Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

tr crypt.xpack.gen


  • Please log in to reply

#1
thefreed

thefreed

    Member

  • Member
  • PipPip
  • 38 posts
Avira has been showing these pop ups, and it doesn't stop. It seems like it already infected my other anti-virus so I am really scared >_>.

It also seems like I got a system32/catroot2/edb.log thing... can you help me delete that also?

Anyway here's my OTL scan log.

PLEASE HELP MEHZ!

Also thx in advance to the person that helps me :D.

Oh btw... I am in Korea at the time, and this is the computer I am using. I was caught off guard that some words came out in korean O_O. So I'll try to translate to the best of my knowledge >_>. Translated words will have * next to them

Edit: It might be hard to understand in some places... but please help me if you can...

================

OTL logfile created on: 2011-03-14 오전 8:49:48 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\user\My Documents\Download*
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000412 | Country: 대한민국 | Language: KOR | Date Format: yyyy-MM-dd

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 64.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 151.20 Gb Total Space | 91.17 Gb Free Space | 60.29% Space Free | Partition Type: NTFS
Drive D: | 146.85 Gb Total Space | 142.58 Gb Free Space | 97.09% Space Free | Partition Type: FAT32

Computer Name: USER-UJB7TR3 | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011-03-14 08:46:54 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\My Documents\다운로드\OTL.exe
PRC - [2011-03-05 18:37:58 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011-03-01 19:19:25 | 001,405,384 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2011-02-08 21:55:04 | 000,939,848 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2011-01-17 17:34:24 | 000,884,592 | ---- | M] (NHN Corporation) -- C:\Program Files\naver\NaverAgent\NaverAgent.exe
PRC - [2011-01-10 14:23:41 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011-01-10 14:23:30 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011-01-10 14:23:29 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011-01-05 18:44:00 | 000,647,272 | ---- | M] (AhnLab, Inc.) -- C:\Program Files\AhnLab\SiteGuard2\sgsvc.exe
PRC - [2010-08-26 11:29:52 | 000,485,480 | ---- | M] (AhnLab, Inc.) -- C:\Program Files\AhnLab\V3 365 Clinic\V3LTray.exe
PRC - [2010-08-20 00:58:07 | 000,319,592 | ---- | M] (AhnLab, Inc.) -- C:\Program Files\AhnLab\V3 365 Clinic\V3LSvc.exe
PRC - [2010-01-14 21:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2008-04-14 07:57:18 | 001,031,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2011-03-14 08:46:54 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\My Documents\다운로드\OTL.exe
MOD - [2010-08-24 01:11:38 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2006-12-01 22:54:34 | 000,548,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll
MOD - [2006-12-01 22:54:32 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll
MOD - [2006-10-26 14:54:54 | 000,420,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\IMKR12.IME


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011-03-01 19:19:25 | 001,405,384 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011-01-10 14:23:41 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011-01-10 14:23:30 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011-01-05 18:44:00 | 000,647,272 | ---- | M] (AhnLab, Inc.) [Auto | Running] -- C:\Program Files\AhnLab\SiteGuard2\sgsvc.exe -- (sgsvc)
SRV - [2010-12-07 07:00:00 | 003,959,144 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
SRV - [2010-08-20 00:58:07 | 000,319,592 | ---- | M] (AhnLab, Inc.) [Auto | Running] -- C:\Program Files\AhnLab\V3 365 Clinic\V3LSvc.exe -- (V3 365 Clinic Service)


========== Driver Services (SafeList) ==========

DRV - [2011-03-10 12:48:00 | 001,916,752 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\v3engine.sys -- (v3engine)
DRV - [2011-03-09 13:19:44 | 000,059,264 | ---- | M] (NHN) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NSavFlt.sys -- (NSavFlt)
DRV - [2011-03-07 11:53:00 | 000,238,320 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Running] -- C:\Program Files\AhnLab\V3 365 Clinic\MeDCoreD.sys -- (MeDCoreD_V3365)
DRV - [2011-03-02 12:04:00 | 001,441,104 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ahnsze.sys -- (AhnSZE)
DRV - [2011-02-18 04:47:50 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2011-02-18 04:47:49 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2011-02-14 18:28:07 | 000,037,688 | ---- | M] (SoftForum Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\JRSKD24.SYS -- (JRSKD24)
DRV - [2011-01-10 14:23:53 | 000,135,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011-01-10 14:23:53 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010-12-22 14:18:00 | 000,053,728 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AhnRghNt.sys -- (AhnRghNt)
DRV - [2010-12-22 14:17:00 | 000,052,960 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AhnFlt2k.sys -- (AhnFlt2k)
DRV - [2010-12-18 20:08:00 | 000,020,320 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AhnRec2k.sys -- (AhnRec2k)
DRV - [2010-12-03 18:05:34 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2010-10-07 16:28:13 | 000,055,008 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Running] -- C:\Program Files\AhnLab\V3 365 Clinic\TfFRegNt.sys -- (TfFRegNt)
DRV - [2010-09-08 11:57:11 | 000,168,288 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Running] -- C:\Program Files\AhnLab\V3 365 Clinic\V3Flt2k.sys -- (V3Flt2K)
DRV - [2010-07-22 15:45:40 | 000,159,840 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Running] -- C:\Program Files\AhnLab\V3 365 Clinic\ATamptNt.sys -- (ATamptNt_V3365)
DRV - [2010-07-12 10:44:30 | 000,095,880 | ---- | M] (AhnLab, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AMonTDnt.sys -- (AMonTDnt)
DRV - [2010-07-06 18:26:54 | 006,088,296 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2010-07-06 11:13:10 | 000,234,392 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2010-06-25 13:14:00 | 000,153,568 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Running] -- C:\Program Files\AhnLab\SiteGuard2\atamptnt.sys -- (ATamptNt_ASG)
DRV - [2010-06-17 14:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010-06-17 14:27:12 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2010-06-10 15:07:49 | 000,139,720 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Running] -- C:\Program Files\AhnLab\V3 365 Clinic\ISIPSENt.sys -- (ISIPSEnt)
DRV - [2010-06-10 15:07:45 | 000,143,976 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Running] -- C:\Program Files\AhnLab\V3 365 Clinic\ISFWENt.sys -- (ISFWEnt)
DRV - [2010-06-09 16:44:42 | 000,029,280 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Running] -- C:\Program Files\AhnLab\V3 365 Clinic\AHAWKENT.sys -- (TfProcNt)
DRV - [2010-03-04 14:01:00 | 000,053,224 | ---- | M] (AhnLab, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\AMonHKnt.sys -- (AMonHKnt)
DRV - [2009-11-18 07:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (monfilt)
DRV - [2009-11-18 07:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009-07-21 10:13:13 | 000,019,616 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CdmDrvNt.sys -- (CdmDrvNt)
DRV - [2009-05-28 11:07:40 | 000,124,480 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Running] -- C:\Program Files\AhnLab\V3 365 Clinic\ASZFltNt.sys -- (ASZFltNt)
DRV - [2009-05-08 12:22:28 | 001,358,720 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2007-06-29 14:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AmdLLD.sys -- (AmdLLD)
DRV - [2007-04-16 16:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2006-07-01 22:43:00 | 000,041,984 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2001-08-29 12:00:00 | 000,012,160 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\fsvga.sys -- (FsVga)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.naver.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.naver.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.naver.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-03-05 18:38:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-03-05 18:38:02 | 000,000,000 | ---D | M]

