1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

invisible ad voice, random ad pop ups please help

Discussion in 'Virus & Other Malware Removal' started by potato123, Nov 20, 2011.

Thread Status:
Not open for further replies.
  1. potato123

    potato123 Thread Starter

    Joined:
    Nov 20, 2011
    Messages:
    2
    hello. im first year university student who have almost no knowlege with this stuff
    I was just using IE and one day I keep hearing this ad voices. Even after I close the IE window, voice still goes on.
    Also random ad IE windows pops up time to time. Please help me fix this. This is getting very annoying.
    Thank you very much.

    P.S. - My computer is in Korean and if there is any word you need to know, just let me know. Ill get back to you ASAP.('류희석' is computer name)

    P.S.S. - I get this error message when I run GMER (LoadDrive("C:\DOCUME~1\류희석\LOCALS~1\Temp\kwndqfog.sys") error 0x000010E: 불안정한 상위키 아래에 안정된 하위 키를 만들수 없습니다.) Last Korean part is saying like "cant make low stable key under high unstable key." I don't know if its important but i thought its best to let you know first.

    P.S.S.S. - I had to attach ark.txt file since it told me this "The text that you have entered is too long (331511 characters) please shorten it to 300000 characters long.")


    HERE IS hijackthis file

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 오후 5:32:08, on 2011-11-19
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal
    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\DTS.exe
    C:\WINDOWS\system32\ibmpmsvc.exe
    C:\WINDOWS\system32\AtService.exe
    C:\WINDOWS\system32\FpLogonServ.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
    C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
    C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
    C:\Program Files\ESTsoft\ALYac\AYRTSrv.aye
    C:\Program Files\ESTsoft\ALYac\AYUpdSrv.aye
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\PROGRA~1\Lenovo\NPDIRECT\TPFNF7SP.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\TpShocks.exe
    C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
    C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
    C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
    C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
    C:\PROGRA~1\THINKV~1\PrdCtr\LPMLCHK.exe
    C:\PROGRA~1\THINKV~1\AMSG\Amsg.exe
    C:\Program Files\Lenovo\Drag-to-Disc\DrgToDsc.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
    C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
    C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
    C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
    C:\Program Files\Lenovo\Zoom\TpScrex.exe
    C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
    C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
    C:\Program Files\Java\jre7\bin\jqs.exe
    C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Intel\AMT\LMS.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\NAT Service\natsvc.exe
    C:\WINDOWS\system32\npkcmsvc.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\ESTsoft\ALYac\AYAgent.aye
    C:\Program Files\DS Clock\DSClock.exe
    C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    C:\Program Files\11STshoppingIcon\11stshopping.exe
    C:\WINDOWS\system32\svchost.exe
    c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\TpKmpSVC.exe
    C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
    C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
    c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
    C:\Program Files\Lenovo\Rescue and Recovery\UpdateMonitor.exe
    C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
    C:\Program Files\Digital Line Detect\DLG.exe
    C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
    C:\Program Files\RALINK\Common\RaUI.exe
    C:\Program Files\RotateImage\RCIMGDIR.exe
    C:\PROGRA~1\ThinkPad\BLUETO~1\BTSTAC~1.EXE
    C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
    c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
    C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
    c:\program files\lenovo\system update\suservice.exe
    c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\DAEMON Tools Lite\DTLite.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: ALToolbarBho - {7F1A79F9-78D1-4186-9F60-EE0B63DF042A} - C:\Program Files\ESTsoft\ALToolBar\ALToolBar_2050.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
    O2 - BHO: SideOnHelper - {B7063D54-EC61-4F72-90F2-D821AF4BE179} - C:\Program Files\SideOn\SideOn.dll
    O2 - BHO: Password Manager Browser Helper Object - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: ALToolBar - {38FBE93D-4CA1-4414-AF6A-94920C5BD8DA} - C:\Program Files\ESTsoft\ALToolBar\ALToolBar_2050.dll
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [picon] "C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe" -startup
    O4 - HKLM\..\Run: [TPFNF7] C:\PROGRA~1\Lenovo\NPDIRECT\TPFNF7SP.exe /r
    O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
    O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
    O4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
    O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
    O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
    O4 - HKLM\..\Run: [LPMailChecker] C:\PROGRA~1\THINKV~1\PrdCtr\LPMLCHK.exe
    O4 - HKLM\..\Run: [AMSG] C:\PROGRA~1\THINKV~1\AMSG\Amsg.exe /startup
    O4 - HKLM\..\Run: [CameraApplicationLauncher] C:\Program Files\Lenovo\Camera Center\bin\CameraApplicationLaunchpadLauncher.exe
    O4 - HKLM\..\Run: [RoxioDragToDisc] C:\Program Files\Lenovo\Drag-to-Disc\DrgToDsc.exe
    O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
    O4 - HKLM\..\Run: [BLOG] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog
    O4 - HKLM\..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
    O4 - HKLM\..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
    O4 - HKLM\..\Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [HncUpdate] C:\Program Files\Common Files\Hnc\HncUtils\HncUpdate.exe /A
    O4 - HKLM\..\Run: [Korean IME Migration] C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMEKR\IMKRMIG.EXE
    O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
    O4 - HKLM\..\Run: [LENOVO.TPFNF6R] C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe
    O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [FingerPrintSoftware] "C:\Program Files\Lenovo Fingerprint Software\fpapp.exe" \s
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [11STshoppingIcon] C:\Program Files\11STshoppingIcon\11stdirecticonst.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [ALYac] "C:\Program Files\ESTsoft\ALYac\AYLaunch.exe" /run
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [DS Clock] "C:\Program Files\DS Clock\DSClock.exe"
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
    O4 - HKCU\..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
