The scan:
OTL logfile created on: 2011-09-14 오후 11:11:15 - Run 2
OTL by OldTimer - Version 3.2.28.0 Folder = C:\Documents and Settings\David\바탕 화면
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000412 | Country: 대한민국 | Language: KOR | Date Format: yyyy-MM-dd
1.94 Gb Total Physical Memory | 1.19 Gb Available Physical Memory | 61.37% Memory free
3.79 Gb Paging File | 3.21 Gb Available in Paging File | 84.84% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298.08 Gb Total Space | 253.22 Gb Free Space | 84.95% Space Free | Partition Type: NTFS
Computer Name: C6DFBC8DF64647E | User Name: David | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\David\바탕 화면\OTL.exe (OldTimer Tools)
PRC - C:\Documents and Settings\David\Local Settings\Application Data\Google\Update\1.3.21.69\GoogleCrashHandler.exe (Google Inc)
PRC - C:\Documents and Settings\David\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files\AhnLab\SiteGuard2\sgsvc.exe (AhnLab, Inc.)
PRC - C:\Program Files\Droid Explorer\SDK\tools\adb.exe ()
PRC - C:\Program Files\Droid Explorer\DroidExplorer.Service.exe (Ryan Conrad)
PRC - C:\Program Files\Dokan\DokanLibrary\mounter.exe ()
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\conime.exe (Microsoft Corporation)
PRC - C:\Program Files\NETGEAR\WNDA3100\WNDA3100.exe (NETGEAR)
PRC - C:\WINDOWS\system32\acs.exe (Atheros)
PRC - C:\WINDOWS\system32\CNAC4RPK.EXE (CANON INC.)
PRC - C:\WINDOWS\system32\spool\drivers\w32x86\3\CNAC4LAK.EXE (CANON INC.)
PRC - C:\WINDOWS\system32\libusbd-nt.exe (http://libusb-win32.sourceforge.net)
========== Modules (No Company Name) ==========
MOD - C:\Documents and Settings\David\Local Settings\Application Data\Google\Chrome\Application\13.0.782.220\ppgooglenaclpluginchrome.dll ()
MOD - C:\Documents and Settings\David\Local Settings\Application Data\Google\Chrome\Application\13.0.782.220\pdf.dll ()
MOD - C:\Documents and Settings\David\Local Settings\Application Data\Google\Chrome\Application\13.0.782.220\Locales\ko.dll ()
MOD - C:\Documents and Settings\David\Local Settings\Application Data\Google\Chrome\Application\13.0.782.220\avutil-50.dll ()
MOD - C:\Documents and Settings\David\Local Settings\Application Data\Google\Chrome\Application\13.0.782.220\avformat-52.dll ()
MOD - C:\Documents and Settings\David\Local Settings\Application Data\Google\Chrome\Application\13.0.782.220\avcodec-52.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\70a1400affdc775d7c7398e036359286\System.ServiceProcess.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\77df2cd21a5b85a1605b335aa9ad9d44\System.Configuration.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\10154dcad2d62f226af2fd4211460a4b\System.Xml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d00cc387e462e4c3cdcd112b137cac87\System.Windows.Forms.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7ed09623172a292eaee51e2e3bcaf784\System.Drawing.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Core\e54e013315849f5e34d8f2a8e7fdb450\System.Core.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e6c79e1d71b0c9000afd7e5e439b5c54\System.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll ()
MOD - C:\Program Files\Droid Explorer\SDK\tools\adb.exe ()
MOD - C:\Program Files\Dokan\DokanLibrary\mounter.exe ()
MOD - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.KOR ()
========== Win32 Services (SafeList) ==========
SRV - (V3 Lite Service) -- C:\Program Files\AhnLab\V3Lite\V3LSvc.exe (AhnLab, Inc.)
SRV - (sgsvc) -- C:\Program Files\AhnLab\SiteGuard2\sgsvc.exe (AhnLab, Inc.)
SRV - (DroidExplorerService) -- C:\Program Files\Droid Explorer\DroidExplorer.Service.exe (Ryan Conrad)
SRV - (DokanMounter) -- C:\Program Files\Dokan\DokanLibrary\mounter.exe ()
SRV - (jswpsapi) -- C:\Program Files\NETGEAR\WNDA3100\jswpsapi.exe (Atheros Communications, Inc.)