[2011-02-01 13:31:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user\Application Data\Mozilla\Extensions
[2011-02-03 00:58:47 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\hu8k9i00.default\extensions
[2011-02-02 18:49:12 | 000,002,059 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\hu8k9i00.default\searchplugins\daemon-search.xml
[2011-02-01 13:13:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010-07-15 18:36:46 | 000,069,632 | ---- | M] (SK Communications Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npCMListControl.dll
[2007-08-21 15:30:26 | 000,233,472 | ---- | M] (PeeringPortal) -- C:\Program Files\Mozilla Firefox\plugins\npcyworld.dll
[2008-12-04 10:21:34 | 000,073,728 | ---- | M] (Peering Portal, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppeeraod.dll
[2010-12-04 03:12:06 | 000,004,573 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\danawa-kr.xml
[2010-12-04 03:12:06 | 000,007,980 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\daum-kr.xml
[2010-12-04 03:12:06 | 000,004,262 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\naver-kr.xml
[2010-12-04 03:12:06 | 000,001,196 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-kr.xml
[2010-12-04 03:12:06 | 000,001,103 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-kr.xml

O1 HOSTS File: ([2001-08-29 12:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (SGAgentObj Class) - {19217B99-F935-4A39-B857-A68A68D5BEBB} - C:\Program Files\AhnLab\SiteGuard2\sgagenti.dll (AhnLab, Inc.)
O2 - BHO: (곰TV 길잡이) - {375A6AB2-FEEC-445D-B853-2139FB561F80} - C:\Program Files\GRETECH\GomTVHelper\ghelper.dll ((주)그래텍)
O2 - BHO: (네이버 툴바 도우미) - {67C41E9E-2EBF-4F2B-AF74-314F0D793172} - C:\Program Files\naver\NaverToolbar\NaverTB_3_5_7_62.dll (NHN Corp.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (네이버 툴바(&N)) - {D09CFF09-A42A-4EDC-9804-E61224F59CA1} - C:\Program Files\naver\NaverToolbar\NaverTB_3_5_7_62.dll (NHN Corp.)
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [AhnLab Tray Process] C:\Program Files\AhnLab\V3 365 Clinic\V3LTray.exe (AhnLab, Inc.)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DragSearch] C:\Documents and Settings\All Users\Application Data\DragSearch\Updater.exe ()
O4 - HKLM..\Run: [HDAudDeck] File not found
O4 - HKLM..\Run: [HncUpdate] C:\Program Files\Common Files\Hnc\HncUtils\HncUpdate.exe (Haansoft Inc.)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [ntasvr] File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKCU..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe (Electronic Arts)
O4 - HKCU..\Run: [NATEON] C:\Program Files\NATEON\BIN\NATEON.exe (SK Communications)
O4 - HKCU..\Run: [NaverAgent] C:\Program Files\naver\NaverAgent\NaverAgent.exe (NHN Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: 네이버 검색 - C:\Program Files\naver\NaverToolbar\NaverTB_3_5_7_62.dll (NHN Corp.)
O8 - Extra context menu item: 네이버 북마크하기 - C:\Program Files\naver\NaverToolbar\NaverTB_3_5_7_62.dll (NHN Corp.)
O8 - Extra context menu item: 네이버 블로그 담기 - C:\Program Files\naver\NaverToolbar\NaverTB_3_5_7_62.dll (NHN Corp.)
O8 - Extra context menu item: 네이버 사전 검색 - C:\Program Files\naver\NaverToolbar\NaverTB_3_5_7_62.dll (NHN Corp.)
O8 - Extra context menu item: 네이버 오픈캐스트 링크등록 - C:\Program Files\naver\NaverToolbar\NaverTB_3_5_7_62.dll (NHN Corp.)
O8 - Extra context menu item: 네이버 일한 번역 - C:\Program Files\naver\NaverToolbar\NaverTB_3_5_7_62.dll (NHN Corp.)
O8 - Extra context menu item: 사이트가드 보이기(&S) - C:\Program Files\AhnLab\SiteGuard2\sgagenti.dll (AhnLab, Inc.)
O8 - Extra context menu item: 사이트가드 사용(&E) - C:\Program Files\AhnLab\SiteGuard2\sgagenti.dll (AhnLab, Inc.)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: GomTv* - {013BCEA5-8309-448b-8604-85F23D7861A5} - C:\Program Files\GRETECH\GomTVHelper\ghelper.dll ((주)그래텍)
O9 - Extra 'Tools' menuitem : GomTv* - {013BCEA5-8309-448b-8604-85F23D7861A5} - C:\Program Files\GRETECH\GomTVHelper\ghelper.dll ((주)그래텍)
O16 - DPF: {00001026-A15C-11D4-97A4-0050BF0FBE67} http://download.netm...26_20101209.cab (NetmarbleStarter26 Class)
O16 - DPF: {095F34F6-1953-4BD7-9282-4008CC3DF910} http://allstar.paran...er_20091130.cab (WebStarter Control)
O16 - DPF: {33EAE546-128F-41C3-BAD4-7624EB5E3730} http://windupdown.ga.../html/AddOn.cab (KT ICS Download Component)
O16 - DPF: {5C1B293E-DA77-4AFF-8B52-63DEF8C8A071} http://download.netm....1_20091109.cab (NetmarbleAutoUpdater Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1275717029531 (WUWebControl Class)
O16 - DPF: {89F434A7-4A49-4394-AC02-007480331AE2} http://download.netm...nfo_1.0.0.1.cab (NetmarbleSystemIDInfo Class)
O16 - DPF: {92E82FBB-DA00-41E0-ABFE-95482E21A4F6} http://download.netm...tX/NMTransX.cab (NMTransX Module)
O16 - DPF: {93C449FA-ECFB-402F-A8C7-37E4F8D60E49} http://dl.pmang.com/...ctl/pmangax.cab (Session2 Class)
O16 - DPF: {99846979-30FD-453E-A427-99217EA62571} http://launcher.ntre...ree/GTL/GTL.cab (GTL Class)
O16 - DPF: {A4508A45-F1C4-40F3-99B4-0CA08AC77E3B} http://download.netm...29/kdfense8.cab (Kdfense8 Control)
O16 - DPF: {C044CD87-DFB0-4130-A5E4-49361106FBC8} http://baduk.hangame...anSetup1040.cab (HanSetupCtrl1010 Class)
O16 - DPF: {C342F4EE-6D48-4239-A55D-CF2D0D1F3BC6} http://cyimg7.cyworl...age/skcaset.cab (skcaset1 Class)
O16 - DPF: {CE0A61AD-8FAA-400F-B88E-56E2BC659C37} http://app.joycity.c...GameManager.cab (Launcher Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E9E5E440-45DE-4D5B-8F8E-54212D160106} http://afocx.afreeca.../AFC/OpenTV.cab (OpenTV Control)
O16 - DPF: {EC5D5118-9FDE-4A3E-84F3-C2B711740E70} https://web.teledit....gn/SKCommAX.cab (SKCommAX Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.254.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (현재 홈 페이지) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-06-05 14:15:30 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011-03-13 18:56:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\2K Sports
[2011-03-13 01:24:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2011-03-12 22:53:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\iga
[2011-03-12 22:06:38 | 001,916,752 | ---- | C] (AhnLab, Inc.) -- C:\WINDOWS\System32\drivers\v3engine.sys
[2011-03-12 22:06:37 | 001,441,104 | ---- | C] (AhnLab, Inc.) -- C:\WINDOWS\System32\drivers\ahnsze.sys
[2011-03-12 22:06:36 | 001,880,144 | ---- | C] (AhnLab, Inc.) -- C:\WINDOWS\System32\btscan.exe
[2011-03-12 22:02:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\AhnLab
[2011-03-12 22:02:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\AhnLab