    O4 - HKCU\..\Run: [scchk] "C:\Program Files\StarCodec\SCChkUpd.exe" /s
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] ctfmon.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] ctfmon.exe (User 'Default user')
    O8 - Extra context menu item: Adobe PDF로 변환 - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Bluetooth 장치로 보내기(&B)... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
    O8 - Extra context menu item: Bluetooth로 보내기 - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
    O8 - Extra context menu item: Microsoft Excel로 내보내기(&X) - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: 기존 PDF로 변환 - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: 링크 대상을 Adobe PDF로 변환 - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: 링크 대상을 기존 PDF로 변환 - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: 선택 영역을 Adobe PDF로 변환 - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: 선택 영역을 기존 PDF로 변환 - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: 선택한 링크를 Adobe PDF로 변환 - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: 선택한 링크를 기존 PDF로 변환 - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: 알툴바 빠른검색(&Q) - res://C:\Program Files\ESTsoft\ALToolBar\ALToolBand_2050.dll/23/SEARCH.HTML
    O9 - Extra button: 쇼핑 스트리트, 11번가 - {71DF21B0-8C69-4923-8C7B-B195F8DDB5CD} - http://www.11st.co.kr/connect/Gateway.tmall?method=Xsite&tid=1000105205 (file missing)
    O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: (no name) - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
    O9 - Extra 'Tools' menuitem: Lenovo Password Manager... - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O15 - Trusted Zone: *.bigfile.co.kr
    O15 - Trusted Zone: http://*.bigfile.co.kr
    O15 - Trusted Zone: http://*.daum.net
    O15 - Trusted Zone: http://*.entogether.com
    O15 - Trusted Zone: http://*.google.co.kr
    O15 - Trusted Zone: http://*.google.com
    O15 - Trusted Zone: http://*.ilikeclick.com
    O15 - Trusted Zone: http://*.interich.com
    O15 - Trusted Zone: http://*.jtjt.net
    O15 - Trusted Zone: http://*.linkprice.com
    O15 - Trusted Zone: http://*.mjoynet.com
    O15 - Trusted Zone: http://*.nate.com
    O15 - Trusted Zone: http://*.naver.com
    O15 - Trusted Zone: http://*.wecl.co.kr
    O15 - Trusted Zone: http://*.weclick.co.kr
    O15 - Trusted Zone: http://*.yahoo.co.kr
    O15 - Trusted Zone: http://*.yahoo.com
    O15 - ESC Trusted Zone: http://*.update.microsoft.com
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
    O16 - DPF: {03AF249E-119E-4569-838E-167E929EC6DA} (BigFileControl Control) - http://www.bigfile.co.kr/client/BigFile.cab
    O16 - DPF: {063F7D71-5E0B-48F2-87D5-F63C5917947E} (Aosmgr Control) - http://ahnlabdownload.nefficient.co.kr/aos/plugin/aosmgr.cab
    O16 - DPF: {0AE0F5F9-8233-49A4-A3C8-004CE190787B} (BMSpeedCheck Control) - http://www.afreeca.com/ocx/AfSpeedCheck.cab
    O16 - DPF: {0B304B1A-925D-4957-9034-CD1A1E71DCC7} - http://navyfield-sdenternet.ktics.co.kr/ActiveCodebase/KOR/NFLauncherAX.cab
    O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_client_4.4.26.0.cab
    O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} (MeadCo ScriptX Basic) - http://portal.keri.re.kr/download/ScriptX.cab
    O16 - DPF: {2022EE84-1E1F-45B0-8D35-FF9DA75366BC} (ExpressViewer Class) - http://download.softforum.co.kr/Published/XecureExpressI/v2.6.0.3/xei_install2.cab
    O16 - DPF: {24F6E6A8-852C-45A8-ADD3-C4AB0D6FD231} (INIwallet61 Control) - https://plugin.inicis.com/wallet61/INIwallet61.cab
    O16 - DPF: {25794D3C-E2F0-40B8-9C11-F38DC1908633} (Maildropfile Control) - http://activexdown.paran.com/paranactivex/data/uploadlauncher.cab
    O16 - DPF: {286A75C3-11FB-4FB4-AC4A-4DD1B0750050} (INISAFEWeb6 V6 Class) - http://www.siren24.com/initech/plugin/INIS60.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
    O16 - DPF: {341FBC5F-2AE4-41B8-BFE5-A03170569A27} (IBLeaders IBSheet3 Control v3.4.0.68) - http://pms.ketep.re.kr/IBSheet/object/IBSheet3.CAB
    O16 - DPF: {34543C6F-6116-4B5C-A861-15B562BFE7A4} (EzPDFBook Control) - http://drm.ks.or.kr/ezpdfdrm/download/ezPDFReader.cab
    O16 - DPF: {3B56E5F0-7B20-48BF-B439-A995BE5191EF} (SessionControl Control) - http://wfc.wooribank.com/com/common/SessionControl.cab
    O16 - DPF: {40A217E1-BDDA-44DE-9BBC-D678C7B48603} (EspressoAgent Control) - http://www.bluemountainsoft.com/agent/EspressoAgent.ocx
    O16 - DPF: {442E9D84-97AE-410F-9697-51B0E2C5EC92} (PCOTPCtl Class) - http://pcotp.motp.co.kr/pcotp/PCOTPAX.cab
    O16 - DPF: {45091AA2-1574-4EC8-B520-4C27E29CF889} (GifFreezerCtrl Class) - http://www.gmarket.co.kr/challenge/neo_goods/dlls/gifFreezer.cab
    O16 - DPF: {4C68DACE-E6BC-4650-9C7E-D036720CA729} (Nps Control) - http://image.gmarket.co.kr/tools/tyscan/nps.cab
    O16 - DPF: {559E87DD-406C-43C9-BE70-3C902331CA6B} (WZIFLauncher Class) - http://windybeta.xcdnplus.co.kr/windydev/sd/common/cab/service/1046/WZMngrAx.cab
    O16 - DPF: {571CB303-4267-4D92-B45C-9B79ACC18632} (PotWeb Control) - http://get.daum.net/PotPlayer/v2/PotWeb.cab
    O16 - DPF: {5876CAD0-1636-42EA-AC50-4C06F3196089} (HanGamePlugin19 Class) - http://down.hangame.com/dist/activex/HanGamePlugin19.cab
    O16 - DPF: {6BE2ABE1-B432-491A-81AE-6B6EE7628570} (mBoxX Class) - http://ryoonas.mvix.net:8080/mBox.cab
    O16 - DPF: {6CE20149-ABE3-462E-A1B4-5B549971AA38} (XecureCKKB Class) - http://ck.softforum.co.kr/CKKeyPro/wooribank/CKKeyPro3017_32k.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1249227829796
    O16 - DPF: {7876A60C-6116-4AD9-B0EE-C53A06C08747} (IPCheckerX Control) - http://203.248.245.161:8080/ftth/ftth/popup/IPCheckerX.cab
    O16 - DPF: {78EB4139-AC59-425A-963E-B26C138B88F9} (CYBERMAP_ASP_NEOTSYS_SUNGNAM2 Control) - http://businfo.cans21.net/busInfo/CYBERMAP_ASP_NEOTSYS_SUNGNAM2.cab
    O16 - DPF: {7B6DEBCF-E27A-40F5-832A-954D642D3C2A} (Pilot Class) - http://www.maptopia.com/_Lib/Component/PythonW.cab
    O16 - DPF: {81D9BBB0-22AD-44F3-B7DB-8FD9ECEB27A0} (FxChartA Control) - http://fx.keb.co.kr/activex/Chart/FxChartA.cab
    O16 - DPF: {8768D5EA-5412-4810-A032-09AD2A726C69} (DownStarter2 Control) - http://bgweb.nowcdn.co.kr/Bin/DownStarter2.cab
    O16 - DPF: {8E2A904F-FDD7-4086-A49C-834F1C47DC39} -
    O16 - DPF: {967386A1-409E-431A-A93A-FB5FEFF86A58} (AXMObjectCtl Class) - http://bank.keb.co.kr/veraport/veraport.cab
    O16 - DPF: {9709739B-4909-489B-A1F7-148C74F16EEE} (CNxSysInfoCtrl Object) - http://platform.nx.com/ActiveX/nxsysinfo.cab
    O16 - DPF: {999206BD-3FD0-4A47-A96E-680E8DB844C2} (InnoDS Ver.5 (REengineered)) - http://pms.ketep.re.kr/InnoAP/object/InnoDS5.cab
    O16 - DPF: {9E1F4A27-7EB0-4210-98D8-1CCF6671F483} (ClipSoft Rexpert Viewer Control 2.5(ANSI)) - http://222.106.84.106:8088/RexServer/cab/Rexpert25ViewerFull.cab
    O16 - DPF: {9FC84F7D-D177-4A75-A7BB-429DA5BD0A3E} (SG_CAppAtx Control) -
    O16 - DPF: {A099920B-630C-426B-91EC-737685CEEE17} (AxCrossCert Class) - http://eapat.co.kr/CrossCert/AxCrossCert.cab
    O16 - DPF: {A17BFC9F-18A7-4BE7-915A-C106624AC802} (CNeopleInstallAXCtlKor10 Object) - http://d-fighter.nefficient.co.kr/samsungdnf/neople/dnf_hg/installer/dnf_real.cab
    O16 - DPF: {A4508A45-F1C4-40F3-99B4-0CA08AC77E3B} (Kdfense8 Control) - http://kings.nefficient.co.kr/kings/kdfx/kdfx321/kdfense8.cab
    O16 - DPF: {A50E964D-F290-4EAD-9BD7-EBAE95D38E91} (NungcoolWECv3 Control) - http://portal.keri.re.kr/Download/SoBiSWEC2007.cab
    O16 - DPF: {A56A1518-A259-4109-98B3-06A30F09AB1B} (JXMailViewer Control) - http://210.216.228.21/real/dl/JXmailActiveX.cab
    O16 - DPF: {A74BBDD4-B4A7-49D4-A088-E01805407B1E} (JungUmUpdateAtx Control) - http://www.jungum.com/ocx/update/JungUmUpdate.cab
    O16 - DPF: {A8C9023F-8740-46CC-89DD-F6C353230E28} (GameHiDownloaderCtrlKr Class) - http://img.gamehi.kr/cabs/GamehiDownloaderKr.cab
    O16 - DPF: {A9FC42C5-C098-41A7-8101-E4B0391C096F} (Virtual-Net) - http://dldoc.keri.re.kr/vn/virtual-net.cab
    O16 - DPF: {AB14AFC3-7AFB-403E-8ABF-8966E0FD360D} (DnsChangeX Control) - http://203.248.245.161:8080/ftth/ftth/popup/DnsChangeX.cab
    O16 - DPF: {B01AAFA1-2478-44A3-8894-BE4D4C23C271} (HLauncher Control) - http://su.hanbiton.com/Game/Launcher/HLauncher.cab
    O16 - DPF: {B095794C-3FAB-493B-9BDD-5272FAAD9979} (GamehiLauncher ActiveX Control) - http://img.gamehi.kr/cabs/GamehiLauncher.cab
    O16 - DPF: {B1F38AB3-D8C7-49A2-B09C-8055D2128BC6} (KVPLoginCtl Control) - http://www.vpay.co.kr/kvpfiles/KVPLoginCTLD.cab
    O16 - DPF: {B33FEBDC-FF38-4D0F-9C76-58C4733947AD} (SignGATE Class) - http://download.signgate.com/download/certmgt/AxSignGATE.cab
    O16 - DPF: {BBB0FC2D-1D95-45CA-BDCF-03B53F247FCC} (EwsLoader Class) -
    O16 - DPF: {C044CD87-DFB0-4130-A5E4-49361106FBC8} (HanSetupCtrl1010 Class) - http://tera.hangame.com/common/activex/HanSetup1040.cab
    O16 - DPF: {C3AF249E-119E-4569-838E-167E929EC6DC} (BigFileControlX) - http://www.bigfile.co.kr/client/cab_g/BigFileX.cab
    O16 - DPF: {C5D387A6-2770-432F-A5D7-5E886BED167F} (WebPriLoaderCtrl Class) - http://bank.keb.co.kr/activex/webpri/WebPriLoader.cab
    O16 - DPF: {C8223F3A-1420-4245-88F2-D874FC081574} (MagicLineMBX Class) - https://auth.siren24.com/MagicLineMBX/lib/MagicLineMBX.cab
    O16 - DPF: {CAE8116F-4E38-4A48-8A50-1FA781D863C5} (InnoFD Ver.5 (REengineered)) - http://pms.ketep.re.kr/InnoAP/object/InnoFD5.cab
    O16 - DPF: {CE0A61AD-8FAA-400F-B88E-56E2BC659C37} (Launcher Class) - http://app.joycity.com/_app/cab/JCGameManager.cab
    O16 - DPF: {CE873186-B120-4034-9569-043119A3972A} (GPSetupCtrl Class) - http://cabdown.playnetwork.co.kr/playnetwork/real/MasterLauncher/PNSetup.cab
    O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} (NPKCX Control) - https://supdate.nprotect.net/nprotect2007/keycrypt/sci/br/npkcx_1104251.cab
    O16 - DPF: {D7EFD319-098B-4918-8ECF-25A8E8EE1940} (Maptopia WindW Control) - http://www.maptopia.com/_Lib/Component/WindW_R Maptopia Control.cab
    O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.26.0.cab
    O16 - DPF: {E78928A6-3D2A-4BF7-A100-F3FBAA351B49} (KvpIspCtlD Control) - https://www.vpay.co.kr/kvpfiles/KVPISPCTLD.cab
    O16 - DPF: {EC5D5118-9FDE-4A3E-84F3-C2B711740E70} (SKCommAX Control) - https://telserv.danal.co.kr/Sign/SKCommAX.cab
    O16 - DPF: {EE605DF7-AEC1-46EE-A5A8-249540158472} (MakeShortCutUac Class) - http://www.gmarket.co.kr/challenge/neo_app/MakeShortCutAtl.cab
    O16 - DPF: {F6E7ECCE-6E60-4681-8D9B-4BBC12A07110} (GWallCtrl Class) - http://www.gmarket.co.kr/challenge/neo_goods/dlls/GWall_1800_Vista/GWall.cab
    O16 - DPF: {FE342FC7-4374-4EBE-86DB-D73AE861F779} (NaverAXGuide Class) - http://file.naver.com/activex/NaverAXGuide.cab
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: smart - {402CA0E4-3090-402E-BE90-3EE9B766EBB0} - C:\Program Files\ESTsoft\ALToolBar\ALToolBarProtocol.dll
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
    O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
    O23 - Service: AD Monitor (ADMonitor) - Unknown owner - C:\WINDOWS\system32\ADMonitor.exe
    O23 - Service: ALYac RealTime Service (ALYac_RTSrv) - Unknown owner - C:\Program.exe (file missing)
    O23 - Service: ALYac Update Service (ALYac_UpdSrv) - Unknown owner - C:\Program.exe (file missing)
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\WINDOWS\system32\AtService.exe
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: Bonjour 서비스 (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
    O23 - Service: Data Transfer Service (dtsvc) - Unknown owner - C:\WINDOWS\system32\DTS.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    O23 - Service: Fingerprint Server (FingerprintServer) - AuthenTec,Inc - C:\WINDOWS\system32\FpLogonServ.exe
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google 업데이트 서비스 (gupdatem) (gupdatem) - Google Inc - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\WINDOWS\system32\ibmpmsvc.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: iPod 서비스 (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
    O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
    O23 - Service: Intel(R) Active Management Technology Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\AMT\LMS.exe
    O23 - Service: NATService - Network Advanced Technology - C:\Program Files\NAT Service\natsvc.exe
    O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
    O23 - Service: npkcmsvc - INCA Internet Co., Ltd. - C:\WINDOWS\system32\npkcmsvc.exe
    O23 - Service: NVIDIA Performance Driver Service - Unknown owner - C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: Power Manager DBC Service - Unknown owner - C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
    O23 - Service: Intel(R) PROSet/Wireless WiFi Service (S24EventMonitor) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
    O23 - Service: SessionLauncher - Unknown owner - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\DX9\SessionLauncher.exe (file missing)
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
    O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\program files\lenovo\system update\suservice.exe
    O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
    O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.exe
    O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
    O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe
    O23 - Service: TSS Core Service (TSSCoreService) - Lenovo - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe
    O23 - Service: TVT Backup Protection Service - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
    O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
    O23 - Service: TVT Scheduler - Lenovo Group Limited - c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
    O23 - Service: TVT Windows Update Monitor (TVT_UpdateMonitor) - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\UpdateMonitor.exe
    O23 - Service: Intel(R) Active Management Technology User Notification Service (UNS) - Intel Corporation - C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
    --
    End of file - 29241 bytes




    HERE IS dds.txt file


    .
    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.0.0
    Run by 류희석 at 17:33:07 on 2011-11-19
    Microsoft Windows XP Professional 5.1.2600.3.949.82.1042.18.2554.1256 [GMT 9:00]
    .
    AV: 알약 *Enabled/Updated* {B9431E5A-E196-4B6F-843A-10E01DB25461}
    .
    ============== Running Processes ===============
    .
    C:\WINDOWS\system32\DTS.exe
    C:\WINDOWS\system32\ibmpmsvc.exe
    C:\WINDOWS\system32\AtService.exe
    C:\WINDOWS\system32\FpLogonServ.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
    C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
    svchost.exe
    svchost.exe
    svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
    C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
    C:\Program Files\ESTsoft\ALYac\AYRTSrv.aye
    C:\Program Files\ESTsoft\ALYac\AYUpdSrv.aye
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\PROGRA~1\Lenovo\NPDIRECT\TPFNF7SP.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\TpShocks.exe
    C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
    C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
    C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
    C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
    C:\PROGRA~1\THINKV~1\PrdCtr\LPMLCHK.exe
    C:\PROGRA~1\THINKV~1\AMSG\Amsg.exe
    C:\Program Files\Lenovo\Drag-to-Disc\DrgToDsc.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
    C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
    C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
    C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
    C:\Program Files\Lenovo\Zoom\TpScrex.exe
    C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
    C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
    C:\Program Files\Java\jre7\bin\jqs.exe
    C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Intel\AMT\LMS.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\NAT Service\natsvc.exe
    C:\WINDOWS\system32\npkcmsvc.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\ESTsoft\ALYac\AYAgent.aye
    C:\Program Files\DS Clock\DSClock.exe
    C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    C:\Program Files\11STshoppingIcon\11stshopping.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\TpKmpSVC.exe
    C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
    C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
    c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
    C:\Program Files\Lenovo\Rescue and Recovery\UpdateMonitor.exe
    C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
    C:\Program Files\Digital Line Detect\DLG.exe
    C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
    C:\Program Files\RALINK\Common\RaUI.exe
    C:\Program Files\RotateImage\RCIMGDIR.exe
    C:\PROGRA~1\ThinkPad\BLUETO~1\BTSTAC~1.EXE
    C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
    c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
    C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
    c:\program files\lenovo\system update\suservice.exe
    c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\DAEMON Tools Lite\DTLite.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
    C:\WINDOWS\system32\conime.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.naver.com/
    uInternet Settings,ProxyOverride = <local>;*.local
    BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
    BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
    BHO: ALToolbarBho: {7f1a79f9-78d1-4186-9f60-ee0b63df042a} - c:\program files\estsoft\altoolbar\ALToolBar_2050.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
    BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.2.4204.1700\swg.dll
    BHO: SideOnHelper: {b7063d54-ec61-4f72-90f2-d821af4be179} - c:\program files\sideon\SideOn.dll
    BHO: IePasswordManagerHelper Class: {bf468356-bb7e-42d7-9f15-4f3b9bcfced2} - c:\program files\lenovo\client security solution\tvtpwm_ie_com.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll
    TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
    TB: ALToolBar: {38fbe93d-4ca1-4414-af6a-94920c5bd8da} - c:\program files\estsoft\altoolbar\ALToolBar_2050.dll
    TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
    TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
    TB: {86B9B5DD-FB75-4035-BD52-3C94F7849CAF} - No File
    TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
    EB: SideOn: {b1f115ee-876d-41e9-9515-d0dfafa98521} - c:\program files\sideon\SideOn.dll
    EB: {FCAA16E5-0850-45ca-A96C-B1BFFF8EC6F0} - No File
    uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
    uRun: [DS Clock] "c:\program files\ds clock\DSClock.exe"
    uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
    uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun
    uRun: [SmartAudio] c:\program files\conexant\saii\SAIICpl.exe /t
    uRun: [scchk] "c:\program files\starcodec\SCChkUpd.exe" /s
    uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
    mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
    mRun: [SynTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe
    mRun: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
    mRun: [picon] "c:\program files\common files\intel\privacy icon\PrivacyIconClient.exe" -startup
    mRun: [TPFNF7] c:\progra~1\lenovo\npdirect\TPFNF7SP.exe /r
    mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
    mRun: [TpShocks] TpShocks.exe
    mRun: [TPHOTKEY] c:\program files\lenovo\hotkey\TPOSDSVC.exe
    mRun: [EZEJMNAP] c:\progra~1\thinkpad\utilit~1\EzEjMnAp.Exe
    mRun: [TVT Scheduler Proxy] c:\program files\common files\lenovo\scheduler\scheduler_proxy.exe
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
    mRun: [LPManager] c:\progra~1\thinkv~1\prdctr\LPMGR.exe
    mRun: [LPMailChecker] c:\progra~1\thinkv~1\prdctr\LPMLCHK.exe
    mRun: [AMSG] c:\progra~1\thinkv~1\amsg\Amsg.exe /startup
    mRun: [CameraApplicationLauncher] c:\program files\lenovo\camera center\bin\CameraApplicationLaunchpadLauncher.exe
    mRun: [RoxioDragToDisc] c:\program files\lenovo\drag-to-disc\DrgToDsc.exe
    mRun: [PWRMGRTR] rundll32 c:\progra~1\thinkpad\utilit~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
    mRun: [BLOG] rundll32 c:\progra~1\thinkpad\utilit~1\BatLogEx.DLL,StartBattLog
    mRun: [ACTray] c:\program files\thinkpad\connectutilities\ACTray.exe
    mRun: [ACWLIcon] c:\program files\thinkpad\connectutilities\ACWLIcon.exe
    mRun: [cssauth] "c:\program files\lenovo\client security solution\cssauth.exe" silent
    mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
    mRun: [HncUpdate] c:\program files\common files\hnc\hncutils\HncUpdate.exe /A
    mRun: [Korean IME Migration] c:\progra~1\common~1\micros~1\ime12\imekr\IMKRMIG.EXE
    mRun: [Acrobat Assistant 7.0] "c:\program files\adobe\acrobat 7.0\distillr\Acrotray.exe"
    mRun: [LENOVO.TPFNF6R] c:\program files\lenovo\hotkey\TPFNF6R.exe
    mRun: [TPKMAPHELPER] c:\program files\thinkpad\utilities\TpKmapAp.exe -helper
    mRun: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
    mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [FingerPrintSoftware] "c:\program files\lenovo fingerprint software\fpapp.exe" \s
    mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
    mRun: [11STshoppingIcon] c:\program files\11stshoppingicon\11stdirecticonst.exe
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
    mRun: [ALYac] "c:\program files\estsoft\alyac\AYLaunch.exe" /run
    dRun: [ctfmon.exe] ctfmon.exe
    StartupFolder: c:\docume~1\&#47448;&#55148;&#49437;\&#49884;&#51089;&#47700;~1\&#54532;&#47196;&#44536;&#47016;\&#49884;&#51089;&#54532;~1\yahoo!~1.lnk - c:\program files\yahoo!\widgets\YahooWidgets.exe
    StartupFolder: c:\docume~1\alluse~1\&#49884;&#51089;&#47700;~1\&#54532;&#47196;&#44536;&#47016;\&#49884;&#51089;&#54532;~1\adobe acrobat speed launcher.lnk - c:\windows\installer\{ac76ba86-1042-0000-7760-100000000002}\SC_Acrobat.exe
    StartupFolder: c:\docume~1\alluse~1\&#49884;&#51089;&#47700;~1\&#54532;&#47196;&#44536;&#47016;\&#49884;&#51089;&#54532;~1\autocad &#49884;&#51089; &#44032;&#49549;&#53412;.lnk - c:\program files\common files\autodesk shared\acstart17.exe
    StartupFolder: c:\docume~1\alluse~1\&#49884;&#51089;&#47700;~1\&#54532;&#47196;&#44536;&#47016;\&#49884;&#51089;&#54532;~1\bttray.lnk - c:\program files\thinkpad\bluetooth software\BTTray.exe
    StartupFolder: c:\docume~1\alluse~1\&#49884;&#51089;&#47700;~1\&#54532;&#47196;&#44536;&#47016;\&#49884;&#51089;&#54532;~1\digital line detect.lnk - c:\program files\digital line detect\DLG.exe
    StartupFolder: c:\docume~1\alluse~1\&#49884;&#51089;&#47700;~1\&#54532;&#47196;&#44536;&#47016;\&#49884;&#51089;&#54532;~1\ralink wireless utility.lnk - c:\program files\ralink\common\RaUI.exe
    StartupFolder: c:\docume~1\alluse~1\&#49884;&#51089;&#47700;~1\&#54532;&#47196;&#44536;&#47016;\&#49884;&#51089;&#54532;~1\rcimgdir.exe.lnk - c:\program files\rotateimage\RCIMGDIR.exe
    IE: Adobe PDF&#47196; &#48320;&#54872; - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
    IE: Bluetooth &#51109;&#52824;&#47196; &#48372;&#45236;&#44592;(&B)... - c:\program files\thinkpad\bluetooth software\btsendto_ie_ctx.htm
    IE: Bluetooth&#47196; &#48372;&#45236;&#44592; - c:\program files\thinkpad\bluetooth software\btsendto_ie.htm
    IE: Microsoft Excel&#47196; &#45236;&#48372;&#45236;&#44592;(&X) - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
    IE: &#44592;&#51316; PDF&#47196; &#48320;&#54872; - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    IE: &#47553;&#53356; &#45824;&#49345;&#51012; Adobe PDF&#47196; &#48320;&#54872; - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
    IE: &#47553;&#53356; &#45824;&#49345;&#51012; &#44592;&#51316; PDF&#47196; &#48320;&#54872; - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    IE: &#49440;&#53469; &#50689;&#50669;&#51012; Adobe PDF&#47196; &#48320;&#54872; - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
    IE: &#49440;&#53469; &#50689;&#50669;&#51012; &#44592;&#51316; PDF&#47196; &#48320;&#54872; - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    IE: &#49440;&#53469;&#54620; &#47553;&#53356;&#47484; Adobe PDF&#47196; &#48320;&#54872; - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    IE: &#49440;&#53469;&#54620; &#47553;&#53356;&#47484; &#44592;&#51316; PDF&#47196; &#48320;&#54872; - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    IE: &#50508;&#53812;&#48148; &#48736;&#47480;&#44160;&#49353;(&Q) - c:\program files\estsoft\altoolbar\ALToolBand_2050.dll/23/SEARCH.HTML
    IE: &#51060;&#48120;&#51648; EXIF &#51221;&#48372; &#48372;&#44592; -
    IE: {71DF21B0-8C69-4923-8C7B-B195F8DDB5CD} - http://www.11st.co.kr/connect/Gateway.tmall?method=Xsite&tid=1000105205
    IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\thinkpad\bluetooth software\btsendto_ie.htm
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
    IE: {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - c:\program files\lenovo\client security solution\tvtpwm_ie_com.dll
    Trusted Zone: bigfile.co.kr
    Trusted Zone: daum.net
    Trusted Zone: entogether.com
    Trusted Zone: google.co.kr
    Trusted Zone: google.com
    Trusted Zone: ilikeclick.com
    Trusted Zone: interich.com
    Trusted Zone: jtjt.net
    Trusted Zone: linkprice.com
    Trusted Zone: mjoynet.com
    Trusted Zone: nate.com
    Trusted Zone: naver.com
    Trusted Zone: wecl.co.kr
    Trusted Zone: weclick.co.kr
    Trusted Zone: yahoo.co.kr
    Trusted Zone: yahoo.com
    DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
    DPF: {03AF249E-119E-4569-838E-167E929EC6DA} - hxxp://www.bigfile.co.kr/client/BigFile.cab
    DPF: {063F7D71-5E0B-48F2-87D5-F63C5917947E} - hxxp://ahnlabdownload.nefficient.co.kr/aos/plugin/aosmgr.cab
    DPF: {0AE0F5F9-8233-49A4-A3C8-004CE190787B} - hxxp://www.afreeca.com/ocx/AfSpeedCheck.cab
    DPF: {0B304B1A-925D-4957-9034-CD1A1E71DCC7} - hxxp://navyfield-sdenternet.ktics.co.kr/ActiveCodebase/KOR/NFLauncherAX.cab
    DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_client_4.4.26.0.cab
    DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} - hxxp://portal.keri.re.kr/download/ScriptX.cab
    DPF: {2022EE84-1E1F-45B0-8D35-FF9DA75366BC} - hxxp://download.softforum.co.kr/Published/XecureExpressI/v2.6.0.3/xei_install2.cab
    DPF: {24F6E6A8-852C-45A8-ADD3-C4AB0D6FD231} - hxxps://plugin.inicis.com/wallet61/INIwallet61.cab
    DPF: {25794D3C-E2F0-40B8-9C11-F38DC1908633} - hxxp://activexdown.paran.com/paranactivex/data/uploadlauncher.cab
    DPF: {286A75C3-11FB-4FB4-AC4A-4DD1B0750050} - hxxp://www.siren24.com/initech/plugin/INIS60.cab
    DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
    DPF: {341FBC5F-2AE4-41B8-BFE5-A03170569A27} - hxxp://pms.ketep.re.kr/IBSheet/object/IBSheet3.CAB
    DPF: {34543C6F-6116-4B5C-A861-15B562BFE7A4} - hxxp://drm.ks.or.kr/ezpdfdrm/download/ezPDFReader.cab
    DPF: {3B56E5F0-7B20-48BF-B439-A995BE5191EF} - hxxp://wfc.wooribank.com/com/common/SessionControl.cab
    DPF: {40A217E1-BDDA-44DE-9BBC-D678C7B48603} - hxxp://www.bluemountainsoft.com/agent/EspressoAgent.ocx
    DPF: {442E9D84-97AE-410F-9697-51B0E2C5EC92} - hxxp://pcotp.motp.co.kr/pcotp/PCOTPAX.cab
    DPF: {45091AA2-1574-4EC8-B520-4C27E29CF889} - hxxp://www.gmarket.co.kr/challenge/neo_goods/dlls/gifFreezer.cab
    DPF: {4C68DACE-E6BC-4650-9C7E-D036720CA729} - hxxp://image.gmarket.co.kr/tools/tyscan/nps.cab
    DPF: {559E87DD-406C-43C9-BE70-3C902331CA6B} - hxxp://windybeta.xcdnplus.co.kr/windydev/sd/common/cab/service/1046/WZMngrAx.cab
    DPF: {571CB303-4267-4D92-B45C-9B79ACC18632} - hxxp://get.daum.net/PotPlayer/v2/PotWeb.cab
    DPF: {5876CAD0-1636-42EA-AC50-4C06F3196089} - hxxp://down.hangame.com/dist/activex/HanGamePlugin19.cab
    DPF: {6BE2ABE1-B432-491A-81AE-6B6EE7628570} - hxxp://ryoonas.mvix.net:8080/mBox.cab
    DPF: {6CE20149-ABE3-462E-A1B4-5B549971AA38} - hxxp://ck.softforum.co.kr/CKKeyPro/wooribank/CKKeyPro3017_32k.cab
    DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1249227829796
    DPF: {7876A60C-6116-4AD9-B0EE-C53A06C08747} - hxxp://203.248.245.161:8080/ftth/ftth/popup/IPCheckerX.cab
    DPF: {78EB4139-AC59-425A-963E-B26C138B88F9} - hxxp://businfo.cans21.net/busInfo/CYBERMAP_ASP_NEOTSYS_SUNGNAM2.cab
    DPF: {7B6DEBCF-E27A-40F5-832A-954D642D3C2A} - hxxp://www.maptopia.com/_Lib/Component/PythonW.cab
    DPF: {81D9BBB0-22AD-44F3-B7DB-8FD9ECEB27A0} - hxxp://fx.keb.co.kr/activex/Chart/FxChartA.cab
    DPF: {8768D5EA-5412-4810-A032-09AD2A726C69} - hxxp://bgweb.nowcdn.co.kr/Bin/DownStarter2.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab
    DPF: {8E2A904F-FDD7-4086-A49C-834F1C47DC39}
    DPF: {967386A1-409E-431A-A93A-FB5FEFF86A58} - hxxp://bank.keb.co.kr/veraport/veraport.cab
    DPF: {9709739B-4909-489B-A1F7-148C74F16EEE} - hxxp://platform.nx.com/ActiveX/nxsysinfo.cab
    DPF: {999206BD-3FD0-4A47-A96E-680E8DB844C2} - hxxp://pms.ketep.re.kr/InnoAP/object/InnoDS5.cab
    DPF: {9E1F4A27-7EB0-4210-98D8-1CCF6671F483} - hxxp://222.106.84.106:8088/RexServer/cab/Rexpert25ViewerFull.cab
    DPF: {9FC84F7D-D177-4A75-A7BB-429DA5BD0A3E}
    DPF: {A099920B-630C-426B-91EC-737685CEEE17} - hxxp://eapat.co.kr/CrossCert/AxCrossCert.cab
    DPF: {A17BFC9F-18A7-4BE7-915A-C106624AC802} - hxxp://d-fighter.nefficient.co.kr/samsungdnf/neople/dnf_hg/installer/dnf_real.cab
    DPF: {A4508A45-F1C4-40F3-99B4-0CA08AC77E3B} - hxxp://kings.nefficient.co.kr/kings/kdfx/kdfx321/kdfense8.cab
    DPF: {A50E964D-F290-4EAD-9BD7-EBAE95D38E91} - hxxp://portal.keri.re.kr/Download/SoBiSWEC2007.cab
    DPF: {A56A1518-A259-4109-98B3-06A30F09AB1B} - hxxp://210.216.228.21/real/dl/JXmailActiveX.cab
    DPF: {A74BBDD4-B4A7-49D4-A088-E01805407B1E} - hxxp://www.jungum.com/ocx/update/JungUmUpdate.cab
    DPF: {A8C9023F-8740-46CC-89DD-F6C353230E28} - hxxp://img.gamehi.kr/cabs/GamehiDownloaderKr.cab
    DPF: {A9FC42C5-C098-41A7-8101-E4B0391C096F} - hxxp://dldoc.keri.re.kr/vn/virtual-net.cab
    DPF: {AB14AFC3-7AFB-403E-8ABF-8966E0FD360D} - hxxp://203.248.245.161:8080/ftth/ftth/popup/DnsChangeX.cab
    DPF: {B01AAFA1-2478-44A3-8894-BE4D4C23C271} - hxxp://su.hanbiton.com/Game/Launcher/HLauncher.cab
    DPF: {B095794C-3FAB-493B-9BDD-5272FAAD9979} - hxxp://img.gamehi.kr/cabs/GamehiLauncher.cab
    DPF: {B1F38AB3-D8C7-49A2-B09C-8055D2128BC6} - hxxp://www.vpay.co.kr/kvpfiles/KVPLoginCTLD.cab
    DPF: {B33FEBDC-FF38-4D0F-9C76-58C4733947AD} - hxxp://download.signgate.com/download/certmgt/AxSignGATE.cab
    DPF: {BBB0FC2D-1D95-45CA-BDCF-03B53F247FCC}
    DPF: {C044CD87-DFB0-4130-A5E4-49361106FBC8} - hxxp://tera.hangame.com/common/activex/HanSetup1040.cab
    DPF: {C3AF249E-119E-4569-838E-167E929EC6DC} - hxxp://www.bigfile.co.kr/client/cab_g/BigFileX.cab
    DPF: {C5D387A6-2770-432F-A5D7-5E886BED167F} - hxxp://bank.keb.co.kr/activex/webpri/WebPriLoader.cab
    DPF: {C8223F3A-1420-4245-88F2-D874FC081574} - hxxps://auth.siren24.com/MagicLineMBX/lib/MagicLineMBX.cab
    DPF: {CAE8116F-4E38-4A48-8A50-1FA781D863C5} - hxxp://pms.ketep.re.kr/InnoAP/object/InnoFD5.cab
    DPF: {CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_16-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
    DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab
    DPF: {CE0A61AD-8FAA-400F-B88E-56E2BC659C37} - hxxp://app.joycity.com/_app/cab/JCGameManager.cab
    DPF: {CE873186-B120-4034-9569-043119A3972A} - hxxp://cabdown.playnetwork.co.kr/playnetwork/real/MasterLauncher/PNSetup.cab
    DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} - hxxps://supdate.nprotect.net/nprotect2007/keycrypt/sci/br/npkcx_1104251.cab
    DPF: {D7EFD319-098B-4918-8ECF-25A8E8EE1940} - hxxp://www.maptopia.com/_Lib/Component/WindW_R%20Maptopia%20Control.cab
    DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.26.0.cab
    DPF: {E78928A6-3D2A-4BF7-A100-F3FBAA351B49} - hxxps://www.vpay.co.kr/kvpfiles/KVPISPCTLD.cab
    DPF: {EC5D5118-9FDE-4A3E-84F3-C2B711740E70} - hxxps://telserv.danal.co.kr/Sign/SKCommAX.cab
    DPF: {EE605DF7-AEC1-46EE-A5A8-249540158472} - hxxp://www.gmarket.co.kr/challenge/neo_app/MakeShortCutAtl.cab
    DPF: {F6E7ECCE-6E60-4681-8D9B-4BBC12A07110} - hxxp://www.gmarket.co.kr/challenge/neo_goods/dlls/GWall_1800_Vista/GWall.cab
    DPF: {FE342FC7-4374-4EBE-86DB-D73AE861F779} - hxxp://file.naver.com/activex/NaverAXGuide.cab
    TCP: DhcpNameServer = 24.226.1.93 24.226.10.193
    TCP: Interfaces\{D5652270-774A-48D0-9EBF-BA7D70919341} : DhcpNameServer = 24.226.1.93 24.226.10.193
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    Handler: smart - {402CA0E4-3090-402e-BE90-3EE9B766EBB0} - c:\program files\estsoft\altoolbar\ALToolBarProtocol.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\documents and settings\&#47448;&#55148;&#49437;\application data\mozilla\firefox\profiles\hf96mz14.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.naver.com/
    FF - prefs.js: network.proxy.type - 0
    FF - plugin: c:\documents and settings\&#29788;&#49425;&#50455;??application data\mozilla\plugins\npgoogletalk.dll
    FF - plugin: c:\documents and settings\&#29788;&#49425;&#50455;??application data\mozilla\plugins\npgtpo3dautoplugin.dll
    FF - plugin: c:\documents and settings\&#29788;&#49425;&#50455;??local settings\application data\google\update\1.3.21.79\npGoogleUpdate3.dll
    FF - plugin: c:\documents and settings\all users\application data\nexon\nexonplug\npPlugWire_1.0.0.0.dll
    FF - plugin: c:\documents and settings\all users\application data\nexon\ngm\npnxgame.dll
    FF - plugin: c:\program files\ahnlab\asp\components\aosmgr\conflict_409\npaosmgr.dll
    FF - plugin: c:\program files\ahnlab\asp\mykeydefense 2.5\npmkd25aos.dll
    FF - plugin: c:\program files\ahnlab\asp\mykeydefense 2.5\npmkd25sp.dll
    FF - plugin: c:\program files\battlelog web plugins\0.80.0\npesnlaunch.dll
    FF - plugin: c:\program files\battlelog web plugins\sonar\0.70.0\npesnsonar.dll
    FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
    FF - plugin: c:\program files\google\google updater\2.4.2432.1652\npCIDetect14.dll
    FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
    FF - plugin: c:\program files\java\jre7\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\program files\java\jre7\bin\new_plugin\npjp2.dll
    FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll
    FF - plugin: c:\program files\microsoft\office live\npOLW.dll
    FF - plugin: c:\program files\softforum\xecureweb\activex\npxwebplugin.dll
    FF - plugin: c:\program files\softforum\xecureweb\activex\npxwebplugin_file.dll
    FF - plugin: c:\windows\system32\npCmn.dll
    FF - plugin: c:\windows\system32\npeutilex.dll
    FF - plugin: c:\windows\system32\nPFW.dll
    FF - plugin: c:\windows\system32\nPFWFlt.dll
    FF - plugin: c:\windows\system32\npidsx.dll
    FF - plugin: c:\windows\system32\npkcrypt.dll
    FF - plugin: c:\windows\system32\npKeyPro.dll
    FF - plugin: c:\windows\system32\npOrdInstruct.dll
    FF - plugin: c:\windows\system32\npptools.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 TPDIGIMN;TPDIGIMN;c:\windows\system32\drivers\ApsHM86.sys [2009-6-29 20520]
    R1 AMonTDnt;AMonTDnt;c:\windows\system32\drivers\AmonTDNt.sys [2009-12-30 95592]
    R1 EstRtwIFDrv;EstRtwIFDrv;c:\windows\system32\drivers\EstRtw.sys [2011-11-8 205112]
    R1 tvtumon;tvtumon;c:\windows\system32\drivers\tvtumon.sys [2008-5-9 46144]
    R2 ALYac_RTSrv;ALYac RealTime Service;c:\program files\estsoft\alyac\AYRTSrv.aye [2011-10-24 377656]
    R2 ALYac_UpdSrv;ALYac Update Service;c:\program files\estsoft\alyac\AYUpdSrv.aye [2011-10-24 657720]
    R2 ATService;AuthenTec Fingerprint Service;c:\windows\system32\AtService.exe [2009-3-19 1680632]
    R2 dtsvc;Data Transfer Service;c:\windows\system32\DTS.exe [2009-3-19 98304]
    R2 FingerprintServer;Fingerprint Server;c:\windows\system32\FpLogonServ.exe [2009-3-19 118784]
    R2 NATService;NATService;c:\program files\nat service\natsvc.exe [2011-10-2 609360]
    R2 npkakl;npkakl;c:\windows\system32\npkakl.sys [2009-8-20 39872]
    R2 NVIDIA Performance Driver Service;NVIDIA Performance Driver Service;c:\program files\nvidia corporation\performance drivers\nvPDsvc.exe [2009-10-13 5233256]
    R2 Power Manager DBC Service;Power Manager DBC Service;c:\program files\thinkpad\utilities\PWMDBSVC.exe [2009-8-2 53248]
    R2 TPHKSVC;On Screen Display;c:\program files\lenovo\hotkey\TPHKSVC.exe [2008-5-20 62320]
    R2 TVT Backup Protection Service;TVT Backup Protection Service;c:\program files\lenovo\rescue and recovery\rrpservice.exe [2008-5-14 520192]
    R2 TVT_UpdateMonitor;TVT Windows Update Monitor;c:\program files\lenovo\rescue and recovery\UpdateMonitor.exe [2008-5-9 360448]
    R2 UNS;Intel(R) Active Management Technology User Notification Service;c:\program files\common files\intel\privacy icon\uns\UNS.exe [2009-8-2 2058776]
    R3 5U875UVC;Integrated Camera;c:\windows\system32\drivers\5U875.sys [2009-8-2 72320]
    R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\drivers\e1y5132.sys [2009-8-3 239760]
    R3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\drivers\tvti2c.sys [2008-2-22 37312]
    S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-12-15 133104]
    S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\lenovo\hotkey\micmute.exe [2009-5-21 45424]
    S2 SessionLauncher;SessionLauncher;c:\docume~1\admini~1\locals~1\temp\dx9\sessionlauncher.exe --> c:\docume~1\admini~1\locals~1\temp\dx9\SessionLauncher.exe [?]
    S3 ADMonitor;AD Monitor;c:\windows\system32\ADMonitor.exe [2009-3-19 106496]
    S3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver;c:\windows\system32\drivers\ATSwpWDF.sys [2009-12-28 482176]
    S3 AvsBluebird;FusionHDTV USB, AVStream Capture;c:\windows\system32\drivers\bluebird2.sys [2011-8-18 478464]
    S3 AYDrvSPEx_ALYAC;AYDrvSPEx_ALYAC;\??\c:\program files\estsoft\alyac\aydrvspex.sys --> c:\program files\estsoft\alyac\AYDrvSPEx.sys [?]
    S3 CdmDrvNt;CdmDrvNt;c:\windows\system32\drivers\CdmDrvNt.sys [2009-12-30 19616]
    S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\eaglexnt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
    S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\&#47448;&#55148;&#49437;\locals~1\temp\ryk20.tmp --> c:\docume~1\&#47448;&#55148;&#49437;\locals~1\temp\RYK20.tmp [?]
    S3 gupdatem;Google &#50629;&#45936;&#51060;&#53944; &#49436;&#48708;&#49828; (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-12-15 133104]
    S3 JRSUKD25;JRSUKD25;c:\windows\system32\JRSUKD25.SYS [2011-6-13 20560]
    S3 kcrtx86;kcrtx86;c:\windows\system32\kcrtx86.sys [2010-9-29 126048]
    S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
    S3 MfFWEnt;MfFWEnt;c:\program files\ahnlab\asp\myfirewall 4.0\mffwent.sys [2009-12-30 101368]
    S3 MfIPSEnt;MfIPSEnt;c:\program files\ahnlab\asp\myfirewall 4.0\mfipsent.sys [2009-12-30 121536]
    S3 Mkd2kfNt;Mkd2kfNt;c:\windows\system32\drivers\Mkd2kfNT.sys [2010-1-30 142448]
    S3 Mkd2Nadr;Mkd2Nadr;c:\windows\system32\drivers\Mkd2Nadr.sys [2010-1-30 91504]
    S3 NPFW;NPFW;c:\windows\system32\Npfw.sys [2010-1-14 108736]
    S3 NPFWFLT;NPFWFLT;c:\windows\system32\npfwflt.sys [2010-1-14 82496]
    S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
    S3 NPIDS;NPIDS;c:\windows\system32\npids.sys [2010-1-14 61792]
    S3 ProDefense;ProDefense;\??\c:\windows\system32\drivers\prodefense.sys --> c:\windows\system32\drivers\ProDefense.sys [?]
    S3 PsSdk30;PsSdk30;\??\c:\windows\system32\drivers\pssdk30.drv --> c:\windows\system32\drivers\PsSdk30.drv [?]
    S3 PsSdk41;PsSdk41;c:\windows\system32\drivers\pssdk41.sys [2011-10-19 36928]
    S3 RoxMediaDB10;RoxMediaDB10;c:\program files\common files\roxio shared\10.0\sharedcom\RoxMediaDB10.exe [2008-4-25 1120752]
    S3 scsk5;SCSK5 Driver Service;c:\windows\system32\drivers\scsk5.sys --> c:\windows\system32\drivers\scsk5.sys [?]
    S3 scskusbf;USB SCSK Filter Driver Service;c:\windows\system32\drivers\scskusbf.sys [2011-8-4 18184]
    S3 scskusbs;USB SCSK Driver Service;c:\windows\system32\drivers\scskusbs.sys [2011-8-4 175872]
    S3 vtany;vtany;\??\c:\windows\vtany.sys --> c:\windows\vtany.sys [?]
    S3 XDva327;XDva327;\??\c:\windows\system32\xdva327.sys --> c:\windows\system32\XDva327.sys [?]
    S3 XDva330;XDva330;\??\c:\windows\system32\xdva330.sys --> c:\windows\system32\XDva330.sys [?]
    S3 XDva349;XDva349;\??\c:\windows\system32\xdva349.sys --> c:\windows\system32\XDva349.sys [?]
    S3 XDva351;XDva351;\??\c:\windows\system32\xdva351.sys --> c:\windows\system32\XDva351.sys [?]
    S3 XDva356;XDva356;\??\c:\windows\system32\xdva356.sys --> c:\windows\system32\XDva356.sys [?]
    S3 XDva386;XDva386;\??\c:\windows\system32\xdva386.sys --> c:\windows\system32\XDva386.sys [?]
    S3 XDva389;XDva389;\??\c:\windows\system32\xdva389.sys --> c:\windows\system32\XDva389.sys [?]
    S3 xhunter1;xhunter1;\??\c:\windows\xhunter1.sys --> c:\windows\xhunter1.sys [?]
    .
    =============== Created Last 30 ================
    .
    2011-11-19 08:31:10 388096 ----a-r- c:\documents and settings\&#47448;&#55148;&#49437;\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
    2011-11-19 08:31:08 -------- d-----w- c:\program files\Trend Micro
    2011-11-19 07:42:41 527208 ------w- c:\windows\system32\HPDiscoPM9311.dll
    2011-11-19 07:42:34 267112 ----a-w- c:\windows\system32\hpinksts9311LM.dll
    2011-11-18 07:32:37 -------- d-sha-r- C:\cmdcons
    2011-11-18 07:25:59 98816 ----a-w- c:\windows\sed.exe
    2011-11-18 07:25:59 518144 ----a-w- c:\windows\SWREG.exe
    2011-11-18 07:25:59 256000 ----a-w- c:\windows\PEV.exe
    2011-11-18 07:25:59 208896 ----a-w- c:\windows\MBR.exe
    2011-11-18 07:24:18 -------- d-----w- C:\ComboFix
    2011-11-18 06:20:21 -------- d-----w- c:\documents and settings\&#47448;&#55148;&#49437;\application data\Malwarebytes
    2011-11-18 06:20:13 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
    2011-11-18 05:37:52 -------- d-----r- c:\documents and settings\&#47448;&#55148;&#49437;\Recent
    2011-11-07 18:10:31 592 ----a-w- c:\windows\system32\drivers\EstRtw.dat
    2011-11-07 18:10:10 205112 ----a-w- c:\windows\system32\drivers\EstRtw.sys
    2011-11-07 18:10:10 16736 ----a-w- c:\windows\system32\bootalyac.exe
    2011-10-30 07:23:04 733184 ----a-r- c:\documents and settings\&#47448;&#55148;&#49437;\application data\microsoft\installer\{538aa99e-2fea-46ab-9a11-b5a117f441ef}\kaiLaunch.exe
    2011-10-28 05:18:43 -------- d-----w- c:\program files\SystemRequirementsLab
    2011-10-24 05:29:02 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
    2011-10-24 05:29:02 69632 ----a-w- c:\windows\system32\QuickTime.qts
    2011-10-20 23:36:03 -------- d-----w- c:\program files\iPod
    2011-10-20 23:35:50 -------- d-----w- c:\program files\iTunes
    .
    ==================== Find3M ====================
    .
    2011-11-16 18:07:55 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2011-10-19 04:13:24 36928 ----a-w- c:\windows\system32\drivers\pssdk41.sys
    2011-10-10 21:53:17 544656 ----a-w- c:\windows\system32\deployJava1.dll
    2011-10-10 21:53:17 128000 ----a-w- c:\windows\system32\javacpl.cpl
    2011-10-10 14:22:46 692736 ----a-w- c:\windows\system32\inetcomm.dll
    2011-10-06 04:18:00 91504 ----a-w- c:\windows\system32\drivers\Mkd2Nadr.sys
    2011-09-28 07:05:40 593920 ----a-w- c:\windows\system32\crypt32.dll
    2011-09-28 05:14:00 79984 ----a-w- c:\windows\system32\drivers\Mkd2BthF.sys
    2011-09-28 05:14:00 142448 ----a-w- c:\windows\system32\drivers\Mkd2kfNT.sys
    2011-09-26 02:41:38 611328 ----a-w- c:\windows\system32\uiautomationcore.dll
    2011-09-26 02:41:38 20480 ----a-w- c:\windows\system32\oleaccrc.dll
    2011-09-26 02:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll
    2011-09-06 14:09:51 1858560 ----a-w- c:\windows\system32\win32k.sys
    2011-09-01 19:16:35 1402808 ----a-w- c:\windows\JCGameLauncher.exe
    2011-08-30 14:05:04 83816 ----a-w- c:\windows\system32\dns-sd.exe
    2011-08-30 14:05:04 73064 ----a-w- c:\windows\system32\dnssd.dll
    2011-08-30 14:05:04 50536 ----a-w- c:\windows\system32\jdns_sd.dll
    2011-08-30 14:05:04 178536 ----a-w- c:\windows\system32\dnssdX.dll
    2011-08-22 23:40:31 916480 ----a-w- c:\windows\system32\wininet.dll
    2011-08-22 23:40:30 43520 ------w- c:\windows\system32\licmgr10.dll
    2011-08-22 23:40:30 1469440 ------w- c:\windows\system32\inetcpl.cpl
    2011-08-22 11:56:54 385024 ------w- c:\windows\system32\html.iec
    .
    ============= FINISH: 17:45:38.00 ===============



    I HAVE ATTACHED attach.txt and ark.txt
     

    Attached Files:

  2. potato123

    potato123 Thread Starter

    Joined:
    Nov 20, 2011
    Messages:
    2
    Can anyone help me plz? :(
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - invisible voice random
  1. FusionTecg
    Replies:
    29
    Views:
    3,103
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1027681

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice