.kr/cab/BBNPort.cab
O16 - DPF: {B3FE4217-1335-4D02-A7C0-9A5CE9E6640E} (MADanalCtrl Control) - http://www.csafer.net/activex/MADanalCtrl2.cab
O16 - DPF: {B8C4B31D-6DCE-4DF0-BF73-44686849F67D} (PDRInst1 Class) - http://imgcdn.pandora.tv/pan_img/p3player/...age/pdrinst.cab
O16 - DPF: {B9B38E70-EEF6-4E3A-AE84-DDE59A053B7C} (Daum ActiveX manager Class) - http://cafeimg.hanmail.net/cto/xman.cab?ver=1,2,2,0
O16 - DPF: {C044CD87-DFB0-4130-A5E4-49361106FBC8} (HanSetupCtrl1009 Class) - http://www.hangame.com/common/HanSetup1009.cab
O16 - DPF: {C394A9A2-C51D-4C26-BB2C-6DEB30A890F4} (ActiveDiodeoPlayer Control) - http://www.diodeo.com/ActiveDiodeoPlayer.cab
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownlo...GPlugin9USA.cab
O16 - DPF: {CEE326E8-7571-4086-B347-3C0ACA9A9DE8} (PcubeSet Class) - http://config.hyosungcdn.com/download/hsloadset.cab
O16 - DPF: {CFCB7308-782F-11D4-BE27-000102598CE4} (NPX Control) - http://d-fighter.nefficient.co.kr/samsungd...protect/npx.cab
O16 - DPF: {D26A941D-7E89-4098-B583-43291FC14218} (Pull0PlayerX Control) - http://image.pullbbang.com/images/Pull0Control.ocx
O16 - DPF: {D3AC6FD2-CB12-496A-99C5-949CCE9E7262} (SdgoSupportToolCtrl Class) - http://gundam.netmarble.net/Component/Sdgo...SupportTool.CAB
O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} (NPKCX Control) - http://d-fighter.nefficient.co.kr/samsungd...Crypt/npkcx.cab
O16 - DPF: {F4A1D5E2-AF49-47A7-A945-23038106F3A4} (Pandora_SetUp Control) - http://imgcdn.pandora.tv/pan_img/launcher/...ora_SetUpAX.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: adepuziya - Unknown owner - C:\WINDOWS\adepuziya.exe
O23 - Service: AhnLab Task Scheduler - AhnLab, Inc. - C:\Program Files\AhnLab\Smart Update Utility\AhnSDsv.exe
O23 - Service: ebut - Unknown owner - C:\WINDOWS\ebut.exe
O23 - Service: Error Event Log (ereventlog) - Unknown owner - C:\WINDOWS\system32\drivers\erelog.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod 서비스 (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MonSvcNT - AhnLab, Inc. - C:\PROGRA~1\AhnLab\V3\MonSvcNT.exe
O23 - Service: Service Controls Applications Module (Msmgrsvr) - Unknown owner - C:\WINDOWS\system32\msmgrsvr.exe
O23 - Service: npkcmsvc - Unknown owner - C:\Program Files\Nexon\바람의나라\npkcmsvc.exe (file missing)
O23 - Service: npkcsvc - INCA Internet Co., Ltd. - C:\WINDOWS\system32\npkcsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Session Simulator (sessionsim) - Unknown owner - C:\Program Files\NetMeeting\sssnsml.exe
O23 - Service: Web Brower (spoolsvc_c1) - Unknown owner - C:\Program Files\Common Files\Algsvc.exe
O23 - Service: Distribute Support (spoolsvc_c2) - Unknown owner - C:\Program Files\Common Files\System\Ctfsys.exe
O23 - Service: Security Support (spoolsvc_c3) - Unknown owner - C:\Program Files\Common Files\System\Npchosts.exe
O23 - Service: Application Manager (spoolsvc_m) - Unknown owner - C:\Program Files\Common Files\services\syssvc.exe
O23 - Service: SpyZero_Monitor - AhnLab, Inc. - C:\Program Files\AhnLab\AhnLab SpyZero 2.0\AszMon.exe
O23 - Service: Toggle Analysis (tgglana) - Unknown owner - C:\WINDOWS\system32\togglelg.exe
O23 - Service: Typer Interface Service (typemgr2) - Unknown owner - C:\WINDOWS\system32\Macromed\hddmgrs.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

BC AdBot (Login to Remove)

 


m

#2 Falu

Falu

  • Security Colleague
  • 3,001 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:07:50 PM

Posted 12 August 2007 - 04:08 AM

Hi Shinryuu, :flowers:

If you still need help please post a fresh HijackThis log and I'll be happy to look at it for you.

A new version of HijackThis has now been released, so before you repost your log please download and install the new version by following the instructions in Step 9 of the Preparation Guide For Use Before Posting A Hijackthis Log. Note that it is unnecessary to uninstall the old version because the new one will be copied to a different folder.

Thanks for your patience! :thumbsup:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users