SRV - (ACS) -- C:\WINDOWS\system32\acs.exe (Atheros)
SRV - (libusbd) -- C:\WINDOWS\system32\libusbd-nt.exe (http://libusb-win32.sourceforge.net)
========== Driver Services (SafeList) ==========
DRV - (v3engine) -- C:\WINDOWS\system32\drivers\v3engine.sys (AhnLab, Inc.)
DRV - (AhnSZE) -- C:\WINDOWS\system32\drivers\ahnsze.sys (AhnLab, Inc.)
DRV - (ATamptNt_V3LITE) -- C:\Program Files\AhnLab\V3Lite\ATamptNt.sys (AhnLab, Inc.)
DRV - (ASZFltNt) -- C:\Program Files\AhnLab\V3Lite\ASZFltNt.sys (AhnLab, Inc.)
DRV - (AhnRghNt) -- C:\WINDOWS\system32\drivers\AhnRghNt.sys (AhnLab, Inc.)
DRV - (MeDCoreD_V3LITE) -- C:\Program Files\AhnLab\V3Lite\MeDCoreD.sys (AhnLab, Inc.)
DRV - (VPDrvNt) -- C:\Program Files\AhnLab\V3Lite\VPDrvNt.sys (AhnLab, Inc.)
DRV - (V3Flt2K) -- C:\Program Files\AhnLab\V3Lite\V3Flt2k.sys (AhnLab, Inc.)
DRV - (ATamptNt_ASG) -- C:\Program Files\AhnLab\SiteGuard2\atamptnt.sys (AhnLab, Inc.)
DRV - (AhnRec2K) -- C:\WINDOWS\system32\drivers\AhnRec2k.sys (AhnLab, Inc.)
DRV - (AhnFlt2K) -- C:\WINDOWS\system32\drivers\AhnFlt2k.sys (AhnLab, Inc.)
DRV - (TfFRegNt) -- C:\Program Files\AhnLab\V3Lite\tffregnt.sys (AhnLab, Inc.)
DRV - (TfProcNt) -- C:\Program Files\AhnLab\V3Lite\ahawkent.sys (AhnLab, Inc.)
DRV - (vs-enc2) -- C:\WINDOWS\Temp\vs-enc2.sys (MarkAny, Inc.)
DRV - (VS) -- C:\WINDOWS\Temp\vs-prt.sys (MarcAny Inc.)
DRV - (iDispService) -- C:\WINDOWS\system32\drivers\idisplayminiport.sys (SHAPE Services)
DRV - (AMonTDnt) -- C:\WINDOWS\system32\drivers\AMonTDnt.sys (AhnLab, Inc.)
DRV - (AMonHKnt) -- C:\WINDOWS\system32\drivers\amonhknt.sys (AhnLab, Inc.)
DRV - (Dokan) -- C:\WINDOWS\system32\drivers\dokan.sys (Windows ® Win 7 DDK provider)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (SCREAMINGBDRIVER) -- C:\WINDOWS\system32\drivers\ScreamingBAudio.sys (Screaming Bee LLC)
DRV - (Monfilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.)
DRV - (Ambfilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative)
DRV - (CdmDrvNt) -- C:\WINDOWS\system32\drivers\CdmDrvNt.sys (AhnLab, Inc.)
DRV - (nvgts) -- C:\WINDOWS\system32\DRIVERS\nvgts.sys (NVIDIA Corporation)
DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)
DRV - (WNDA3100) -- C:\WINDOWS\system32\drivers\WNDA31.sys (Atheros Communications, Inc.)
DRV - (WSIMD) -- C:\WINDOWS\system32\drivers\wsimd.sys (Atheros Communications, Inc.)
DRV - (JSWSCIMD) -- C:\WINDOWS\system32\drivers\jswscimd.sys (Atheros Communications, Inc.)