[2011-03-12 22:02:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\시작 메뉴\프로그램\AhnLab
[2011-03-12 22:02:38 | 000,095,880 | ---- | C] (AhnLab, Inc.) -- C:\WINDOWS\System32\drivers\AMonTDnt.sys
[2011-03-12 22:02:38 | 000,087,648 | ---- | C] (AhnLab, Inc.) -- C:\WINDOWS\System32\drivers\AMonTDLH.sys
[2011-03-12 22:02:38 | 000,053,224 | ---- | C] (AhnLab, Inc.) -- C:\WINDOWS\System32\drivers\AMonHKnt.sys
[2011-03-12 22:02:35 | 000,053,728 | ---- | C] (AhnLab, Inc.) -- C:\WINDOWS\System32\drivers\AhnRghNt.sys
[2011-03-12 22:02:35 | 000,052,960 | ---- | C] (AhnLab, Inc.) -- C:\WINDOWS\System32\drivers\AhnFlt2k.sys
[2011-03-12 22:02:35 | 000,020,320 | ---- | C] (AhnLab, Inc.) -- C:\WINDOWS\System32\drivers\AhnRec2k.sys
[2011-03-12 22:02:33 | 000,019,616 | ---- | C] (AhnLab, Inc.) -- C:\WINDOWS\System32\drivers\CdmDrvNt.sys
[2011-03-12 20:44:50 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2011-03-12 19:48:03 | 000,000,000 | ---D | C] -- C:\Program Files\SquareEnix
[2011-03-12 18:23:50 | 000,000,000 | ---D | C] -- C:\Program Files\2K Sports
[2011-03-12 01:39:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\My Documents\ProBaseballManager
[2011-03-12 01:38:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\Gametree
[2011-03-11 13:35:00 | 000,059,264 | ---- | C] (NHN) -- C:\WINDOWS\System32\drivers\NSavFlt.sys
[2011-03-11 13:34:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Naver
[2011-03-08 15:17:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2011-03-08 13:07:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\My Documents\BioWare
[2011-03-05 16:05:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\SKIDROW
[2011-03-04 22:04:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\My Games
[2011-03-04 22:04:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\My Documents\My Games
[2011-03-04 11:44:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\My Documents\Electronic Arts
[2011-03-04 10:31:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2011-03-04 10:06:56 | 000,000,000 | ---D | C] -- C:\ProgramData
[2011-03-04 10:06:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2011-03-04 08:18:31 | 000,447,752 | R--- | C] (On2.com) -- C:\WINDOWS\System32\vp6vfw.dll
[2011-03-04 08:18:29 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft WSE
[2011-03-04 08:17:08 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2011-03-04 08:16:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2011-03-04 08:16:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu*\Program*\Electronic Arts
[2011-03-04 08:11:12 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts
[2011-03-01 18:49:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Gretech Corporation
[2011-03-01 18:49:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\GRETECH
[2011-03-01 18:49:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DragSearch
[2011-03-01 18:49:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\GRETECH
[2011-03-01 18:49:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\시작 메뉴\프로그램\Gom TV(www.gomtv.com)
[2011-03-01 18:49:00 | 000,000,000 | ---D | C] -- C:\Program Files\DtsFilter
[2011-03-01 18:49:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\시작 메뉴\Program Files\DTS+AC3 Filter*
[2011-03-01 18:38:56 | 000,000,000 | ---D | C] -- C:\Program Files\GNU
[2011-02-24 03:24:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\GRETECH
[2011-02-24 03:23:53 | 000,000,000 | ---D | C] -- C:\Program Files\GRETECH
[2011-02-20 06:43:17 | 001,053,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc71u.dll
[2011-02-20 06:43:17 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc70.dll
[2011-02-20 06:43:17 | 000,964,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc70u.dll
[2011-02-20 06:43:17 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr70.dll
[2011-02-20 06:43:17 | 000,000,000 | ---D | C] -- C:\Program Files\afreeca
[2011-02-19 06:54:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\시작 메뉴\프로그램\Picasa 3
[2011-02-19 06:53:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\Google
[2011-02-19 06:53:19 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2011-02-19 06:52:57 | 004,980,736 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuda.dll
[2011-02-19 06:52:57 | 002,916,968 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvid.dll
[2011-02-19 06:52:57 | 002,251,368 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvenc.dll
[2011-02-19 06:52:57 | 000,941,160 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvdispco322090.dll
[2011-02-19 06:52:57 | 000,837,736 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvgenco322040.dll
[2011-02-19 06:52:57 | 000,061,440 | ---- | C] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll
[2011-02-19 06:52:56 | 013,004,800 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcompiler.dll
[2011-02-19 06:29:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2011-02-19 06:20:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\Avira
[2011-02-19 06:15:32 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\user\IECompatCache
[2011-02-19 06:14:46 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\user\PrivacIE
[2011-02-19 06:12:47 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\user\IETldCache
[2011-02-19 06:09:13 | 000,000,000 | ---D | C] -- C:\Program Files\BandiMPEG1
[2011-02-19 06:01:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2011-02-19 05:59:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2011-02-19 05:58:21 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2011-02-19 05:57:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\Malwarebytes
[2011-02-19 05:57:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\시작 메뉴\프로그램\Malwarebytes' Anti-Malware
[2011-02-19 05:57:12 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011-02-19 05:57:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011-02-19 05:57:08 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011-02-19 05:57:07 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011-02-19 05:52:14 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\user\InstallAnywhere
[2011-02-19 05:51:47 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2011-02-19 05:51:47 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2011-02-19 05:51:35 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2011-02-19 05:51:33 | 001,991,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2011-02-19 05:51:22 | 011,080,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2011-02-18 05:49:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\시작 메뉴\프로그램\Avira
