invisible ad voice, random ad pop ups please help

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

potato123

Thread Starter
Joined
Nov 20, 2011
Messages
2
hello. im first year university student who have almost no knowlege with this stuff
I was just using IE and one day I keep hearing this ad voices. Even after I close the IE window, voice still goes on.
Also random ad IE windows pops up time to time. Please help me fix this. This is getting very annoying.
Thank you very much.

P.S. - My computer is in Korean and if there is any word you need to know, just let me know. Ill get back to you ASAP.('류희석' is computer name)

P.S.S. - I get this error message when I run GMER (LoadDrive("C:\DOCUME~1\류희석\LOCALS~1\Temp\kwndqfog.sys") error 0x000010E: 불안정한 상위키 아래에 안정된 하위 키를 만들수 없습니다.) Last Korean part is saying like "cant make low stable key under high unstable key." I don't know if its important but i thought its best to let you know first.

P.S.S.S. - I had to attach ark.txt file since it told me this "The text that you have entered is too long (331511 characters) please shorten it to 300000 characters long.")


HERE IS hijackthis file

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 오후 5:32:08, on 2011-11-19
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\DTS.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\AtService.exe
C:\WINDOWS\system32\FpLogonServ.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\Program Files\ESTsoft\ALYac\AYRTSrv.aye
C:\Program Files\ESTsoft\ALYac\AYUpdSrv.aye
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\Lenovo\NPDIRECT\TPFNF7SP.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\TpShocks.exe
C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
C:\PROGRA~1\THINKV~1\PrdCtr\LPMLCHK.exe
C:\PROGRA~1\THINKV~1\AMSG\Amsg.exe
C:\Program Files\Lenovo\Drag-to-Disc\DrgToDsc.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Intel\AMT\LMS.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\NAT Service\natsvc.exe
C:\WINDOWS\system32\npkcmsvc.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\ESTsoft\ALYac\AYAgent.aye
C:\Program Files\DS Clock\DSClock.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\11STshoppingIcon\11stshopping.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\TpKmpSVC.exe
C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
C:\Program Files\Lenovo\Rescue and Recovery\UpdateMonitor.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
C:\Program Files\RALINK\Common\RaUI.exe
C:\Program Files\RotateImage\RCIMGDIR.exe
C:\PROGRA~1\ThinkPad\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
c:\program files\lenovo\system update\suservice.exe
c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: ALToolbarBho - {7F1A79F9-78D1-4186-9F60-EE0B63DF042A} - C:\Program Files\ESTsoft\ALToolBar\ALToolBar_2050.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: SideOnHelper - {B7063D54-EC61-4F72-90F2-D821AF4BE179} - C:\Program Files\SideOn\SideOn.dll
O2 - BHO: Password Manager Browser Helper Object - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: ALToolBar - {38FBE93D-4CA1-4414-AF6A-94920C5BD8DA} - C:\Program Files\ESTsoft\ALToolBar\ALToolBar_2050.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [picon] "C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe" -startup
O4 - HKLM\..\Run: [TPFNF7] C:\PROGRA~1\Lenovo\NPDIRECT\TPFNF7SP.exe /r
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
O4 - HKLM\..\Run: [LPMailChecker] C:\PROGRA~1\THINKV~1\PrdCtr\LPMLCHK.exe
O4 - HKLM\..\Run: [AMSG] C:\PROGRA~1\THINKV~1\AMSG\Amsg.exe /startup
O4 - HKLM\..\Run: [CameraApplicationLauncher] C:\Program Files\Lenovo\Camera Center\bin\CameraApplicationLaunchpadLauncher.exe
O4 - HKLM\..\Run: [RoxioDragToDisc] C:\Program Files\Lenovo\Drag-to-Disc\DrgToDsc.exe
O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [BLOG] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog
O4 - HKLM\..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
O4 - HKLM\..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
O4 - HKLM\..\Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [HncUpdate] C:\Program Files\Common Files\Hnc\HncUtils\HncUpdate.exe /A
O4 - HKLM\..\Run: [Korean IME Migration] C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMEKR\IMKRMIG.EXE
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [LENOVO.TPFNF6R] C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [FingerPrintSoftware] "C:\Program Files\Lenovo Fingerprint Software\fpapp.exe" \s
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [11STshoppingIcon] C:\Program Files\11STshoppingIcon\11stdirecticonst.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ALYac] "C:\Program Files\ESTsoft\ALYac\AYLaunch.exe" /run
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DS Clock] "C:\Program Files\DS Clock\DSClock.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
O4 - HKCU\..\Run: [scchk] "C:\Program Files\StarCodec\SCChkUpd.exe" /s
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] ctfmon.exe (User 'Default user')
O8 - Extra context menu item: Adobe PDF로 변환 - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Bluetooth 장치로 보내기(&B)... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Bluetooth로 보내기 - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Microsoft Excel로 내보내기(&X) - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: 기존 PDF로 변환 - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: 링크 대상을 Adobe PDF로 변환 - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: 링크 대상을 기존 PDF로 변환 - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: 선택 영역을 Adobe PDF로 변환 - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: 선택 영역을 기존 PDF로 변환 - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: 선택한 링크를 Adobe PDF로 변환 - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: 선택한 링크를 기존 PDF로 변환 - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: 알툴바 빠른검색(&Q) - res://C:\Program Files\ESTsoft\ALToolBar\ALToolBand_2050.dll/23/SEARCH.HTML
O9 - Extra button: 쇼핑 스트리트, 11번가 - {71DF21B0-8C69-4923-8C7B-B195F8DDB5CD} - http://www.11st.co.kr/connect/Gateway.tmall?method=Xsite&tid=1000105205 (file missing)
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: (no name) - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O9 - Extra 'Tools' menuitem: Lenovo Password Manager... - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.bigfile.co.kr
O15 - Trusted Zone: http://*.bigfile.co.kr
O15 - Trusted Zone: http://*.daum.net
O15 - Trusted Zone: http://*.entogether.com
O15 - Trusted Zone: http://*.google.co.kr
O15 - Trusted Zone: http://*.google.com
O15 - Trusted Zone: http://*.ilikeclick.com
O15 - Trusted Zone: http://*.interich.com
O15 - Trusted Zone: http://*.jtjt.net
O15 - Trusted Zone: http://*.linkprice.com
O15 - Trusted Zone: http://*.mjoynet.com
O15 - Trusted Zone: http://*.nate.com
O15 - Trusted Zone: http://*.naver.com
O15 - Trusted Zone: http://*.wecl.co.kr
O15 - Trusted Zone: http://*.weclick.co.kr
O15 - Trusted Zone: http://*.yahoo.co.kr
O15 - Trusted Zone: http://*.yahoo.com
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {03AF249E-119E-4569-838E-167E929EC6DA} (BigFileControl Control) - http://www.bigfile.co.kr/client/BigFile.cab
O16 - DPF: {063F7D71-5E0B-48F2-87D5-F63C5917947E} (Aosmgr Control) - http://ahnlabdownload.nefficient.co.kr/aos/plugin/aosmgr.cab
O16 - DPF: {0AE0F5F9-8233-49A4-A3C8-004CE190787B} (BMSpeedCheck Control) - http://www.afreeca.com/ocx/AfSpeedCheck.cab
O16 - DPF: {0B304B1A-925D-4957-9034-CD1A1E71DCC7} - http://navyfield-sdenternet.ktics.co.kr/ActiveCodebase/KOR/NFLauncherAX.cab
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_client_4.4.26.0.cab
O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} (MeadCo ScriptX Basic) - http://portal.keri.re.kr/download/ScriptX.cab
O16 - DPF: {2022EE84-1E1F-45B0-8D35-FF9DA75366BC} (ExpressViewer Class) - http://download.softforum.co.kr/Published/XecureExpressI/v2.6.0.3/xei_install2.cab
O16 - DPF: {24F6E6A8-852C-45A8-ADD3-C4AB0D6FD231} (INIwallet61 Control) - https://plugin.inicis.com/wallet61/INIwallet61.cab
O16 - DPF: {25794D3C-E2F0-40B8-9C11-F38DC1908633} (Maildropfile Control) - http://activexdown.paran.com/paranactivex/data/uploadlauncher.cab
O16 - DPF: {286A75C3-11FB-4FB4-AC4A-4DD1B0750050} (INISAFEWeb6 V6 Class) - http://www.siren24.com/initech/plugin/INIS60.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {341FBC5F-2AE4-41B8-BFE5-A03170569A27} (IBLeaders IBSheet3 Control v3.4.0.68) - http://pms.ketep.re.kr/IBSheet/object/IBSheet3.CAB
O16 - DPF: {34543C6F-6116-4B5C-A861-15B562BFE7A4} (EzPDFBook Control) - http://drm.ks.or.kr/ezpdfdrm/download/ezPDFReader.cab
O16 - DPF: {3B56E5F0-7B20-48BF-B439-A995BE5191EF} (SessionControl Control) - http://wfc.wooribank.com/com/common/SessionControl.cab
O16 - DPF: {40A217E1-BDDA-44DE-9BBC-D678C7B48603} (EspressoAgent Control) - http://www.bluemountainsoft.com/agent/EspressoAgent.ocx
O16 - DPF: {442E9D84-97AE-410F-9697-51B0E2C5EC92} (PCOTPCtl Class) - http://pcotp.motp.co.kr/pcotp/PCOTPAX.cab
O16 - DPF: {45091AA2-1574-4EC8-B520-4C27E29CF889} (GifFreezerCtrl Class) - http://www.gmarket.co.kr/challenge/neo_goods/dlls/gifFreezer.cab
O16 - DPF: {4C68DACE-E6BC-4650-9C7E-D036720CA729} (Nps Control) - http://image.gmarket.co.kr/tools/tyscan/nps.cab
O16 - DPF: {559E87DD-406C-43C9-BE70-3C902331CA6B} (WZIFLauncher Class) - http://windybeta.xcdnplus.co.kr/windydev/sd/common/cab/service/1046/WZMngrAx.cab
O16 - DPF: {571CB303-4267-4D92-B45C-9B79ACC18632} (PotWeb Control) - http://get.daum.net/PotPlayer/v2/PotWeb.cab
O16 - DPF: {5876CAD0-1636-42EA-AC50-4C06F3196089} (HanGamePlugin19 Class) - http://down.hangame.com/dist/activex/HanGamePlugin19.cab
O16 - DPF: {6BE2ABE1-B432-491A-81AE-6B6EE7628570} (mBoxX Class) - http://ryoonas.mvix.net:8080/mBox.cab
O16 - DPF: {6CE20149-ABE3-462E-A1B4-5B549971AA38} (XecureCKKB Class) - http://ck.softforum.co.kr/CKKeyPro/wooribank/CKKeyPro3017_32k.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1249227829796
O16 - DPF: {7876A60C-6116-4AD9-B0EE-C53A06C08747} (IPCheckerX Control) - http://203.248.245.161:8080/ftth/ftth/popup/IPCheckerX.cab
O16 - DPF: {78EB4139-AC59-425A-963E-B26C138B88F9} (CYBERMAP_ASP_NEOTSYS_SUNGNAM2 Control) - http://businfo.cans21.net/busInfo/CYBERMAP_ASP_NEOTSYS_SUNGNAM2.cab
O16 - DPF: {7B6DEBCF-E27A-40F5-832A-954D642D3C2A} (Pilot Class) - http://www.maptopia.com/_Lib/Component/PythonW.cab
O16 - DPF: {81D9BBB0-22AD-44F3-B7DB-8FD9ECEB27A0} (FxChartA Control) - http://fx.keb.co.kr/activex/Chart/FxChartA.cab
O16 - DPF: {8768D5EA-5412-4810-A032-09AD2A726C69} (DownStarter2 Control) - http://bgweb.nowcdn.co.kr/Bin/DownStarter2.cab
O16 - DPF: {8E2A904F-FDD7-4086-A49C-834F1C47DC39} -
O16 - DPF: {967386A1-409E-431A-A93A-FB5FEFF86A58} (AXMObjectCtl Class) - http://bank.keb.co.kr/veraport/veraport.cab
O16 - DPF: {9709739B-4909-489B-A1F7-148C74F16EEE} (CNxSysInfoCtrl Object) - http://platform.nx.com/ActiveX/nxsysinfo.cab
O16 - DPF: {999206BD-3FD0-4A47-A96E-680E8DB844C2} (InnoDS Ver.5 (REengineered)) - http://pms.ketep.re.kr/InnoAP/object/InnoDS5.cab
O16 - DPF: {9E1F4A27-7EB0-4210-98D8-1CCF6671F483} (ClipSoft Rexpert Viewer Control 2.5(ANSI)) - http://222.106.84.106:8088/RexServer/cab/Rexpert25ViewerFull.cab
O16 - DPF: {9FC84F7D-D177-4A75-A7BB-429DA5BD0A3E} (SG_CAppAtx Control) -
O16 - DPF: {A099920B-630C-426B-91EC-737685CEEE17} (AxCrossCert Class) - http://eapat.co.kr/CrossCert/AxCrossCert.cab
O16 - DPF: {A17BFC9F-18A7-4BE7-915A-C106624AC802} (CNeopleInstallAXCtlKor10 Object) - http://d-fighter.nefficient.co.kr/samsungdnf/neople/dnf_hg/installer/dnf_real.cab
O16 - DPF: {A4508A45-F1C4-40F3-99B4-0CA08AC77E3B} (Kdfense8 Control) - http://kings.nefficient.co.kr/kings/kdfx/kdfx321/kdfense8.cab
O16 - DPF: {A50E964D-F290-4EAD-9BD7-EBAE95D38E91} (NungcoolWECv3 Control) - http://portal.keri.re.kr/Download/SoBiSWEC2007.cab
O16 - DPF: {A56A1518-A259-4109-98B3-06A30F09AB1B} (JXMailViewer Control) - http://210.216.228.21/real/dl/JXmailActiveX.cab
O16 - DPF: {A74BBDD4-B4A7-49D4-A088-E01805407B1E} (JungUmUpdateAtx Control) - http://www.jungum.com/ocx/update/JungUmUpdate.cab
O16 - DPF: {A8C9023F-8740-46CC-89DD-F6C353230E28} (GameHiDownloaderCtrlKr Class) - http://img.gamehi.kr/cabs/GamehiDownloaderKr.cab
O16 - DPF: {A9FC42C5-C098-41A7-8101-E4B0391C096F} (Virtual-Net) - http://dldoc.keri.re.kr/vn/virtual-net.cab
O16 - DPF: {AB14AFC3-7AFB-403E-8ABF-8966E0FD360D} (DnsChangeX Control) - http://203.248.245.161:8080/ftth/ftth/popup/DnsChangeX.cab
O16 - DPF: {B01AAFA1-2478-44A3-8894-BE4D4C23C271} (HLauncher Control) - http://su.hanbiton.com/Game/Launcher/HLauncher.cab
O16 - DPF: {B095794C-3FAB-493B-9BDD-5272FAAD9979} (GamehiLauncher ActiveX Control) - http://img.gamehi.kr/cabs/GamehiLauncher.cab
O16 - DPF: {B1F38AB3-D8C7-49A2-B09C-8055D2128BC6} (KVPLoginCtl Control) - http://www.vpay.co.kr/kvpfiles/KVPLoginCTLD.cab
O16 - DPF: {B33FEBDC-FF38-4D0F-9C76-58C4733947AD} (SignGATE Class) - http://download.signgate.com/download/certmgt/AxSignGATE.cab
O16 - DPF: {BBB0FC2D-1D95-45CA-BDCF-03B53F247FCC} (EwsLoader Class) -
O16 - DPF: {C044CD87-DFB0-4130-A5E4-49361106FBC8} (HanSetupCtrl1010 Class) - http://tera.hangame.com/common/activex/HanSetup1040.cab
O16 - DPF: {C3AF249E-119E-4569-838E-167E929EC6DC} (BigFileControlX) - http://www.bigfile.co.kr/client/cab_g/BigFileX.cab
O16 - DPF: {C5D387A6-2770-432F-A5D7-5E886BED167F} (WebPriLoaderCtrl Class) - http://bank.keb.co.kr/activex/webpri/WebPriLoader.cab
O16 - DPF: {C8223F3A-1420-4245-88F2-D874FC081574} (MagicLineMBX Class) - https://auth.siren24.com/MagicLineMBX/lib/MagicLineMBX.cab
O16 - DPF: {CAE8116F-4E38-4A48-8A50-1FA781D863C5} (InnoFD Ver.5 (REengineered)) - http://pms.ketep.re.kr/InnoAP/object/InnoFD5.cab
O16 - DPF: {CE0A61AD-8FAA-400F-B88E-56E2BC659C37} (Launcher Class) - http://app.joycity.com/_app/cab/JCGameManager.cab
O16 - DPF: {CE873186-B120-4034-9569-043119A3972A} (GPSetupCtrl Class) - http://cabdown.playnetwork.co.kr/playnetwork/real/MasterLauncher/PNSetup.cab
O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} (NPKCX Control) - https://supdate.nprotect.net/nprotect2007/keycrypt/sci/br/npkcx_1104251.cab
O16 - DPF: {D7EFD319-098B-4918-8ECF-25A8E8EE1940} (Maptopia WindW Control) - http://www.maptopia.com/_Lib/Component/WindW_R Maptopia Control.cab
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.26.0.cab
O16 - DPF: {E78928A6-3D2A-4BF7-A100-F3FBAA351B49} (KvpIspCtlD Control) - https://www.vpay.co.kr/kvpfiles/KVPISPCTLD.cab
O16 - DPF: {EC5D5118-9FDE-4A3E-84F3-C2B711740E70} (SKCommAX Control) - https://telserv.danal.co.kr/Sign/SKCommAX.cab
O16 - DPF: {EE605DF7-AEC1-46EE-A5A8-249540158472} (MakeShortCutUac Class) - http://www.gmarket.co.kr/challenge/neo_app/MakeShortCutAtl.cab
O16 - DPF: {F6E7ECCE-6E60-4681-8D9B-4BBC12A07110} (GWallCtrl Class) - http://www.gmarket.co.kr/challenge/neo_goods/dlls/GWall_1800_Vista/GWall.cab
O16 - DPF: {FE342FC7-4374-4EBE-86DB-D73AE861F779} (NaverAXGuide Class) - http://file.naver.com/activex/NaverAXGuide.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: smart - {402CA0E4-3090-402E-BE90-3EE9B766EBB0} - C:\Program Files\ESTsoft\ALToolBar\ALToolBarProtocol.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: AD Monitor (ADMonitor) - Unknown owner - C:\WINDOWS\system32\ADMonitor.exe
O23 - Service: ALYac RealTime Service (ALYac_RTSrv) - Unknown owner - C:\Program.exe (file missing)
O23 - Service: ALYac Update Service (ALYac_UpdSrv) - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\WINDOWS\system32\AtService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Bonjour 서비스 (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
O23 - Service: Data Transfer Service (dtsvc) - Unknown owner - C:\WINDOWS\system32\DTS.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Fingerprint Server (FingerprintServer) - AuthenTec,Inc - C:\WINDOWS\system32\FpLogonServ.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google 업데이트 서비스 (gupdatem) (gupdatem) - Google Inc - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod 서비스 (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Intel(R) Active Management Technology Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\AMT\LMS.exe
O23 - Service: NATService - Network Advanced Technology - C:\Program Files\NAT Service\natsvc.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: npkcmsvc - INCA Internet Co., Ltd. - C:\WINDOWS\system32\npkcmsvc.exe
O23 - Service: NVIDIA Performance Driver Service - Unknown owner - C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Power Manager DBC Service - Unknown owner - C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: Intel(R) PROSet/Wireless WiFi Service (S24EventMonitor) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
O23 - Service: SessionLauncher - Unknown owner - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\DX9\SessionLauncher.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\program files\lenovo\system update\suservice.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe
O23 - Service: TSS Core Service (TSSCoreService) - Lenovo - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe
O23 - Service: TVT Backup Protection Service - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
O23 - Service: TVT Windows Update Monitor (TVT_UpdateMonitor) - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\UpdateMonitor.exe
O23 - Service: Intel(R) Active Management Technology User Notification Service (UNS) - Intel Corporation - C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
--
End of file - 29241 bytes




HERE IS dds.txt file


.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.0.0
Run by 류희석 at 17:33:07 on 2011-11-19
Microsoft Windows XP Professional 5.1.2600.3.949.82.1042.18.2554.1256 [GMT 9:00]
.
AV: 알약 *Enabled/Updated* {B9431E5A-E196-4B6F-843A-10E01DB25461}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\DTS.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\AtService.exe
C:\WINDOWS\system32\FpLogonServ.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
svchost.exe
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\Program Files\ESTsoft\ALYac\AYRTSrv.aye
C:\Program Files\ESTsoft\ALYac\AYUpdSrv.aye
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\Lenovo\NPDIRECT\TPFNF7SP.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\TpShocks.exe
C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
C:\PROGRA~1\THINKV~1\PrdCtr\LPMLCHK.exe
C:\PROGRA~1\THINKV~1\AMSG\Amsg.exe
C:\Program Files\Lenovo\Drag-to-Disc\DrgToDsc.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Intel\AMT\LMS.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\NAT Service\natsvc.exe
C:\WINDOWS\system32\npkcmsvc.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\ESTsoft\ALYac\AYAgent.aye
C:\Program Files\DS Clock\DSClock.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\11STshoppingIcon\11stshopping.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\TpKmpSVC.exe
C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
C:\Program Files\Lenovo\Rescue and Recovery\UpdateMonitor.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
C:\Program Files\RALINK\Common\RaUI.exe
C:\Program Files\RotateImage\RCIMGDIR.exe
C:\PROGRA~1\ThinkPad\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
c:\program files\lenovo\system update\suservice.exe
c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\WINDOWS\system32\conime.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.naver.com/
uInternet Settings,ProxyOverride = <local>;*.local
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: ALToolbarBho: {7f1a79f9-78d1-4186-9f60-ee0b63df042a} - c:\program files\estsoft\altoolbar\ALToolBar_2050.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.2.4204.1700\swg.dll
BHO: SideOnHelper: {b7063d54-ec61-4f72-90f2-d821af4be179} - c:\program files\sideon\SideOn.dll
BHO: IePasswordManagerHelper Class: {bf468356-bb7e-42d7-9f15-4f3b9bcfced2} - c:\program files\lenovo\client security solution\tvtpwm_ie_com.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
TB: ALToolBar: {38fbe93d-4ca1-4414-af6a-94920c5bd8da} - c:\program files\estsoft\altoolbar\ALToolBar_2050.dll
TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {86B9B5DD-FB75-4035-BD52-3C94F7849CAF} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
EB: SideOn: {b1f115ee-876d-41e9-9515-d0dfafa98521} - c:\program files\sideon\SideOn.dll
EB: {FCAA16E5-0850-45ca-A96C-B1BFFF8EC6F0} - No File
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [DS Clock] "c:\program files\ds clock\DSClock.exe"
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun
uRun: [SmartAudio] c:\program files\conexant\saii\SAIICpl.exe /t
uRun: [scchk] "c:\program files\starcodec\SCChkUpd.exe" /s
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [SynTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe
mRun: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
mRun: [picon] "c:\program files\common files\intel\privacy icon\PrivacyIconClient.exe" -startup
mRun: [TPFNF7] c:\progra~1\lenovo\npdirect\TPFNF7SP.exe /r
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [TpShocks] TpShocks.exe
mRun: [TPHOTKEY] c:\program files\lenovo\hotkey\TPOSDSVC.exe
mRun: [EZEJMNAP] c:\progra~1\thinkpad\utilit~1\EzEjMnAp.Exe
mRun: [TVT Scheduler Proxy] c:\program files\common files\lenovo\scheduler\scheduler_proxy.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [LPManager] c:\progra~1\thinkv~1\prdctr\LPMGR.exe
mRun: [LPMailChecker] c:\progra~1\thinkv~1\prdctr\LPMLCHK.exe
mRun: [AMSG] c:\progra~1\thinkv~1\amsg\Amsg.exe /startup
mRun: [CameraApplicationLauncher] c:\program files\lenovo\camera center\bin\CameraApplicationLaunchpadLauncher.exe
mRun: [RoxioDragToDisc] c:\program files\lenovo\drag-to-disc\DrgToDsc.exe
mRun: [PWRMGRTR] rundll32 c:\progra~1\thinkpad\utilit~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
mRun: [BLOG] rundll32 c:\progra~1\thinkpad\utilit~1\BatLogEx.DLL,StartBattLog
mRun: [ACTray] c:\program files\thinkpad\connectutilities\ACTray.exe
mRun: [ACWLIcon] c:\program files\thinkpad\connectutilities\ACWLIcon.exe
mRun: [cssauth] "c:\program files\lenovo\client security solution\cssauth.exe" silent
mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
mRun: [HncUpdate] c:\program files\common files\hnc\hncutils\HncUpdate.exe /A
mRun: [Korean IME Migration] c:\progra~1\common~1\micros~1\ime12\imekr\IMKRMIG.EXE
mRun: [Acrobat Assistant 7.0] "c:\program files\adobe\acrobat 7.0\distillr\Acrotray.exe"
mRun: [LENOVO.TPFNF6R] c:\program files\lenovo\hotkey\TPFNF6R.exe
mRun: [TPKMAPHELPER] c:\program files\thinkpad\utilities\TpKmapAp.exe -helper
mRun: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [FingerPrintSoftware] "c:\program files\lenovo fingerprint software\fpapp.exe" \s
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [11STshoppingIcon] c:\program files\11stshoppingicon\11stdirecticonst.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [ALYac] "c:\program files\estsoft\alyac\AYLaunch.exe" /run
dRun: [ctfmon.exe] ctfmon.exe
StartupFolder: c:\docume~1\&#47448;&#55148;&#49437;\&#49884;&#51089;&#47700;~1\&#54532;&#47196;&#44536;&#47016;\&#49884;&#51089;&#54532;~1\yahoo!~1.lnk - c:\program files\yahoo!\widgets\YahooWidgets.exe
StartupFolder: c:\docume~1\alluse~1\&#49884;&#51089;&#47700;~1\&#54532;&#47196;&#44536;&#47016;\&#49884;&#51089;&#54532;~1\adobe acrobat speed launcher.lnk - c:\windows\installer\{ac76ba86-1042-0000-7760-100000000002}\SC_Acrobat.exe
StartupFolder: c:\docume~1\alluse~1\&#49884;&#51089;&#47700;~1\&#54532;&#47196;&#44536;&#47016;\&#49884;&#51089;&#54532;~1\autocad &#49884;&#51089; &#44032;&#49549;&#53412;.lnk - c:\program files\common files\autodesk shared\acstart17.exe
StartupFolder: c:\docume~1\alluse~1\&#49884;&#51089;&#47700;~1\&#54532;&#47196;&#44536;&#47016;\&#49884;&#51089;&#54532;~1\bttray.lnk - c:\program files\thinkpad\bluetooth software\BTTray.exe
StartupFolder: c:\docume~1\alluse~1\&#49884;&#51089;&#47700;~1\&#54532;&#47196;&#44536;&#47016;\&#49884;&#51089;&#54532;~1\digital line detect.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\docume~1\alluse~1\&#49884;&#51089;&#47700;~1\&#54532;&#47196;&#44536;&#47016;\&#49884;&#51089;&#54532;~1\ralink wireless utility.lnk - c:\program files\ralink\common\RaUI.exe
StartupFolder: c:\docume~1\alluse~1\&#49884;&#51089;&#47700;~1\&#54532;&#47196;&#44536;&#47016;\&#49884;&#51089;&#54532;~1\rcimgdir.exe.lnk - c:\program files\rotateimage\RCIMGDIR.exe
IE: Adobe PDF&#47196; &#48320;&#54872; - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Bluetooth &#51109;&#52824;&#47196; &#48372;&#45236;&#44592;(&B)... - c:\program files\thinkpad\bluetooth software\btsendto_ie_ctx.htm
IE: Bluetooth&#47196; &#48372;&#45236;&#44592; - c:\program files\thinkpad\bluetooth software\btsendto_ie.htm
IE: Microsoft Excel&#47196; &#45236;&#48372;&#45236;&#44592;(&X) - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: &#44592;&#51316; PDF&#47196; &#48320;&#54872; - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: &#47553;&#53356; &#45824;&#49345;&#51012; Adobe PDF&#47196; &#48320;&#54872; - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: &#47553;&#53356; &#45824;&#49345;&#51012; &#44592;&#51316; PDF&#47196; &#48320;&#54872; - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: &#49440;&#53469; &#50689;&#50669;&#51012; Adobe PDF&#47196; &#48320;&#54872; - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: &#49440;&#53469; &#50689;&#50669;&#51012; &#44592;&#51316; PDF&#47196; &#48320;&#54872; - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: &#49440;&#53469;&#54620; &#47553;&#53356;&#47484; Adobe PDF&#47196; &#48320;&#54872; - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: &#49440;&#53469;&#54620; &#47553;&#53356;&#47484; &#44592;&#51316; PDF&#47196; &#48320;&#54872; - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: &#50508;&#53812;&#48148; &#48736;&#47480;&#44160;&#49353;(&Q) - c:\program files\estsoft\altoolbar\ALToolBand_2050.dll/23/SEARCH.HTML
IE: &#51060;&#48120;&#51648; EXIF &#51221;&#48372; &#48372;&#44592; -
IE: {71DF21B0-8C69-4923-8C7B-B195F8DDB5CD} - http://www.11st.co.kr/connect/Gateway.tmall?method=Xsite&tid=1000105205
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\thinkpad\bluetooth software\btsendto_ie.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - c:\program files\lenovo\client security solution\tvtpwm_ie_com.dll
Trusted Zone: bigfile.co.kr
Trusted Zone: daum.net
Trusted Zone: entogether.com
Trusted Zone: google.co.kr
Trusted Zone: google.com
Trusted Zone: ilikeclick.com
Trusted Zone: interich.com
Trusted Zone: jtjt.net
Trusted Zone: linkprice.com
Trusted Zone: mjoynet.com
Trusted Zone: nate.com
Trusted Zone: naver.com
Trusted Zone: wecl.co.kr
Trusted Zone: weclick.co.kr
Trusted Zone: yahoo.co.kr
Trusted Zone: yahoo.com
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {03AF249E-119E-4569-838E-167E929EC6DA} - hxxp://www.bigfile.co.kr/client/BigFile.cab
DPF: {063F7D71-5E0B-48F2-87D5-F63C5917947E} - hxxp://ahnlabdownload.nefficient.co.kr/aos/plugin/aosmgr.cab
DPF: {0AE0F5F9-8233-49A4-A3C8-004CE190787B} - hxxp://www.afreeca.com/ocx/AfSpeedCheck.cab
DPF: {0B304B1A-925D-4957-9034-CD1A1E71DCC7} - hxxp://navyfield-sdenternet.ktics.co.kr/ActiveCodebase/KOR/NFLauncherAX.cab
DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_client_4.4.26.0.cab
DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} - hxxp://portal.keri.re.kr/download/ScriptX.cab
DPF: {2022EE84-1E1F-45B0-8D35-FF9DA75366BC} - hxxp://download.softforum.co.kr/Published/XecureExpressI/v2.6.0.3/xei_install2.cab
DPF: {24F6E6A8-852C-45A8-ADD3-C4AB0D6FD231} - hxxps://plugin.inicis.com/wallet61/INIwallet61.cab
DPF: {25794D3C-E2F0-40B8-9C11-F38DC1908633} - hxxp://activexdown.paran.com/paranactivex/data/uploadlauncher.cab
DPF: {286A75C3-11FB-4FB4-AC4A-4DD1B0750050} - hxxp://www.siren24.com/initech/plugin/INIS60.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {341FBC5F-2AE4-41B8-BFE5-A03170569A27} - hxxp://pms.ketep.re.kr/IBSheet/object/IBSheet3.CAB
DPF: {34543C6F-6116-4B5C-A861-15B562BFE7A4} - hxxp://drm.ks.or.kr/ezpdfdrm/download/ezPDFReader.cab
DPF: {3B56E5F0-7B20-48BF-B439-A995BE5191EF} - hxxp://wfc.wooribank.com/com/common/SessionControl.cab
DPF: {40A217E1-BDDA-44DE-9BBC-D678C7B48603} - hxxp://www.bluemountainsoft.com/agent/EspressoAgent.ocx
DPF: {442E9D84-97AE-410F-9697-51B0E2C5EC92} - hxxp://pcotp.motp.co.kr/pcotp/PCOTPAX.cab
DPF: {45091AA2-1574-4EC8-B520-4C27E29CF889} - hxxp://www.gmarket.co.kr/challenge/neo_goods/dlls/gifFreezer.cab
DPF: {4C68DACE-E6BC-4650-9C7E-D036720CA729} - hxxp://image.gmarket.co.kr/tools/tyscan/nps.cab
DPF: {559E87DD-406C-43C9-BE70-3C902331CA6B} - hxxp://windybeta.xcdnplus.co.kr/windydev/sd/common/cab/service/1046/WZMngrAx.cab
DPF: {571CB303-4267-4D92-B45C-9B79ACC18632} - hxxp://get.daum.net/PotPlayer/v2/PotWeb.cab
DPF: {5876CAD0-1636-42EA-AC50-4C06F3196089} - hxxp://down.hangame.com/dist/activex/HanGamePlugin19.cab
DPF: {6BE2ABE1-B432-491A-81AE-6B6EE7628570} - hxxp://ryoonas.mvix.net:8080/mBox.cab
DPF: {6CE20149-ABE3-462E-A1B4-5B549971AA38} - hxxp://ck.softforum.co.kr/CKKeyPro/wooribank/CKKeyPro3017_32k.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1249227829796
DPF: {7876A60C-6116-4AD9-B0EE-C53A06C08747} - hxxp://203.248.245.161:8080/ftth/ftth/popup/IPCheckerX.cab
DPF: {78EB4139-AC59-425A-963E-B26C138B88F9} - hxxp://businfo.cans21.net/busInfo/CYBERMAP_ASP_NEOTSYS_SUNGNAM2.cab
DPF: {7B6DEBCF-E27A-40F5-832A-954D642D3C2A} - hxxp://www.maptopia.com/_Lib/Component/PythonW.cab
DPF: {81D9BBB0-22AD-44F3-B7DB-8FD9ECEB27A0} - hxxp://fx.keb.co.kr/activex/Chart/FxChartA.cab
DPF: {8768D5EA-5412-4810-A032-09AD2A726C69} - hxxp://bgweb.nowcdn.co.kr/Bin/DownStarter2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab
DPF: {8E2A904F-FDD7-4086-A49C-834F1C47DC39}
DPF: {967386A1-409E-431A-A93A-FB5FEFF86A58} - hxxp://bank.keb.co.kr/veraport/veraport.cab
DPF: {9709739B-4909-489B-A1F7-148C74F16EEE} - hxxp://platform.nx.com/ActiveX/nxsysinfo.cab
DPF: {999206BD-3FD0-4A47-A96E-680E8DB844C2} - hxxp://pms.ketep.re.kr/InnoAP/object/InnoDS5.cab
DPF: {9E1F4A27-7EB0-4210-98D8-1CCF6671F483} - hxxp://222.106.84.106:8088/RexServer/cab/Rexpert25ViewerFull.cab
DPF: {9FC84F7D-D177-4A75-A7BB-429DA5BD0A3E}
DPF: {A099920B-630C-426B-91EC-737685CEEE17} - hxxp://eapat.co.kr/CrossCert/AxCrossCert.cab
DPF: {A17BFC9F-18A7-4BE7-915A-C106624AC802} - hxxp://d-fighter.nefficient.co.kr/samsungdnf/neople/dnf_hg/installer/dnf_real.cab
DPF: {A4508A45-F1C4-40F3-99B4-0CA08AC77E3B} - hxxp://kings.nefficient.co.kr/kings/kdfx/kdfx321/kdfense8.cab
DPF: {A50E964D-F290-4EAD-9BD7-EBAE95D38E91} - hxxp://portal.keri.re.kr/Download/SoBiSWEC2007.cab
DPF: {A56A1518-A259-4109-98B3-06A30F09AB1B} - hxxp://210.216.228.21/real/dl/JXmailActiveX.cab
DPF: {A74BBDD4-B4A7-49D4-A088-E01805407B1E} - hxxp://www.jungum.com/ocx/update/JungUmUpdate.cab
DPF: {A8C9023F-8740-46CC-89DD-F6C353230E28} - hxxp://img.gamehi.kr/cabs/GamehiDownloaderKr.cab
DPF: {A9FC42C5-C098-41A7-8101-E4B0391C096F} - hxxp://dldoc.keri.re.kr/vn/virtual-net.cab
DPF: {AB14AFC3-7AFB-403E-8ABF-8966E0FD360D} - hxxp://203.248.245.161:8080/ftth/ftth/popup/DnsChangeX.cab
DPF: {B01AAFA1-2478-44A3-8894-BE4D4C23C271} - hxxp://su.hanbiton.com/Game/Launcher/HLauncher.cab
DPF: {B095794C-3FAB-493B-9BDD-5272FAAD9979} - hxxp://img.gamehi.kr/cabs/GamehiLauncher.cab
DPF: {B1F38AB3-D8C7-49A2-B09C-8055D2128BC6} - hxxp://www.vpay.co.kr/kvpfiles/KVPLoginCTLD.cab
DPF: {B33FEBDC-FF38-4D0F-9C76-58C4733947AD} - hxxp://download.signgate.com/download/certmgt/AxSignGATE.cab
DPF: {BBB0FC2D-1D95-45CA-BDCF-03B53F247FCC}
DPF: {C044CD87-DFB0-4130-A5E4-49361106FBC8} - hxxp://tera.hangame.com/common/activex/HanSetup1040.cab
DPF: {C3AF249E-119E-4569-838E-167E929EC6DC} - hxxp://www.bigfile.co.kr/client/cab_g/BigFileX.cab
DPF: {C5D387A6-2770-432F-A5D7-5E886BED167F} - hxxp://bank.keb.co.kr/activex/webpri/WebPriLoader.cab
DPF: {C8223F3A-1420-4245-88F2-D874FC081574} - hxxps://auth.siren24.com/MagicLineMBX/lib/MagicLineMBX.cab
DPF: {CAE8116F-4E38-4A48-8A50-1FA781D863C5} - hxxp://pms.ketep.re.kr/InnoAP/object/InnoFD5.cab
DPF: {CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_16-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab
DPF: {CE0A61AD-8FAA-400F-B88E-56E2BC659C37} - hxxp://app.joycity.com/_app/cab/JCGameManager.cab
DPF: {CE873186-B120-4034-9569-043119A3972A} - hxxp://cabdown.playnetwork.co.kr/playnetwork/real/MasterLauncher/PNSetup.cab
DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} - hxxps://supdate.nprotect.net/nprotect2007/keycrypt/sci/br/npkcx_1104251.cab
DPF: {D7EFD319-098B-4918-8ECF-25A8E8EE1940} - hxxp://www.maptopia.com/_Lib/Component/WindW_R%20Maptopia%20Control.cab
DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.26.0.cab
DPF: {E78928A6-3D2A-4BF7-A100-F3FBAA351B49} - hxxps://www.vpay.co.kr/kvpfiles/KVPISPCTLD.cab
DPF: {EC5D5118-9FDE-4A3E-84F3-C2B711740E70} - hxxps://telserv.danal.co.kr/Sign/SKCommAX.cab
DPF: {EE605DF7-AEC1-46EE-A5A8-249540158472} - hxxp://www.gmarket.co.kr/challenge/neo_app/MakeShortCutAtl.cab
DPF: {F6E7ECCE-6E60-4681-8D9B-4BBC12A07110} - hxxp://www.gmarket.co.kr/challenge/neo_goods/dlls/GWall_1800_Vista/GWall.cab
DPF: {FE342FC7-4374-4EBE-86DB-D73AE861F779} - hxxp://file.naver.com/activex/NaverAXGuide.cab
TCP: DhcpNameServer = 24.226.1.93 24.226.10.193
TCP: Interfaces\{D5652270-774A-48D0-9EBF-BA7D70919341} : DhcpNameServer = 24.226.1.93 24.226.10.193
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: smart - {402CA0E4-3090-402e-BE90-3EE9B766EBB0} - c:\program files\estsoft\altoolbar\ALToolBarProtocol.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\&#47448;&#55148;&#49437;\application data\mozilla\firefox\profiles\hf96mz14.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.naver.com/
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\documents and settings\&#29788;&#49425;&#50455;??application data\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\&#29788;&#49425;&#50455;??application data\mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: c:\documents and settings\&#29788;&#49425;&#50455;??local settings\application data\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\documents and settings\all users\application data\nexon\nexonplug\npPlugWire_1.0.0.0.dll
FF - plugin: c:\documents and settings\all users\application data\nexon\ngm\npnxgame.dll
FF - plugin: c:\program files\ahnlab\asp\components\aosmgr\conflict_409\npaosmgr.dll
FF - plugin: c:\program files\ahnlab\asp\mykeydefense 2.5\npmkd25aos.dll
FF - plugin: c:\program files\ahnlab\asp\mykeydefense 2.5\npmkd25sp.dll
FF - plugin: c:\program files\battlelog web plugins\0.80.0\npesnlaunch.dll
FF - plugin: c:\program files\battlelog web plugins\sonar\0.70.0\npesnsonar.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\google updater\2.4.2432.1652\npCIDetect14.dll
FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\new_plugin\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\softforum\xecureweb\activex\npxwebplugin.dll
FF - plugin: c:\program files\softforum\xecureweb\activex\npxwebplugin_file.dll
FF - plugin: c:\windows\system32\npCmn.dll
FF - plugin: c:\windows\system32\npeutilex.dll
FF - plugin: c:\windows\system32\nPFW.dll
FF - plugin: c:\windows\system32\nPFWFlt.dll
FF - plugin: c:\windows\system32\npidsx.dll
FF - plugin: c:\windows\system32\npkcrypt.dll
FF - plugin: c:\windows\system32\npKeyPro.dll
FF - plugin: c:\windows\system32\npOrdInstruct.dll
FF - plugin: c:\windows\system32\npptools.dll
.
============= SERVICES / DRIVERS ===============
.
R0 TPDIGIMN;TPDIGIMN;c:\windows\system32\drivers\ApsHM86.sys [2009-6-29 20520]
R1 AMonTDnt;AMonTDnt;c:\windows\system32\drivers\AmonTDNt.sys [2009-12-30 95592]
R1 EstRtwIFDrv;EstRtwIFDrv;c:\windows\system32\drivers\EstRtw.sys [2011-11-8 205112]
R1 tvtumon;tvtumon;c:\windows\system32\drivers\tvtumon.sys [2008-5-9 46144]
R2 ALYac_RTSrv;ALYac RealTime Service;c:\program files\estsoft\alyac\AYRTSrv.aye [2011-10-24 377656]
R2 ALYac_UpdSrv;ALYac Update Service;c:\program files\estsoft\alyac\AYUpdSrv.aye [2011-10-24 657720]
R2 ATService;AuthenTec Fingerprint Service;c:\windows\system32\AtService.exe [2009-3-19 1680632]
R2 dtsvc;Data Transfer Service;c:\windows\system32\DTS.exe [2009-3-19 98304]
R2 FingerprintServer;Fingerprint Server;c:\windows\system32\FpLogonServ.exe [2009-3-19 118784]
R2 NATService;NATService;c:\program files\nat service\natsvc.exe [2011-10-2 609360]
R2 npkakl;npkakl;c:\windows\system32\npkakl.sys [2009-8-20 39872]
R2 NVIDIA Performance Driver Service;NVIDIA Performance Driver Service;c:\program files\nvidia corporation\performance drivers\nvPDsvc.exe [2009-10-13 5233256]
R2 Power Manager DBC Service;Power Manager DBC Service;c:\program files\thinkpad\utilities\PWMDBSVC.exe [2009-8-2 53248]
R2 TPHKSVC;On Screen Display;c:\program files\lenovo\hotkey\TPHKSVC.exe [2008-5-20 62320]
R2 TVT Backup Protection Service;TVT Backup Protection Service;c:\program files\lenovo\rescue and recovery\rrpservice.exe [2008-5-14 520192]
R2 TVT_UpdateMonitor;TVT Windows Update Monitor;c:\program files\lenovo\rescue and recovery\UpdateMonitor.exe [2008-5-9 360448]
R2 UNS;Intel(R) Active Management Technology User Notification Service;c:\program files\common files\intel\privacy icon\uns\UNS.exe [2009-8-2 2058776]
R3 5U875UVC;Integrated Camera;c:\windows\system32\drivers\5U875.sys [2009-8-2 72320]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\drivers\e1y5132.sys [2009-8-3 239760]
R3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\drivers\tvti2c.sys [2008-2-22 37312]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-12-15 133104]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\lenovo\hotkey\micmute.exe [2009-5-21 45424]
S2 SessionLauncher;SessionLauncher;c:\docume~1\admini~1\locals~1\temp\dx9\sessionlauncher.exe --> c:\docume~1\admini~1\locals~1\temp\dx9\SessionLauncher.exe [?]
S3 ADMonitor;AD Monitor;c:\windows\system32\ADMonitor.exe [2009-3-19 106496]
S3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver;c:\windows\system32\drivers\ATSwpWDF.sys [2009-12-28 482176]
S3 AvsBluebird;FusionHDTV USB, AVStream Capture;c:\windows\system32\drivers\bluebird2.sys [2011-8-18 478464]
S3 AYDrvSPEx_ALYAC;AYDrvSPEx_ALYAC;\??\c:\program files\estsoft\alyac\aydrvspex.sys --> c:\program files\estsoft\alyac\AYDrvSPEx.sys [?]
S3 CdmDrvNt;CdmDrvNt;c:\windows\system32\drivers\CdmDrvNt.sys [2009-12-30 19616]
S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\eaglexnt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\&#47448;&#55148;&#49437;\locals~1\temp\ryk20.tmp --> c:\docume~1\&#47448;&#55148;&#49437;\locals~1\temp\RYK20.tmp [?]
S3 gupdatem;Google &#50629;&#45936;&#51060;&#53944; &#49436;&#48708;&#49828; (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-12-15 133104]
S3 JRSUKD25;JRSUKD25;c:\windows\system32\JRSUKD25.SYS [2011-6-13 20560]
S3 kcrtx86;kcrtx86;c:\windows\system32\kcrtx86.sys [2010-9-29 126048]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
S3 MfFWEnt;MfFWEnt;c:\program files\ahnlab\asp\myfirewall 4.0\mffwent.sys [2009-12-30 101368]
S3 MfIPSEnt;MfIPSEnt;c:\program files\ahnlab\asp\myfirewall 4.0\mfipsent.sys [2009-12-30 121536]
S3 Mkd2kfNt;Mkd2kfNt;c:\windows\system32\drivers\Mkd2kfNT.sys [2010-1-30 142448]
S3 Mkd2Nadr;Mkd2Nadr;c:\windows\system32\drivers\Mkd2Nadr.sys [2010-1-30 91504]
S3 NPFW;NPFW;c:\windows\system32\Npfw.sys [2010-1-14 108736]
S3 NPFWFLT;NPFWFLT;c:\windows\system32\npfwflt.sys [2010-1-14 82496]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 NPIDS;NPIDS;c:\windows\system32\npids.sys [2010-1-14 61792]
S3 ProDefense;ProDefense;\??\c:\windows\system32\drivers\prodefense.sys --> c:\windows\system32\drivers\ProDefense.sys [?]
S3 PsSdk30;PsSdk30;\??\c:\windows\system32\drivers\pssdk30.drv --> c:\windows\system32\drivers\PsSdk30.drv [?]
S3 PsSdk41;PsSdk41;c:\windows\system32\drivers\pssdk41.sys [2011-10-19 36928]
S3 RoxMediaDB10;RoxMediaDB10;c:\program files\common files\roxio shared\10.0\sharedcom\RoxMediaDB10.exe [2008-4-25 1120752]
S3 scsk5;SCSK5 Driver Service;c:\windows\system32\drivers\scsk5.sys --> c:\windows\system32\drivers\scsk5.sys [?]
S3 scskusbf;USB SCSK Filter Driver Service;c:\windows\system32\drivers\scskusbf.sys [2011-8-4 18184]
S3 scskusbs;USB SCSK Driver Service;c:\windows\system32\drivers\scskusbs.sys [2011-8-4 175872]
S3 vtany;vtany;\??\c:\windows\vtany.sys --> c:\windows\vtany.sys [?]
S3 XDva327;XDva327;\??\c:\windows\system32\xdva327.sys --> c:\windows\system32\XDva327.sys [?]
S3 XDva330;XDva330;\??\c:\windows\system32\xdva330.sys --> c:\windows\system32\XDva330.sys [?]
S3 XDva349;XDva349;\??\c:\windows\system32\xdva349.sys --> c:\windows\system32\XDva349.sys [?]
S3 XDva351;XDva351;\??\c:\windows\system32\xdva351.sys --> c:\windows\system32\XDva351.sys [?]
S3 XDva356;XDva356;\??\c:\windows\system32\xdva356.sys --> c:\windows\system32\XDva356.sys [?]
S3 XDva386;XDva386;\??\c:\windows\system32\xdva386.sys --> c:\windows\system32\XDva386.sys [?]
S3 XDva389;XDva389;\??\c:\windows\system32\xdva389.sys --> c:\windows\system32\XDva389.sys [?]
S3 xhunter1;xhunter1;\??\c:\windows\xhunter1.sys --> c:\windows\xhunter1.sys [?]
.
=============== Created Last 30 ================
.
2011-11-19 08:31:10 388096 ----a-r- c:\documents and settings\&#47448;&#55148;&#49437;\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-11-19 08:31:08 -------- d-----w- c:\program files\Trend Micro
2011-11-19 07:42:41 527208 ------w- c:\windows\system32\HPDiscoPM9311.dll
2011-11-19 07:42:34 267112 ----a-w- c:\windows\system32\hpinksts9311LM.dll
2011-11-18 07:32:37 -------- d-sha-r- C:\cmdcons
2011-11-18 07:25:59 98816 ----a-w- c:\windows\sed.exe
2011-11-18 07:25:59 518144 ----a-w- c:\windows\SWREG.exe
2011-11-18 07:25:59 256000 ----a-w- c:\windows\PEV.exe
2011-11-18 07:25:59 208896 ----a-w- c:\windows\MBR.exe
2011-11-18 07:24:18 -------- d-----w- C:\ComboFix
2011-11-18 06:20:21 -------- d-----w- c:\documents and settings\&#47448;&#55148;&#49437;\application data\Malwarebytes
2011-11-18 06:20:13 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2011-11-18 05:37:52 -------- d-----r- c:\documents and settings\&#47448;&#55148;&#49437;\Recent
2011-11-07 18:10:31 592 ----a-w- c:\windows\system32\drivers\EstRtw.dat
2011-11-07 18:10:10 205112 ----a-w- c:\windows\system32\drivers\EstRtw.sys
2011-11-07 18:10:10 16736 ----a-w- c:\windows\system32\bootalyac.exe
2011-10-30 07:23:04 733184 ----a-r- c:\documents and settings\&#47448;&#55148;&#49437;\application data\microsoft\installer\{538aa99e-2fea-46ab-9a11-b5a117f441ef}\kaiLaunch.exe
2011-10-28 05:18:43 -------- d-----w- c:\program files\SystemRequirementsLab
2011-10-24 05:29:02 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 05:29:02 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-10-20 23:36:03 -------- d-----w- c:\program files\iPod
2011-10-20 23:35:50 -------- d-----w- c:\program files\iTunes
.
==================== Find3M ====================
.
2011-11-16 18:07:55 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-19 04:13:24 36928 ----a-w- c:\windows\system32\drivers\pssdk41.sys
2011-10-10 21:53:17 544656 ----a-w- c:\windows\system32\deployJava1.dll
2011-10-10 21:53:17 128000 ----a-w- c:\windows\system32\javacpl.cpl
2011-10-10 14:22:46 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-10-06 04:18:00 91504 ----a-w- c:\windows\system32\drivers\Mkd2Nadr.sys
2011-09-28 07:05:40 593920 ----a-w- c:\windows\system32\crypt32.dll
2011-09-28 05:14:00 79984 ----a-w- c:\windows\system32\drivers\Mkd2BthF.sys
2011-09-28 05:14:00 142448 ----a-w- c:\windows\system32\drivers\Mkd2kfNT.sys
2011-09-26 02:41:38 611328 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 02:41:38 20480 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 02:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-06 14:09:51 1858560 ----a-w- c:\windows\system32\win32k.sys
2011-09-01 19:16:35 1402808 ----a-w- c:\windows\JCGameLauncher.exe
2011-08-30 14:05:04 83816 ----a-w- c:\windows\system32\dns-sd.exe
2011-08-30 14:05:04 73064 ----a-w- c:\windows\system32\dnssd.dll
2011-08-30 14:05:04 50536 ----a-w- c:\windows\system32\jdns_sd.dll
2011-08-30 14:05:04 178536 ----a-w- c:\windows\system32\dnssdX.dll
2011-08-22 23:40:31 916480 ----a-w- c:\windows\system32\wininet.dll
2011-08-22 23:40:30 43520 ------w- c:\windows\system32\licmgr10.dll
2011-08-22 23:40:30 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-08-22 11:56:54 385024 ------w- c:\windows\system32\html.iec
.
============= FINISH: 17:45:38.00 ===============



I HAVE ATTACHED attach.txt and ark.txt
 

Attachments

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top