DRV - (AmdPPM) -- C:\WINDOWS\system32\drivers\AmdPPM.sys (Advanced Micro Devices)
DRV - (libusb0) -- C:\WINDOWS\system32\drivers\libusb0.sys ()
DRV - (FsVga) -- C:\WINDOWS\system32\drivers\fsvga.sys (Microsoft Corporation)
DRV - (DNINDIS5) -- C:\WINDOWS\system32\DNINDIS5.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (DCamUSBSamsung) -- C:\WINDOWS\system32\drivers\Sncnt.sys (Samsung Electronics)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.naver.com
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.com/NxGame: C:\Documents and Settings\All Users\Application Data\Nexon\NGM\npNxGame.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@softforum.com/npxwebplugins: C:\Program Files\SoftForum\XecureWeb\ActiveX\npxwebplugin.dll (SoftForum Co., Ltd.)
FF - HKLM\Software\MozillaPlugins\@softforum.com/npxwebplugins_file: C:\Program Files\SoftForum\XecureWeb\ActiveX\npxwebplugin_file.dll (SoftForum Co., Ltd.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\David\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\David\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2010-05-25 00:51:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2010-04-27 19:31:38 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2010-08-28 14:14:02 | 000,000,781 | RHS- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (SGAgentObj Class) - {19217B99-F935-4A39-B857-A68A68D5BEBB} - C:\Program Files\AhnLab\SiteGuard2\sgagenti.dll (AhnLab, Inc.)
O2 - BHO: (ALToolbarBho Class) - {7F1A79F9-78D1-4186-9F60-EE0B63DF042A} - C:\Program Files\ESTsoft\ALToolbar\ALToolBand_1830.dll (ESTsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (ALToolBar) - {38FBE93D-4CA1-4414-AF6A-94920C5BD8DA} - C:\Program Files\ESTsoft\ALToolbar\ALToolBand_1830.dll (ESTsoft Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (주소(&A)) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (주소(&A)) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (연결(&L)) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3: - HKCU\..\Toolbar\WebBrowser - No CLSID value found.
O3: - HKCU\..\Toolbar\WebBrowser - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AhnLab V3Lite Tray Process] C:\Program Files\AhnLab\V3Lite\V3LTray.exe (AhnLab, Inc.)
O4 - HKLM..\Run: [HKLM] C:\WINDOWS\system32\install\server.exe (Microsoft Corporation)
O4 - HKLM..\Run: [imekrmig7.0] C:\Program Files\Common Files\Microsoft Shared\IME\IMKR7\IMEKRMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [] C:\ [2011-09-14 23:04:45 | 000,000,000 | ---D | M]
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Google Update] C:\Documents and Settings\David\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc)
O4 - HKCU..\Run: [HKCU] C:\WINDOWS\system32\install\server.exe (Microsoft Corporation)
O4 - HKCU..\Run: [server] C:\Documents and Settings\David\Application Data\hrndblqhXf.exe ()
O4 - HKCU..\Run: [vertex] C:\Documents and Settings\David\Application Data\fvAOFvjMhI.exe ()
O4 - Startup: C:\Documents and Settings\All Users\시작 메뉴\프로그램\시작프로그램\Canon LBP5000 Status Window.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\CNAC4LAK.EXE (CANON INC.)
O4 - Startup: C:\Documents and Settings\All Users\시작 메뉴\프로그램\시작프로그램\NETGEAR WNDA3100 Smart Wizard.lnk = C:\Program Files\NETGEAR\WNDA3100\WNDA3100.exe (NETGEAR)
O4 - Startup: C:\Documents and Settings\David\시작 메뉴\프로그램\시작프로그램\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = C:\WINDOWS\system32\install\server.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = C:\WINDOWS\system32\install\server.exe (Microsoft Corporation)
O8 - Extra context menu item: 사이트가드 보이기(&S) - C:\Program Files\AhnLab\SiteGuard2\sgagenti.dll (AhnLab, Inc.)
O8 - Extra context menu item: 사이트가드 사용(&E) - C:\Program Files\AhnLab\SiteGuard2\sgagenti.dll (AhnLab, Inc.)
