Tech Support Forum banner

HJT logfile help

771 Views 1 Reply 2 Participants Last post by  fredmh
Recently i have run counterspy and when it gets to the registry folders it freezes up, im suspecting its some kind of malware that crashes your spyware program and i ran an HJT file to send to you, can anyone help me?

If there is nothing wrong with it, can someone tell me hwo to fix this registry problem thing

thankz!

Logfile of HijackThis v1.99.1
Scan saved at 오후 4:41:07, on 2007-01-22
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Ahnlab\Smart Update Utility\AhnSD.exe
D:\Program Files\Ahnlab\V3\MonSysNT.exe
D:\Program Files\Ahnlab\V3\V3P3AT.exe
D:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
D:\Program Files\Ahnlab\Smart Update Utility\Ahnsdsv.exe
D:\WINDOWS\system32\RUNDLL32.EXE
D:\Program Files\iTunes\iTunesHelper.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\MSN Messenger\msnmsgr.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\MsPMSPSv.exe
D:\Program Files\iPod\bin\iPodService.exe
D:\Program Files\소리바다\SORIBADA\SORIBADA.EXE
D:\PROGRA~1\Ahnlab\V3\MonSvcNT.exe
D:\WINDOWS\system32\fscagent.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\WINDOWS\system32\svchost.exe
C:\Program Files\HijackThis\HijackThis.exe

R3 - URLSearchHook: UrlSH Class - {00FE252A-86E6-47EB-9684-80E04CECBB76} - D:\Program Files\Cash-Back\csbkhm2.dll (file missing)
O2 - BHO: (no name) - {031AE275-656A-407D-B6E0-6D08E78DE258} - D:\Program Files\Cash-Back\csbkhm2.dll (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {FF0CDE9B-B3E6-4B89-987F-2816C7A81F1C} - D:\Program Files\Cash-Back\csbkhm2.dll (file missing)
O3 - Toolbar: V3 - {9E3849D6-41EF-4B2F-86B7-632EF90758E4} - "D:\Program Files\Ahnlab\V3\V3Bar.dll" (file missing)
O4 - HKLM\..\Run: [IMJPMIG8.1] "D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [AHNSD] "D:\Program Files\Ahnlab\Smart Update Utility\AhnSD.exe"
O4 - HKLM\..\Run: [imekrmig7.0] "D:\Program Files\Common Files\Microsoft Shared\IME\IMKR7\IMEKRMIG.EXE"
O4 - HKLM\..\Run: [pcguardian] D:\Program Files\PCGuardian\PCGuardian.exe -bg
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [RoxioEngineUtility] "D:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [dmqga.exe] D:\WINDOWS\system32\dmqga.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\MSN Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: Microsoft Excel로 내보내기(&X) - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java 콘솔 - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: 리서치 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: {072039AB-2117-4ED5-A85F-9B9EB903E021} (NowStarter Control) - http://www.clubbox.co.kr/neo.fld/NowStarter.cab
O16 - DPF: {AF11AA64-87A5-4146-AF3B-A7BD0F278485} (SBStarter Control) - http://download.soribada.com/down/Soribada/Setup/20061206/SBStart.CAB
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin9USA.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D0CADDFA-5902-418B-BA29-245BDAF5CF8F}: NameServer = 85.255.133.94,85.255.112.19
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Ahnlab Task Scheduler - AhnLab, Inc. - D:\Program Files\Ahnlab\Smart Update Utility\Ahnsdsv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MonSvcNT - AhnLab, Inc. - D:\PROGRA~1\Ahnlab\V3\MonSvcNT.exe
O23 - Service: npkcsvc - INCA Internet Co., Ltd. - D:\WINDOWS\system32\npkcsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Sunbelt CounterSpy Antispyware (SBCSSvc) - Sunbelt Software - D:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe
O23 - Service: STOPzilla Service (szserver) - Unknown owner - D:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe (file missing)
See less See more
Status
Not open for further replies.
1 - 2 of 2 Posts
1 - 2 of 2 Posts
Status
Not open for further replies.
Top