Help!!
I've been trying to fix my laptop for a week now... with no success.
I'm having the same problem trying to get rid of nail.exe and drpmon.dll etc... Can someone help me?
Logfile of HijackThis v1.99.1
Scan saved at 오전 2:04:45, on 2005-07-24
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\S24EvMon.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\NavNT\defwatch.exe
C:\Program Files\VPower\PCZiggyV4\Naver\PZServiceNt.exe
C:\Program Files\NavNT\rtvscan.exe
C:\WINDOWS\System32\RegSrvc.exe
C:\WINDOWS\System32\RoamMgr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Intel\Switching\User\RoamSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
C:\WINDOWS\system32\pctspk.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\MsgSys.EXE
C:\Program Files\NavNT\vptray.exe
C:\WINDOWS\system32\pprbna.exe
c:\windows\system32\wxamxn.exe
C:\WINDOWS\system32\n?lookup.exe
C:\Program Files\rdso\eetu.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\danpifahaq.exe
C:\Program Files\hijackthis\HijackThis.exe
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://home.netscape.com/bookmark/7_2/home.html"); (C:\Documents and Settings\Sae Young Park\Application Data\Mozilla\Profiles\default\dcytxu02.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\Sae Young Park\Application Data\Mozilla\Profiles\default\dcytxu02.slt\prefs.js)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: BrowserHelper Class - {EBCDDA60-2A68-11D3-8A43-0060083CFB9C} - C:\WINDOWS\system32\nzdd.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe
O4 - HKLM\..\Run: [PCZiggyV4] "C:\Program Files\VPower\PCZiggyV4\Naver\Update.exe" /launch/run/hide
O4 - HKLM\..\Run: [cfgmgr52] RunDLL32.EXE C:\WINDOWS\cfgmgr52.dll,DllRun
O4 - HKLM\..\Run: [winsync] C:\WINDOWS\system32\pprbna.exe reg_run
O4 - HKLM\..\Run: [xcssqi] c:\windows\system32\wxamxn.exe r
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msxml4] C:\WINDOWS\System32\msxml4.exe
O4 - HKCU\..\Run: [Pop-Up_Scanner] "C:\PROGRA~1\PANICW~1\POP-UP~1\Popupscn.exe"
O4 - HKCU\..\Run: [Bwd] C:\WINDOWS\system32\n?lookup.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: The Gaming Club Poker - {A18AC347-2CA3-4e5d-AB86-33BFC7EEB931} - C:\Program Files\gamingclubMPP\MPPoker.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Royal Vegas Poker - {FA4904B4-1FAF-4afd-886C-C19D2297BA62} - C:\Program Files\royalvegasMPP\MPPoker.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: www.clubbox.co.kr
O15 - Trusted Zone: http://*.sbs.co.kr
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: Sebring - C:\WINDOWS\System32\LgNotify.dll
O20 - Winlogon Notify: URL - C:\WINDOWS\system32\szc_os.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe
O23 - Service: Adapter Switching (IntelRoam) - Intel Corporation - C:\Program Files\Intel\Switching\User\RoamSvc.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Naver - Unknown owner - C:\Program Files\VPower\PCZiggyV4\Naver\PZServiceNt.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe
O23 - Service: npkcsvc - INCA Internet Co., Ltd. - C:\WINDOWS\system32\npkcsvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe
O23 - Service: RoamMgr - Intel Corporation - C:\WINDOWS\System32\RoamMgr.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - c:\windows\SvcProc.exe
O23 - Service: WLTRYSVC - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe
desperate.