O8 - Extra context menu item: 알툴바 빠른검색(&Q) - C:\Program Files\ESTsoft\ALToolBar\ALToolBand_1830.dll (ESTsoft Corporation)
O8 - Extra context menu item: Microsoft Excel로 내보내기(&X) - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: 리서치 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {00000055-9980-0010-8000-00AA00389B71} http://download.micr...9E3A1BC/fhg.CAB (Reg Error: Key error.)
O16 - DPF: {00001026-A15C-11D4-97A4-0050BF0FBE67} http://download.netm...26_20091109.cab (NetmarbleStarter26 Class)
O16 - DPF: {0349EF81-B9C1-4B97-86F7-7B931D0E2532} http://sticube.clubb...NowStarter2.cab (NowStarter2 Control)
O16 - DPF: {39FC0CF9-86F3-4502-B773-D16706EDEC83} https://www.scsk-sup...03157/SCSK4.cab (Reg Error: Key error.)
O16 - DPF: {3C36DCBE-5CDF-4C35-9D0B-4A1882B2EB0A} https://tx.allatpay..../AllatPayRE.cab (AllatPayREAtl Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1271213474609 (WUWebControl Class)
O16 - DPF: {7E9FDB80-5316-11D4-B02C-00C04F0CD404} https://vbv.shinhanc.../xw_install.cab (XecureWeb 4.0 Client Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {8DC067B8-911D-473A-90F1-1171B887CDE0} http://cyimg7.cyworl...33.cab?20081124 (CyImage Class)
O16 - DPF: {9963FACF-7618-417B-B6DD-AB8B65AF8CD1} http://pgdownload.da...XPayUpdater.cab (XPAYUpdater Control)
O16 - DPF: {B0A75875-3622-48BA-B5FF-45AD77AC2D0E} http://www.bankpay.o.../BankPayEFT.cab (BankPayEFTCtrl Control)
O16 - DPF: {B128EFF9-0B1C-4C65-A162-28165A3A0A18} http://ssl.makeshop....ssl/MSecure.cab (MakeShop Secure Control)
O16 - DPF: {B9B38E70-EEF6-4E3A-AE84-DDE59A053B7C} http://mail.daum.net...cab?ver=2,0,0,9 (Daum ActiveX manager Class)
O16 - DPF: {BBFD2D10-EC6E-4259-91D1-1E38C826E5E2} http://app.gomtv.com/gomtv/gomtvx.cab (Launcher Class)
O16 - DPF: {C044CD87-DFB0-4130-A5E4-49361106FBC8} http://www.hangame.c...anSetup1030.cab (HanSetupCtrl1010 Class)
O16 - DPF: {C1143E84-B2B1-473B-9F20-E62DD754FCAF} https://vbv.shinhanc...ineTransfer.cab (VineTransfer Control)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E78928A6-3D2A-4BF7-A100-F3FBAA351B49} https://www.vpay.co..../KVPISPCTLD.cab (KvpIspCtlD Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B890167A-0A39-43CE-B5EC-1B931E45785F}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\smart {402CA0E4-3090-402e-BE90-3EE9B766EBB0} - C:\Program Files\ESTsoft\ALToolbar\ALToolBarProtocol.dll ()
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (rentVersion\Winlogon) -C:\WINDOWS\System32\Winlogon.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) -C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) -C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") -C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (현재 홈 페이지) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\초원.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\초원.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) -C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) -C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) -C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) -C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) -C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) -C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) -C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) -C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) -C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-04-14 04:26:01 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011-09-14 23:02:24 | 000,000,000 | ---D | C] -- C:\_OTL
[2011-09-14 22:54:56 | 000,581,632 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\David\바탕 화면\OTL.exe
[2011-09-11 23:30:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\바탕 화면\SuddenAttackNA
[2011-09-07 23:59:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\My Documents\The KMPlayer
[2011-09-07 00:44:10 | 000,000,000 | R--D | C] -- C:\Documents and Settings\David\시작 메뉴\프로그램\관리 도구
[2011-09-06 22:57:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\바탕 화면\내꺼
[2011-09-03 22:17:18 | 000,593,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2011-08-28 21:11:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\install
[2011-08-28 21:11:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Application Data\install
[2011-08-24 21:58:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\My Documents\Downloads
[2011-08-18 00:41:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\바탕 화면\엄마꺼
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[10 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011-09-14 23:11:15 | 000,295,524 | -H-- | M] () -- C:\Documents and Settings\David\Application Data\Davidlog.dat
[2011-09-14 22:54:59 | 000,581,632 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\David\바탕 화면\OTL.exe
[2011-09-14 22:29:06 | 000,000,764 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-839522115-152049171-725345543-1003UA.job
[2011-09-14 22:09:43 | 000,201,731 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011-09-14 22:09:26 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-09-14 22:09:21 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2011-09-14 22:09:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-09-14 10:29:00 | 000,000,712 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-839522115-152049171-725345543-1003Core.job
[2011-09-08 02:26:00 | 002,193,488 | ---- | M] (AhnLab, Inc.) -- C:\WINDOWS\System32\drivers\v3engine.sys
[2011-09-08 02:26:00 | 002,154,576 | ---- | M] (AhnLab, Inc.) -- C:\WINDOWS\System32\btscan.exe
[2011-09-07 22:43:22 | 000,255,312 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011-09-03 22:17:18 | 000,593,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2011-08-30 19:16:03 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011-08-28 21:14:31 | 000,688,640 | ---- | M] () -- C:\Documents and Settings\David\Application Data\hrndblqhXf.exe
[2011-08-28 21:14:31 | 000,688,640 | ---- | M] () -- C:\Documents and Settings\David\Application Data\fvAOFvjMhI.exe
[2011-08-26 18:01:00 | 001,550,288 | ---- | M] (AhnLab, Inc.) -- C:\WINDOWS\System32\drivers\ahnsze.sys
[2011-08-25 21:45:50 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011-08-20 01:19:00 | 000,058,592 | ---- | M] (AhnLab, Inc.) -- C:\WINDOWS\System32\drivers\AhnRghNt.sys
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[10 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011-08-28 21:11:49 | 000,688,640 | ---- | C] () -- C:\Documents and Settings\David\Application Data\fvAOFvjMhI.exe
[2011-08-28 21:11:48 | 000,688,640 | ---- | C] () -- C:\Documents and Settings\David\Application Data\hrndblqhXf.exe
[2011-06-12 03:49:51 | 004,752,582 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-839522115-152049171-725345543-1003-0.dat
[2011-06-12 03:49:50 | 000,261,446 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2011-06-12 00:45:18 | 006,779,712 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011-03-09 19:47:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011-02-16 21:10:27 | 007,909,376 | ---- | C] () -- C:\WINDOWS\System32\KvpVcmd.dll
[2011-01-22 13:43:44 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\David\Application Data\winscp.rnd
[2011-01-04 15:10:56 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2011-01-04 15:10:56 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2011-01-04 15:10:56 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2011-01-04 15:10:56 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2011-01-03 14:01:17 | 000,033,792 | ---- | C] () -- C:\WINDOWS\System32\drivers\libusb0.sys
[2011-01-02 21:32:52 | 000,708,096 | ---- | C] () -- C:\WINDOWS\System32\INIcrypto20.dll
[2011-01-02 21:32:52 | 000,143,460 | ---- | C] () -- C:\WINDOWS\System32\INIWEBCryptoWrapper.dll
[2011-01-02 21:32:50 | 001,105,920 | ---- | C] () -- C:\WINDOWS\System32\ISPPopUpDlg.exe
[2011-01-02 21:32:50 | 000,241,664 | ---- | C] () -- C:\WINDOWS\System32\PubCertDlg.dll
[2011-01-02 21:32:48 | 000,386,048 | ---- | C] () -- C:\WINDOWS\System32\INICertManUI.dll
[2011-01-02 21:32:47 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\ISP_crgen.dll
[2011-01-02 21:26:11 | 000,000,101 | ---- | C] () -- C:\WINDOWS\msecure.ini
[2010-12-13 09:26:56 | 000,072,704 | ---- | C] () -- C:\WINDOWS\AllatKeyIn.exe
[2010-11-07 12:11:20 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010-09-04 11:56:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\CPC10QA5.INI
[2010-08-17 21:15:28 | 000,104,448 | ---- | C] () -- C:\Documents and Settings\David\Application Data\chrtmp
[2010-08-17 21:15:20 | 000,095,814 | ---- | C] () -- C:\Documents and Settings\David\Application Data\AkifNettv88.exe
[2010-07-06 00:39:26 | 000,044,032 | ---- | C] () -- C:\WINDOWS\System32\dokan.dll
[2010-06-28 20:31:49 | 001,589,248 | ---- | C] () -- C:\WINDOWS\System32\libmysql_d.dll
[2010-06-22 15:57:29 | 000,001,738 | ---- | C] () -- C:\Documents and Settings\David\Application Data\hidewin.cfg
[2010-06-13 15:25:44 | 000,034,864 | ---- | C] () -- C:\WINDOWS\unwise.exe
[2010-06-13 15:25:40 | 000,000,872 | ---- | C] () -- C:\WINDOWS\wnsetup.ini
[2010-05-31 21:44:33 | 000,073,216 | ---- | C] () -- C:\WINDOWS\System32\RBRegEx350.dll
[2010-05-31 21:44:33 | 000,060,416 | ---- | C] () -- C:\WINDOWS\System32\rbap350.dll
[2010-05-31 21:44:33 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\RBSpriteSurface350.dll
[2010-05-31 21:44:33 | 000,051,200 | ---- | C] () -- C:\WINDOWS\System32\MBSWinPlugin.dll
[2010-05-31 21:44:33 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\rbselectfolder350.dll
[2010-05-31 21:44:33 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\MBSUsernamePlugin.dll
[2010-05-31 21:44:33 | 000,026,112 | ---- | C] () -- C:\WINDOWS\System32\MBSRegistrationPlugin.dll
[2010-05-19 23:48:08 | 000,053,228 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010-04-25 18:23:36 | 000,014,229 | ---- | C] () -- C:\WINDOWS\SNC.INI
[2010-04-25 18:21:52 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\SncSti0.dll
[2010-04-22 23:17:05 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010-04-20 21:44:10 | 000,021,504 | ---- | C] () -- C:\Documents and Settings\David\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-04-14 16:03:33 | 000,004,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2010-04-14 15:06:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\fscflist.ini
[2010-04-14 15:06:46 | 000,000,078 | ---- | C] () -- C:\WINDOWS\System32\fscagent.ini
[2010-04-14 04:40:30 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010-04-14 04:27:18 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010-04-14 04:23:47 | 000,021,896 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010-04-14 04:20:37 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010-04-14 04:16:57 | 000,255,312 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009-11-24 09:54:50 | 000,241,664 | ---- | C] () -- C:\WINDOWS\System32\KvpUpCom.dll
[2009-09-07 15:59:06 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\y5wrapper.dll
[2009-09-07 15:59:04 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\y5winwrap.dll
[2009-09-07 15:57:46 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\y5csel.dll
[2009-09-02 08:07:48 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\y5cview.dll
[2009-09-02 08:07:44 | 000,389,120 | ---- | C] () -- C:\WINDOWS\System32\y5cert.dll
[2009-09-02 08:07:44 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\y5clist.dll
[2009-09-01 17:16:38 | 000,184,320 | ---- | C] () -- C:\WINDOWS\System32\y5base.dll
[2009-08-03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009-08-03 15:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009-01-16 06:42:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009-01-16 06:42:00 | 001,657,376 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2009-01-16 06:42:00 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009-01-16 06:42:00 | 001,346,080 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2009-01-16 06:42:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009-01-16 06:42:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2009-01-16 06:42:00 | 000,449,056 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2009-01-16 06:42:00 | 000,436,768 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2008-02-27 11:26:00 | 000,262,216 | ---- | C] () -- C:\WINDOWS\System32\IPTests.dll
[2005-09-06 20:13:44 | 000,086,016 | ---- | C] () -- C:\WINDOWS\NMUninst18.exe
[2005-04-08 14:16:43 | 000,295,524 | -H-- | C] () -- C:\Documents and Settings\David\Application Data\Davidlog.dat
[2005-02-21 18:28:36 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\usbdll.dll
[2004-08-13 15:37:56 | 000,202,234 | ---- | C] () -- C:\WINDOWS\System32\qbasic.exe
[2004-08-13 15:37:56 | 000,194,296 | ---- | C] () -- C:\WINDOWS\System32\qbasic2.exe
[2004-08-13 15:37:56 | 000,000,784 | ---- | C] () -- C:\WINDOWS\System32\qbasic.com
[2004-08-13 15:37:54 | 000,473,670 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004-08-13 15:37:54 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004-08-13 15:37:54 | 000,267,376 | ---- | C] () -- C:\WINDOWS\System32\perfh012.dat
[2004-08-13 15:37:54 | 000,147,616 | ---- | C] () -- C:\WINDOWS\System32\perfi012.dat
[2004-08-13 15:37:54 | 000,076,874 | ---- | C] () -- C:\WINDOWS\System32\perfc012.dat
[2004-08-13 15:37:54 | 000,076,764 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004-08-13 15:37:54 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd012.dat
[2004-08-13 15:37:54 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004-08-13 15:37:52 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004-08-13 15:37:52 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004-08-13 15:37:48 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004-08-13 15:37:36 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004-08-13 15:37:34 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004-08-13 15:37:22 | 000,192,560 | ---- | C] () -- C:\WINDOWS\System32\hfont.sys
[2004-08-13 15:37:20 | 000,056,505 | ---- | C] () -- C:\WINDOWS\System32\hbios.sys
[2004-08-13 15:37:18 | 000,000,793 | ---- | C] () -- C:\WINDOWS\System32\font_win.sys
[2004-08-13 15:37:16 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004-08-13 15:37:06 | 000,002,890 | ---- | C] () -- C:\WINDOWS\System32\disp_win.sys
[2004-08-04 04:07:32 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004-08-02 17:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004-04-18 19:43:46 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2004-04-18 19:43:44 | 000,651,264 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2003-03-05 21:57:50 | 000,005,021 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
========== LOP Check ==========
[2010-04-14 14:51:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AhnLab
[2010-10-07 22:00:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IconTweaker
[2010-11-27 15:38:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Insight Software
[2010-11-27 15:38:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Insight Software Solutions
[2010-06-13 07:57:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nexon
[2010-05-22 13:26:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonUS
[2010-08-28 15:35:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters Inc
[2010-10-07 22:06:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PrinterShare
[2010-09-27 22:42:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\River Past G5
[2010-06-05 14:37:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RoboForm
[2011-09-06 23:16:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2011-01-02 21:33:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SoftCamp
[2010-11-11 19:30:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010-04-29 21:41:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011-09-06 22:50:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\AhnLab
[2011-05-06 18:12:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\Avnex
[2010-06-06 00:47:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\ClientKeeper
[2011-01-19 14:43:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\Cyberduck
[2011-01-21 21:42:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\DroidExplorer
[2011-07-08 19:25:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\Dropbox
[2011-01-03 14:10:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\GetRightToGo
[2010-11-10 20:05:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\gtk-2.0
[2010-10-07 22:00:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\IconTweaker
[2011-09-14 11:51:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\install
[2011-05-24 23:30:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\LG Electronics
[2011-04-16 12:56:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\Neopets Toolbar
[2010-10-24 15:06:27 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\David\Application Data\netmarble
[2010-09-27 22:38:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\River Past G5
[2011-09-06 23:16:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\Samsung
[2011-05-06 17:44:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\Screaming Bee
[2011-04-10 14:41:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\SHAPE Services
[2010-11-06 14:22:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\Sondle Soft
[2010-05-19 20:20:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\Styler
[2010-07-28 07:54:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\Toolbar4
[2010-11-12 19:26:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\VirtuaWin
[2011-01-21 09:51:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\VoipBuster
[2011-01-21 12:18:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\VoipStunt
[2011-01-19 13:28:14 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\David\Application Data\wyUpdate AU
[2011-09-14 22:09:21 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 60 bytes -> C:\Documents and Settings\All Users\Documents\.TemporaryItems:AFP_AfpInfo
@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8178B8D6
< End of report >
Please solve this problem
Sign In
Create Account