[2011-02-18 05:48:51 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2011-02-18 05:48:50 | 000,135,096 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2011-02-18 05:48:50 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2011-02-18 05:48:50 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2011-02-18 05:48:50 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2011-02-18 05:48:49 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2011-02-18 05:48:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2011-02-18 04:43:15 | 000,000,000 | ---D | C] -- C:\Program Files\Deep Silver
[2011-02-17 00:21:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\시작 메뉴\프로그램\Gametree
[2011-02-17 00:20:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\Gametree
[2011-02-17 00:12:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Gametree
[2011-02-15 23:25:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DirectX
[2011-02-15 22:38:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\시작 메뉴\프로그램\Nexon
[2011-02-15 22:37:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Nexon
[2011-02-15 21:40:17 | 000,228,456 | ---- | C] ( ) -- C:\WINDOWS\System32\npPMangFX.dll
[2011-02-15 01:21:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Screenshots
[2011-02-15 01:16:06 | 000,000,000 | ---D | C] -- C:\Netmarble
[2011-02-15 01:15:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\netmarble
[2011-02-15 01:14:43 | 000,192,512 | ---- | C] (킹스정보통신) -- C:\WINDOWS\System32\kdfvmgr.exe
[2011-02-15 01:14:42 | 000,083,288 | ---- | C] (Kings Information & Network) -- C:\WINDOWS\System32\kdfapi.dll
[2011-02-15 01:14:42 | 000,059,976 | ---- | C] (Kings Information & Network) -- C:\WINDOWS\System32\Kdfhok.dll
[2011-02-15 01:14:41 | 000,061,440 | ---- | C] (Kings Information& Network) -- C:\WINDOWS\System32\proDefense.dll
[2011-02-15 01:14:39 | 000,961,176 | ---- | C] (Kings Information & Network) -- C:\WINDOWS\System32\UKNWAWDQ.exe
[2011-02-15 01:14:39 | 000,314,120 | ---- | C] (Kings Information & Network) -- C:\WINDOWS\System32\kdfmod.dll
[2011-02-15 01:14:38 | 000,547,984 | ---- | C] (Kings Information & Network Test) -- C:\WINDOWS\System32\kdfinj.dll
[2011-02-15 01:14:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\kdefense
[2011-02-15 00:56:15 | 000,000,000 | ---D | C] -- C:\Program Files\NPKI
[2011-02-13 01:53:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\FalloutNV
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011-03-14 08:35:56 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011-03-14 08:32:46 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-03-14 08:32:42 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-03-14 02:21:35 | 000,000,386 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{B2EE2761-8DB2-4D36-BC41-CEA197A6DED4}.job
[2011-03-13 20:02:00 | 000,001,471 | ---- | M] () -- C:\Documents and Settings\user\\로우바둑이.lnk (game)*
[2011-03-13 11:09:51 | 000,001,491 | ---- | M] () -- C:\Documents and Settings\user\바탕 화면\한게임.lnk (Game)*
[2011-03-13 01:29:39 | 000,395,200 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011-03-13 01:29:39 | 000,209,630 | ---- | M] () -- C:\WINDOWS\System32\perfh012.dat
[2011-03-13 01:29:39 | 000,059,440 | ---- | M] () -- C:\WINDOWS\System32\perfc012.dat
[2011-03-13 01:29:39 | 000,059,440 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011-03-13 01:28:25 | 000,000,128 | ---- | M] () -- C:\WINDOWS\nsavflt.hst
[2011-03-13 01:28:25 | 000,000,039 | ---- | M] () -- C:\WINDOWS\ntavflt.hst
[2011-03-12 20:04:27 | 000,000,939 | ---- | M] () -- C:\Documents and Settings\user\바탕 화면\TLR의 바로 가기.lnk game*
[2011-03-12 01:39:52 | 000,001,342 | ---- | M] () -- C:\Documents and Settings\user\바탕 화면\프로야구 매니저.lnk game*
[2011-03-10 12:48:00 | 001,916,752 | ---- | M] (AhnLab, Inc.) -- C:\WINDOWS\System32\drivers\v3engine.sys
[2011-03-10 12:48:00 | 001,880,144 | ---- | M] (AhnLab, Inc.) -- C:\WINDOWS\System32\btscan.exe
[2011-03-09 13:19:44 | 000,059,264 | ---- | M] (NHN) -- C:\WINDOWS\System32\drivers\NSavFlt.sys
[2011-03-09 12:07:38 | 000,000,086 | ---- | M] () -- C:\WINDOWS\fsfgameinfo.ini
[2011-03-08 13:04:02 | 000,001,282 | ---- | M] () -- C:\Documents and Settings\user\바탕 화면\DragonAge2의 바로 가기.lnk game*
[2011-03-04 10:22:51 | 000,001,023 | ---- | M] () -- C:\Documents and Settings\user\바탕 화면\TS3EP03의 바로 가기.lnkgame*
[2011-03-03 23:30:22 | 000,001,138 | ---- | M] () -- C:\Documents and Settings\user\바탕 화면\한게임바둑.lnk game*
[2011-03-02 21:04:35 | 000,000,075 | ---- | M] () -- C:\WINDOWS\DragSearch.INI
[2011-03-02 12:04:00 | 001,441,104 | ---- | M] (AhnLab, Inc.) -- C:\WINDOWS\System32\drivers\ahnsze.sys
[2011-03-01 18:49:21 | 000,000,776 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\곰오디오.lnk gomtv
[2011-03-01 18:49:18 | 000,000,009 | ---- | M] () -- C:\WINDOWS\DragSearch.inf
[2011-03-01 18:49:02 | 000,000,794 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\곰플레이어.lnk Gomtv
[2011-02-23 17:55:02 | 003,278,776 | ---- | M] (JCE) -- C:\WINDOWS\JCGameLauncher.exe
[2011-02-21 14:17:52 | 000,567,152 | ---- | M] () -- C:\WINDOWS\System32\NJUninst.exe
[2011-02-20 06:45:09 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011-02-20 06:43:17 | 001,053,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc71u.dll
[2011-02-20 06:43:17 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc70.dll
[2011-02-20 06:43:17 | 000,964,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc70u.dll
[2011-02-20 06:43:17 | 000,344,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr70.dll
[2011-02-19 06:53:17 | 000,252,080 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011-02-19 06:53:17 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011-02-19 06:53:15 | 000,252,080 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011-02-19 06:53:15 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\nvdrswr.lk
[2011-02-19 06:12:49 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet Explorer 브라우저 시작.lnk
[2011-02-19 06:03:53 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011-02-19 05:57:13 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\바탕 화면\Malwarebytes' Anti-Malware.lnk
[2011-02-18 05:49:03 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\바탕 화면\Avira AntiVir Control Center.lnk
[2011-02-18 04:47:50 | 000,281,760 | ---- | M] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2011-02-18 04:47:49 | 000,025,888 | ---- | M] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2011-02-15 21:40:13 | 000,228,456 | ---- | M] ( ) -- C:\WINDOWS\System32\npPMangFX.dll
[2011-02-15 01:14:43 | 000,192,512 | ---- | M] (킹스정보통신) -- C:\WINDOWS\System32\kdfvmgr.exe
[2011-02-15 01:14:42 | 000,083,288 | ---- | M] (Kings Information & Network) -- C:\WINDOWS\System32\kdfapi.dll
[2011-02-15 01:14:42 | 000,059,976 | ---- | M] (Kings Information & Network) -- C:\WINDOWS\System32\Kdfhok.dll
[2011-02-15 01:14:41 | 000,061,440 | ---- | M] (Kings Information& Network) -- C:\WINDOWS\System32\proDefense.dll
[2011-02-15 01:14:39 | 000,961,176 | ---- | M] (Kings Information & Network) -- C:\WINDOWS\System32\UKNWAWDQ.exe
[2011-02-15 01:14:39 | 000,547,984 | ---- | M] (Kings Information & Network Test) -- C:\WINDOWS\System32\kdfinj.dll
[2011-02-15 01:14:39 | 000,314,120 | ---- | M] (Kings Information & Network) -- C:\WINDOWS\System32\kdfmod.dll
[2011-02-14 18:28:07 | 000,037,688 | ---- | M] (SoftForum Corporation) -- C:\WINDOWS\System32\JRSKD24.SYS
[2011-02-14 18:28:07 | 000,012,728 | ---- | M] (SoftForum Corporation) -- C:\WINDOWS\System32\JRSUKD25.SYS
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011-03-12 20:04:27 | 000,000,939 | ---- | C] () -- C:\Documents and Settings\user\바탕 화면\TLR의 바로 가기.lnk game*
[2011-03-12 11:29:17 | 000,000,128 | ---- | C] () -- C:\WINDOWS\nsavflt.hst
[2011-03-12 11:29:17 | 000,000,039 | ---- | C] () -- C:\WINDOWS\ntavflt.hst
[2011-03-12 01:39:52 | 000,001,342 | ---- | C] () -- C:\Documents and Settings\user\바탕 화면\프로야구 매니저.lnk
[2011-03-08 13:04:02 | 000,001,282 | ---- | C] () -- C:\Documents and Settings\user\바탕 화면\DragonAge2의 바로 가기.lnk game*
[2011-03-04 10:22:51 | 000,001,023 | ---- | C] () -- C:\Documents and Settings\user\바탕 화면\TS3EP03의 바로 가기.lnkgame*
[2011-03-01 19:52:24 | 000,000,075 | ---- | C] () -- C:\WINDOWS\DragSearch.INI
[2011-03-01 18:49:21 | 000,000,776 | ---- | C] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\곰오디오.lnk gom*
[2011-03-01 18:49:18 | 000,000,009 | ---- | C] () -- C:\WINDOWS\DragSearch.inf
[2011-03-01 18:49:02 | 000,000,794 | ---- | C] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\곰플레이어.lnk gom*
[2011-02-21 14:17:52 | 000,567,152 | ---- | C] () -- C:\WINDOWS\System32\NJUninst.exe
[2011-02-20 06:44:04 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2011-02-19 06:53:17 | 000,252,080 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011-02-19 06:53:15 | 000,252,080 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011-02-19 06:53:15 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011-02-19 06:53:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvdrswr.lk
[2011-02-19 06:52:57 | 002,292,678 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2011-02-19 06:52:57 | 000,003,630 | ---- | C] () -- C:\WINDOWS\System32\nvinfo.pb
[2011-02-19 06:15:32 | 000,000,386 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{B2EE2761-8DB2-4D36-BC41-CEA197A6DED4}.job
[2011-02-19 05:57:13 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\바탕 화면\Malwarebytes' Anti-Malware.lnk
[2011-02-18 05:49:03 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\바탕 화면\Avira AntiVir Control Center.lnk
[2011-02-18 04:47:50 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2011-02-18 04:47:49 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2011-02-07 18:03:23 | 001,443,224 | ---- | C] () -- C:\WINDOWS\System32\HanWebMsg1061.dll
[2011-02-07 16:04:56 | 000,041,880 | ---- | C] () -- C:\WINDOWS\System32\HanGamePlugin19.dll
[2011-02-04 06:18:26 | 000,016,432 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2011-02-01 13:31:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011-02-01 12:57:43 | 000,066,920 | ---- | C] () -- C:\WINDOWS\CMListControl.dll
[2011-02-01 12:51:47 | 000,000,086 | ---- | C] () -- C:\WINDOWS\fsfgameinfo.ini
[2010-11-05 10:24:33 | 000,080,416 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2010-06-05 14:58:17 | 000,000,075 | ---- | C] () -- C:\WINDOWS\Hjimesv.ini
[2010-06-05 14:56:53 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\winhcfga.ini
[2010-06-05 14:21:36 | 000,003,948 | R--- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2010-06-05 14:16:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010-06-05 14:13:20 | 000,021,896 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010-06-05 14:09:39 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010-06-05 14:07:39 | 000,374,776 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009-07-09 10:03:02 | 000,058,880 | ---- | C] () -- C:\WINDOWS\System32\bdmpegv.dll
[2008-07-01 22:44:20 | 000,215,144 | ---- | C] () -- C:\WINDOWS\System32\patchw32.dll
[2007-04-12 23:44:00 | 000,929,744 | ---- | C] () -- C:\WINDOWS\System32\nvucode.bin
[2007-04-12 23:44:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2005-09-06 20:13:44 | 000,086,016 | ---- | C] () -- C:\WINDOWS\NMUninst18.exe
[2004-08-03 16:07:32 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004-08-02 05:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2001-08-29 12:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001-08-29 12:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001-08-29 12:00:00 | 000,395,200 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001-08-29 12:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001-08-29 12:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001-08-29 12:00:00 | 000,209,630 | ---- | C] () -- C:\WINDOWS\System32\perfh012.dat
[2001-08-29 12:00:00 | 000,202,234 | ---- | C] () -- C:\WINDOWS\System32\qbasic.exe
[2001-08-29 12:00:00 | 000,194,296 | ---- | C] () -- C:\WINDOWS\System32\qbasic2.exe
[2001-08-29 12:00:00 | 000,192,560 | ---- | C] () -- C:\WINDOWS\System32\hfont.sys
[2001-08-29 12:00:00 | 000,147,616 | ---- | C] () -- C:\WINDOWS\System32\perfi012.dat
[2001-08-29 12:00:00 | 000,059,440 | ---- | C] () -- C:\WINDOWS\System32\perfc012.dat
[2001-08-29 12:00:00 | 000,059,440 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001-08-29 12:00:00 | 000,056,505 | ---- | C] () -- C:\WINDOWS\System32\hbios.sys
[2001-08-29 12:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001-08-29 12:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd012.dat
[2001-08-29 12:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001-08-29 12:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001-08-29 12:00:00 | 000,002,890 | ---- | C] () -- C:\WINDOWS\System32\disp_win.sys
[2001-08-29 12:00:00 | 000,000,793 | ---- | C] () -- C:\WINDOWS\System32\font_win.sys
[2001-08-29 12:00:00 | 000,000,784 | ---- | C] () -- C:\WINDOWS\System32\qbasic.com
[2001-08-29 12:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

< End of report >



OTL Extras logfile created on: 2011-03-14 오전 8:49:48 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\user\My Documents\다운로드
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000412 | Country: 대한민국 | Language: KOR | Date Format: yyyy-MM-dd

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 64.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 151.20 Gb Total Space | 91.17 Gb Free Space | 60.29% Space Free | Partition Type: NTFS
Drive D: | 146.85 Gb Total Space | 142.58 Gb Free Space | 97.09% Space Free | Partition Type: FAT32

Computer Name: USER-UJB7TR3 | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [GomAudio.Add] -- C:\Program Files\GRETECH\GomAudio\GOMA.exe /add "%1" ((주)그래텍)
Directory [GomAudio.AddCur] -- C:\Program Files\GRETECH\GomAudio\GOMA.exe /addcur "%1" ((주)그래텍)
Directory [GomAudio.Play] -- C:\Program Files\GRETECH\GomAudio\GOMA.exe "%1" ((주)그래텍)
Directory [Hwp.Print] -- C:\HNC\Hwp70\HwpPrnMng.exe /p "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\FreeStyle Football\FSeFootball.exe" = C:\FreeStyle Football\FSeFootball.exe:*:Enabled:FSeFootball -- ()
"C:\Program Files\NATEON\BIN\NateOnMain.exe" = C:\Program Files\NATEON\BIN\NateOnMain.exe:*:Enabled:NATE ON -- (SK Communications)
"C:\WINDOWS\skcbgm.exe" = C:\WINDOWS\skcbgm.exe:*:Enabled:SK Communications Cyworld BGM Player -- (© SK Communications)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:μTorrent -- (BitTorrent, Inc.)
"C:\Netmarble\NetmarbleDownLoaderEx\nmDownload.exe" = C:\Netmarble\NetmarbleDownLoaderEx\nmDownload.exe:*:Enabled:nmDownLoad -- ()
"C:\Documents and Settings\All Users\Application Data\Nexon\NGM\NGM.exe" = C:\Documents and Settings\All Users\Application Data\Nexon\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)
"C:\Documents and Settings\All Users\Application Data\Nexon\Common\NMService.exe" = C:\Documents and Settings\All Users\Application Data\Nexon\Common\NMService.exe:*:Enabled:Nexon Messenger Service -- (Nexon Corp.)
"C:\Nexon\NexonPlug\NMService.exe" = C:\Nexon\NexonPlug\NMService.exe:*:Enabled:Nexon Messenger Core
"C:\Program Files\GRETECH\GomTVStreamer\GomTVStreamerStream.exe" = C:\Program Files\GRETECH\GomTVStreamer\GomTVStreamerStream.exe:*:Enabled:GomTVStreamerStream -- ()
"C:\Program Files\GRETECH\GomTVStreamer\GomTVStreamerLive.exe" = C:\Program Files\GRETECH\GomTVStreamer\GomTVStreamerLive.exe:*:Enabled:GomTVStreamerLive -- ()
"C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam
"C:\Documents and Settings\user\Local Settings\Application Data\Gametree\ProBaseballManager\HitGame.exe" = C:\Documents and Settings\user\Local Settings\Application Data\Gametree\ProBaseballManager\HitGame.exe:*:Enabled:ProBaseballManager -- ()
"C:\Program Files\Naver\NaverVaccine\NVC.npc" = C:\Program Files\Naver\NaverVaccine\NVC.npc:*:Enabled:NaverVaccine


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{350C97B2-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{415ADF7E-6DB8-4481-86C0-1CEC0163CC7B}" = Nexon Game Manager
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = Sims 3
"{697E41EA-AEBE-4B5F-884E-87B5CD6C70AC}" = 네이트온
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{89173B88-384A-459B-B687-9C0BBC934EF4}" = The Sims 3 Create a Sim
"{90120000-0010-0412-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Korean) 12
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0015-0412-0000-0000000FF1CE}" = Microsoft Office Access MUI (Korean) 2007
"{90120000-0016-0412-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Korean) 2007
"{90120000-0018-0412-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Korean) 2007
"{90120000-0019-0412-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Korean) 2007
"{90120000-001A-0412-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Korean) 2007
"{90120000-001B-0412-0000-0000000FF1CE}" = Microsoft Office Word MUI (Korean) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0412-0000-0000000FF1CE}" = Microsoft Office Proof (Korean) 2007
"{90120000-0028-0412-0000-0000000FF1CE}" = Microsoft Office IME (Korean) 2007
"{90120000-002C-0412-0000-0000000FF1CE}" = Microsoft Office Proofing (Korean) 2007
"{90120000-0044-0412-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Korean) 2007
"{90120000-006E-0412-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Korean) 2007
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = 심즈 3 달콤살벌 커리어
"{964335F0_1655_45F0_AD07_E85C9366CD8A}" = V3 365 클리닉
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{B2423C36-006E-4270-AEBC-CFC4CAF2C310}" = 한글과컴퓨터 한글 2007
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA 제어판 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA 그래픽 드라이버 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 135.50
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX 시스템 소프트웨어 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = The Sims 3 World Adventures
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims3
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{EBB4463F_E248_42E5_8153_7C35537CAEAD}" = AhnLab SiteGuard 2.0
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ALSee_is1" = 알씨(rar extractor)
"ALUpdate_is1" = 알툴즈 업데이트 (rar extractor)
"ALZip_is1" = 알집 (rar extractor)
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BandiMPEG1" = 반디소프트 MPEG-1 디코더
"BGM 뮤직 플레이어 파이어폭스 플러그인" = BGM 뮤직 플레이어 파이어폭스 플러그인
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DragSearch" = 곰TV알리미플러스
"DtsFilter" = DTS+AC3 필터
"EADM" = EA Download Manager
"GOM Player" = 곰플레이어
"GomAudio" = 곰오디오
"GomTV Launcher Plugin" = 곰TV 플러그인
"GomTVHelper" = 곰TV도우미 제거
"GomTVStreamer" = 곰TV 스트리머
"GTL" = Gametree Launcher
"HanSetup" = 한게임 자동 인스톨러
"ie8" = Windows Internet Explorer 8
"kdefense" = K-Defense8 Control - 키보드 보안
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Mount&Blade - Warband_is1" = Mount&Blade - Warband v1.132
"Mozilla Firefox (3.6.15)" = Mozilla Firefox (3.6.15)
"MPEG2코덱(libmpeg2/mad)" = MPEG2코덱(libmpeg2/mad)
"NateAddrSrch" = 네이트 주소창 검색
"NaverToolbar" = 네이버 툴바
"NBA 2K10 RePack by Chikatila_is1" = NBA 2K10
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Picasa 3" = Picasa 3
"ProBaseballManager" = ProBaseballManager
"PROPLUS" = Microsoft Office Professional Plus 2007
"QuickSFV" = QuickSFV (Remove only)
"uTorrent" = µTorrent
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"XecureCK" = ClientKeeper KeyPro with E2E for 32bit

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Hangame.com" = 한게임

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2011-02-21 오전 3:22:09 | Computer Name = USER-UJB7TR3 | Source = ESENT | ID = 490
Description = svchost (1224) 시스템 오류 32 (0x00000020): "Another Process is using it so we can't delete this file. " 때문에 "C:\WINDOWS\system32\CatRoot2\edb.log" We can't open the file.
파일 열기 작업이 실패할 것입니다(오류 -1032 (0xfffffbf8)).

Error - 2011-02-24 오전 5:02:54 | Computer Name = USER-UJB7TR3 | Source = ESENT | ID = 490
Description = svchost (1228) 시스템 오류 32 (0x00000020): "Another process is using it so we can't open it.* " 때문에 "C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb"
Reading/Writing Process failed*. Opening folder failed*(오류 -1032 (0xfffffbf8)).

[ System Events ]
Error - 2011-02-17 오후 4:47:53 | Computer Name = USER-UJB7TR3 | Source = SideBySide | ID = 16842784
Description = 종속 어셈블리 Microsoft.VC90.CRT을(를) Can't find this file. Last error was we couldn't update something?. 입니다.

Error - 2011-02-17 오후 4:47:53 | Computer Name = USER-UJB7TR3 | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly이(가) Microsoft.VC90.CRT에 Failed. 참조 오류 메시지:
참조된 Assembly didn't get downloaded on to the system*. .

Error - 2011-02-17 오후 4:47:53 | Computer Name = USER-UJB7TR3 | Source = SideBySide | ID = 16842811
Description = Generate Activation Context이(가) C:\DOCUME~1\user\LOCALS~1\Temp\RarSFX0\redist.dll에
Failed. 참조 오류 메시지: Process complete*. .

Error - 2011-02-19 오전 7:42:51 | Computer Name = USER-UJB7TR3 | Source = Dhcp | ID = 1002
Description = Network adress* 001D92334806인 Netword Card* IP 주소 임대 192.168.254.101을(를) 192.168.254.254
DHCP Server Refused?*(DHCP Server* DHCPNACK <-gives message to*).

Error - 2011-02-19 오후 9:36:44 | Computer Name = USER-UJB7TR3 | Source = nv | ID = 11141134
Description = Unknown error on CMDre 00000000 00000080 00000040 00000004 00000084

Error - 2011-02-19 오후 9:57:40 | Computer Name = USER-UJB7TR3 | Source = nv | ID = 11141134
Description = Unknown error on CMDre 00000000 00000080 00000040 00000004 00000084

Error - 2011-02-21 오전 3:21:19 | Computer Name = USER-UJB7TR3 | Source = Dhcp | ID = 1002
Description = Network Address* 001D92334806인 Network card IP Adress 임대 192.168.254.100을(를) 192.168.254.254
DHCP Server refused*(DHCP server* DHCPNACK <-gives message to*).

Error - 2011-02-21 오전 3:21:26 | Computer Name = USER-UJB7TR3 | Source = Dhcp | ID = 1002
Description = Network Address 001D92334806인 Network card IP adress* 임대 0.0.0.0을(를) 192.168.254.254
DHCP Server refused(DHCP 서버가 DHCPNACK 메시지를 보냄).

Error - 2011-02-21 오후 5:05:01 | Computer Name = USER-UJB7TR3 | Source = nv | ID = 11141134
Description = Unknown error on CMDre 00000000 00000080 00000040 00000004 00000084

Error - 2011-02-21 오후 6:13:06 | Computer Name = USER-UJB7TR3 | Source = nv | ID = 11141134
Description = Unknown error on CMDre 00000000 00000080 00000040 00000004 00000084


< End of report >

Edited by thefreed, 13 March 2011 - 06:33 PM.

  • 0

Advertisements


#2
thefreed

thefreed

    Member

  • Topic Starter
  • Member
  • PipPip
  • 38 posts
Adding a Hijackthis log just to be safe:


I also found this "Perflib_Perfdata_4cc" file in my system32/temp folder... It won't be deleted...



Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 오전 9:57:49, on 2011-03-14
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\AhnLab\V3 365 Clinic\V3LTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\naver\NaverAgent\NaverAgent.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\AhnLab\SiteGuard2\sgsvc.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\AhnLab\V3 365 Clinic\V3LSvc.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\system32\conime.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

O2 - BHO: SiteGuard - {19217B99-F935-4A39-B857-A68A68D5BEBB} - C:\Program Files\AhnLab\SiteGuard2\SGAgenti.dll
O2 - BHO: gsearch - {375A6AB2-FEEC-445D-B853-2139FB561F80} - C:\PROGRA~1\GRETECH\GOMTVH~1\ghelper.dll
O2 - BHO: NaverToolbar Helper - {67C41E9E-2EBF-4F2B-AF74-314F0D793172} - C:\Program Files\naver\NaverToolbar\NaverTB_3_5_7_62.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: 네이버 툴바(&N) - {D09CFF09-A42A-4EDC-9804-E61224F59CA1} - C:\Program Files\naver\NaverToolbar\NaverTB_3_5_7_62.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [Korean IME Migration] C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMEKR\IMKRMIG.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HncUpdate] C:\Program Files\Common Files\Hnc\HncUtils\HncUpdate.exe /A
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ntasvr] "C:\Program Files\Nate\AddressSearch\ntasvr.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [DragSearch] C:\Documents and Settings\All Users\Application Data\DragSearch\Updater.exe
O4 - HKLM\..\Run: [AhnLab Tray Process] "C:\Program Files\AhnLab\V3 365 Clinic\V3LTray.exe" /logon
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NATEON] C:\Program Files\NATEON\BIN\NATEON.exe -as
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [NaverAgent] "C:\Program Files\naver\NaverAgent\NaverAgent.exe" /autorun
O4 - HKCU\..\RunOnce: [WiseStubReboot] MSIEXEC /quiet SKIP_PPU_DRIVER_INSTALL=1 /I "C:\Program Files\Common Files\Wise Installation Wizard\WISC5C1C0F0D62F4DBF81D4D7EF397C228B_9_09_0814.MSI" TRANSFORMS="C:\Program Files\Common Files\Wise Installation Wizard\WISC5C1C0F0D62F4DBF81D4D7EF397C228B_9_09_0814.MST" WISE_SETUP_EXE_PATH="e:\drivers\win2kxp\primary\display\PhysX_9.09.0814_SystemSoftware.exe"
O4 - HKUS\S-1-5-19\..\Run: [ctfmon.exe] ctfmon.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [ctfmon.exe] ctfmon.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] ctfmon.exe (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Microsoft Excel로 내보내기(&X) - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: 네이버 검색 - res://C:\Program Files\naver\NaverToolbar\NaverTB_3_5_7_62.dll /SEARCH.HTML
O8 - Extra context menu item: 네이버 북마크하기 - res://C:\Program Files\naver\NaverToolbar\NaverTB_3_5_7_62.dll /BOOKMARK.HTML
O8 - Extra context menu item: 네이버 블로그 담기 - res://C:\Program Files\naver\NaverToolbar\NaverTB_3_5_7_62.dll /BLOG.HTML
O8 - Extra context menu item: 네이버 사전 검색 - res://C:\Program Files\naver\NaverToolbar\NaverTB_3_5_7_62.dll /DIC.HTML
O8 - Extra context menu item: 네이버 오픈캐스트 링크등록 - res://C:\Program Files\naver\NaverToolbar\NaverTB_3_5_7_62.dll /OPENCAST.HTML
O8 - Extra context menu item: 네이버 일한 번역 - res://C:\Program Files\naver\NaverToolbar\NaverTB_3_5_7_62.dll /JKTRANS.HTML
O8 - Extra context menu item: 사이트가드 보이기(&S) - res://C:\Program Files\AhnLab\SiteGuard2\sgagenti.dll/201
O8 - Extra context menu item: 사이트가드 사용(&E) - res://C:\Program Files\AhnLab\SiteGuard2\sgagenti.dll/202
O9 - Extra button: 곰TV도우미 - {013BCEA5-8309-448b-8604-85F23D7861A5} - C:\PROGRA~1\GRETECH\GOMTVH~1\ghelper.dll
O9 - Extra 'Tools' menuitem: 곰TV도우미 - {013BCEA5-8309-448b-8604-85F23D7861A5} - C:\PROGRA~1\GRETECH\GOMTVH~1\ghelper.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {00001026-A15C-11D4-97A4-0050BF0FBE67} (NetmarbleStarter26 Class) - http://download.netm...26_20101209.cab
O16 - DPF: {095F34F6-1953-4BD7-9282-4008CC3DF910} (WebStarter Control) - http://allstar.paran...er_20091130.cab
O16 - DPF: {33EAE546-128F-41C3-BAD4-7624EB5E3730} (KT ICS Download Component) - http://windupdown.ga.../html/AddOn.cab
O16 - DPF: {5C1B293E-DA77-4AFF-8B52-63DEF8C8A071} (NetmarbleAutoUpdater Class) - http://download.netm....1_20091109.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1275717029531
O16 - DPF: {89F434A7-4A49-4394-AC02-007480331AE2} (NetmarbleSystemIDInfo Class) - http://download.netm...nfo_1.0.0.1.cab
O16 - DPF: {92E82FBB-DA00-41E0-ABFE-95482E21A4F6} (NMTransX Module) - http://download.netm...tX/NMTransX.cab
O16 - DPF: {93C449FA-ECFB-402F-A8C7-37E4F8D60E49} (Session2 Class) - http://dl.pmang.com/...ctl/pmangax.cab
O16 - DPF: {99846979-30FD-453E-A427-99217EA62571} (GTL Class) - http://launcher.ntre...ree/GTL/GTL.cab
O16 - DPF: {A4508A45-F1C4-40F3-99B4-0CA08AC77E3B} (Kdfense8 Control) - http://download.netm...29/kdfense8.cab
O16 - DPF: {C044CD87-DFB0-4130-A5E4-49361106FBC8} (HanSetupCtrl1010 Class) - http://baduk.hangame...anSetup1040.cab
O16 - DPF: {C342F4EE-6D48-4239-A55D-CF2D0D1F3BC6} (skcaset1 Class) - http://cyimg7.cyworl...age/skcaset.cab
O16 - DPF: {CE0A61AD-8FAA-400F-B88E-56E2BC659C37} (Launcher Class) - http://app.joycity.c...GameManager.cab
O16 - DPF: {E9E5E440-45DE-4D5B-8F8E-54212D160106} (OpenTV Control) - http://afocx.afreeca.../AFC/OpenTV.cab
O16 - DPF: {EC5D5118-9FDE-4A3E-84F3-C2B711740E70} (SKCommAX Control) - https://web.teledit....gn/SKCommAX.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SiteGuard Service (sgsvc) - AhnLab, Inc. - C:\Program Files\AhnLab\SiteGuard2\sgsvc.exe
O23 - Service: V3 365 Clinic Service - AhnLab, Inc. - C:\Program Files\AhnLab\V3 365 Clinic\V3LSvc.exe

--
End of file - 9613 bytes
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP