Jump to content

kwikimart

Members
 View Profile  See their activity

  • Posts

    18

  • Joined

  • Last visited

About kwikimart

  • Birthday 5/14/1964

Tech Info

  • Experience
    beginner
  • System: windows_xp_home

kwikimart's Achievements

Newbie

Newbie (1/14)

0

Reputation

  1. kwikimart
    Okay, THANK YOU so much for helping me!!! also, how do you put a anti virus protector on the files that i want to back up? and do you what i should press after i have pressed F11?? THANK YOU!!
  2. kwikimart
    it is packard bell, and i don't know what type, but it says something about Ixtreme and it has pentium 4, and window XP. except for that i don't reallly know
  3. kwikimart
    I tried to do the system file checker, but i couldn't find it? is it probably because iam not logged in as admin? but when i tried to log in to admin, i couldn't because when i logged off, the 'names' i could log in to were just 'user' and no admininastrator..
  4. kwikimart
    Sorry!! before i do this for the TDSSKILLER one more time and i think it might have worked!! and it still came up with the command pop up, but it said that it scanned the services, and the kernel memory.. then completed and the results were: memory objects infected/cured/cured on reboot: 0/0/0 registry objects infected/ cured / cured on reboot: 0/0/0 file objects infected/ cured / cured on reboot 0/0/0 and then to continue press any key.... so i rebooted the system again, but still there are loads of pop ups keeping on saying error so......i don't know if it worked or not?
  5. kwikimart
    H!! its me again :) Iam afraid that i don't have a XP disk :( and also for the TDSSKILLER, i couldn't run it. it came up as a command screen where it's like black with stuff on it rather than an actual programme. and when it said to start press any key, so i first pressed the windows and R like you said but it just closed itself, and when i pressed any key, it still closed itself....
  6. kwikimart
    All processes killed ========== OTL ========== Service Wind0wsSrv stopped successfully! Service Wind0wsSrv deleted successfully! File File not found not found. Service ODBC_Server_2009 stopped successfully! Service ODBC_Server_2009 deleted successfully! File File not found not found. Service kstationA stopped successfully! Service kstationA deleted successfully! File File not found not found. Service IocationA stopped successfully! Service IocationA deleted successfully! File File not found not found. Service IDESRv stopped successfully! Service IDESRv deleted successfully! File File not found not found. Service wcsv stopped successfully! Service wcsv deleted successfully! C:\Program Files\WebCompass\wcsv.dll moved successfully. Error: No service named mgsv was found to stop! Service\Driver key mgsv not found. File C:\Program Files\Mplus\mgsv.dll not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2D3BA117-A67B-4BE3-B692-A0F399E7EBC3}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2D3BA117-A67B-4BE3-B692-A0F399E7EBC3}\ deleted successfully. C:\Program Files\WebCompass\wc_src_1m.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8EA9A253-227C-4b03-9DD7-A138E8600430}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8EA9A253-227C-4b03-9DD7-A138E8600430}\ deleted successfully. File C:\Program Files\Mplus\mg_src_1g.dll not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA1B77B3-505A-4F0D-95A2-EB7C46F7FE90}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EA1B77B3-505A-4F0D-95A2-EB7C46F7FE90}\ deleted successfully. C:\Program Files\WebCompass\wc_rwd_1p.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F90BB714-01B6-438B-8993-F6E46ACBFA24}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F90BB714-01B6-438B-8993-F6E46ACBFA24}\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\WINDOWS\system32\sdra64.exe deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{05c9ea7a-0a69-11de-9c00-000c762886fc}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{05c9ea7a-0a69-11de-9c00-000c762886fc}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{af37c64b-fd9d-11dd-9beb-000c762886fc}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{af37c64b-fd9d-11dd-9beb-000c762886fc}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{af37c64b-fd9d-11dd-9beb-000c762886fc}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{af37c64b-fd9d-11dd-9beb-000c762886fc}\ not found. File G:\LaunchU3.exe not found. C:\Program Files\WebCompass folder moved successfully. ========== FILES ========== File\Folder C:\Program Files\Mplus not found. File\Folder c:\program files\WebGuide not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: ibm User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 670318 bytes ->Flash cache emptied: 0 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 51789859 bytes ->Flash cache emptied: 7747 bytes User: user ->Temp folder emptied: 605310 bytes ->Temporary Internet Files folder emptied: 3416050 bytes ->FireFox cache emptied: 37214156 bytes ->Flash cache emptied: 1662 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 39448252 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes RecycleBin emptied: 3906159 bytes Total Files Cleaned = 131.00 mb [EMPTYFLASH] User: All Users User: Default User User: ibm User: LocalService ->Flash cache emptied: 0 bytes User: NetworkService ->Flash cache emptied: 0 bytes User: user ->Flash cache emptied: 0 bytes Total Flash Files Cleaned = 0.00 mb OTL by OldTimer - Version 3.1.37.3 log created on 04032010_144743 Files\Folders moved on Reboot... File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\VX2L7S8S\1269044427_COTT_UK_companion_wrapper[1].jpg not found! File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\VX2L7S8S\135033_1041[1].jpg not found! File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\VX2L7S8S\21763-15[1].js not found! File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\VX2L7S8S\56087079_640[1].jpg not found! File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\VX2L7S8S\aceUAC[1].js not found! Registry entries deleted on Reboot...
  7. kwikimart
    The combofix didn't work iam afraid... it may be because iam a firefox?? i don't know, because this message popped up saying about firefox and combo fix being a public programme (?) and i had to click yes or no, so i thought it was the agree statement or something so i clicked yes. and when i run combo fix it pops up with a bunch or errors and then a blue popup from c:/ comes up. (isn't that a commands something?) so i have tried......:(
  8. kwikimart
    well, first for the desktop thing, it keeps saying that it couldn't find documents in the C drive?? although i wasn't really looking for that was I?? oh well. iam going to try the combofix now. hopefully it wil work!!! :)
  9. kwikimart
    Hi, erm...like i said that i don't have the desktop, so i used the download section in firefox, in order to activate the different programs and so on... so when downloading i couldn't change the name of combofix. so i downloaded then renamed it...so..... i don't know if that is alright or not...?
  10. kwikimart
    oh, so its bad news afterall... :( sorry, i don't quite understad by what you mean by trustworthy? do you mean, that the computer will 'crash' like it did? because i don't do any internet banking or anything that has sensative information in use... so..... i don't know what to do.... and once again, i really can't thank you enough times!!!!
  11. kwikimart
    THANK YOU SOOO MUCH!!! I KNOW ITS LONG>.............BUT THANK YOU!!
  12. kwikimart
    (still continued) color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2004-08-03 17:05:04 | 018,914,088 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2009-05-08 11:42:16 | 024,351,158 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2009-05-08 11:42:16 | 024,351,158 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2008-04-13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008-04-13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2004-08-03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys [2004-08-03 14:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys < MD5 for: EVENTLOG.DLL > [2008-04-14 03:26:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=622932FD07B826D444ABEA042132A516 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008-04-14 03:26:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=622932FD07B826D444ABEA042132A516 -- C:\WINDOWS\system32\eventlog.dll [2004-08-03 16:53:14 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6FA3D37A0B26E73835D6D8D9B7444284 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll < MD5 for: NETLOGON.DLL > [2004-08-03 16:53:24 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=28FED80445881BC77D041E8DAAF302D4 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll [2008-04-14 03:26:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=6FCAA8854E38F21CFFFD9C347C80AC04 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll [2008-04-14 03:26:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=6FCAA8854E38F21CFFFD9C347C80AC04 -- C:\WINDOWS\system32\netlogon.dll < MD5 for: SCECLI.DLL > [2004-08-03 16:53:26 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=25F1F68AECF4C4D1F71EF5A652EFCAFD -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll [2008-04-14 03:26:55 | 000,176,128 | ---- | M] (Microsoft Corporation) MD5=74F696324BD2E0623BA6B2E1FBECB5B8 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll [2008-04-14 03:26:55 | 000,176,128 | ---- | M] (Microsoft Corporation) MD5=74F696324BD2E0623BA6B2E1FBECB5B8 -- C:\WINDOWS\system32\scecli.dll < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2001-08-29 04:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\kbd101a.dll [2001-08-17 06:55:56 | 000,005,632 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\kbd103.dll < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\system32\drivers\*.sys /lockedfiles > < End of report >
  13. kwikimart
    (Continued.... still) [2010-03-30 19:33:23 | 000,555,520 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\user\바탕 화면\OTL.exe [2010-03-30 17:25:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\Malwarebytes [2010-03-30 17:25:30 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010-03-30 17:25:26 | 000,020,824 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010-03-30 17:25:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2010-03-30 17:23:35 | 005,918,720 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\user\바탕 화면\mbam-setup-1.45.exe [2010-03-30 17:13:28 | 000,444,416 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\user\바탕 화면\TFC.exe [2010-03-29 20:04:17 | 000,926,552 | ---- | C] (Prevx) -- C:\Documents and Settings\user\바탕 화면\PREVXCSIFREE.EXE [2010-03-26 00:59:55 | 000,000,000 | ---D | C] -- C:\Program Files\WebCompass [2010-03-26 00:26:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage [2010-03-26 00:26:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\Office Genuine Advantage [2010-03-25 02:13:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\zh-TW [2010-03-25 02:13:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\zh-HK [2010-03-25 02:13:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\tr-TR [2010-03-25 02:13:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\sv-SE [2010-03-25 02:13:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pt-BR [2010-03-25 02:13:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\nl-NL [2010-03-25 02:13:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\nb-NO [2010-03-25 02:13:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\it-IT [2010-03-25 02:13:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\he-IL [2010-03-25 02:13:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\fr-FR [2010-03-25 02:13:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\fi-FI [2010-03-25 02:13:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\es-ES [2010-03-25 02:13:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\el-GR [2010-03-25 02:13:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de-DE [2010-03-25 02:13:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\da-DK [2010-03-25 02:13:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ar-SA [2010-03-24 19:23:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS [2010-03-19 18:20:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft [2010-03-19 18:19:42 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft [2010-03-18 08:31:11 | 000,000,000 | -H-D | C] -- C:\$AVG [2010-03-18 08:29:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg9 [2010-03-18 08:21:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft [2010-03-18 08:21:57 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft [2010-03-18 08:08:42 | 000,891,248 | ---- | C] (AVG Technologies) -- C:\Documents and Settings\user\바탕 화면\avg_free_stb_all_9_40_cnet.exe [2010-03-18 07:41:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe [2010-03-11 19:19:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Adobe [2010-03-11 11:03:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Macromedia [2010-03-11 11:03:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Adobe [2010-03-10 22:33:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia [2010-03-10 19:53:33 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe [2010-03-08 22:02:12 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\user\IECompatCache [2010-03-08 16:34:34 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\user\PrivacIE [2010-03-08 16:30:03 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\user\IETldCache [2010-03-08 14:14:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates [2010-03-08 14:11:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM [2010-03-08 14:09:05 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8 [2010-03-08 13:56:59 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll [2010-03-08 13:56:55 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll [2010-03-08 13:56:54 | 001,985,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll [2010-03-08 13:56:43 | 011,070,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll [2009-08-08 22:56:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\nagasoft [2009-04-29 19:02:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple [1 C:\Documents and Settings\user\바탕 화면\*.tmp files -> C:\Documents and Settings\user\바탕 화면\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010-03-30 19:33:24 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\바탕 화면\OTL.exe [2010-03-30 19:03:11 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job [2010-03-30 19:01:31 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job [2010-03-30 19:01:30 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-03-30 19:01:11 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-03-30 19:01:10 | 536,399,872 | -HS- | M] () -- C:\hiberfil.sys [2010-03-30 18:59:59 | 006,504,448 | ---- | M] () -- C:\Documents and Settings\user\ntuser.dat [2010-03-30 18:59:59 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\user\ntuser.ini [2010-03-30 17:28:28 | 058,253,661 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm [2010-03-30 17:25:34 | 000,000,478 | ---- | M] () -- C:\Documents and Settings\All Users\바탕 화면\Malwarebytes' Anti-Malware.lnk [2010-03-30 17:23:52 | 005,918,720 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\user\바탕 화면\mbam-setup-1.45.exe [2010-03-30 17:13:30 | 000,444,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\바탕 화면\TFC.exe [2010-03-29 20:23:20 | 000,293,376 | ---- | M] () -- C:\Documents and Settings\user\바탕 화면\exeHelper.com [2010-03-29 20:04:17 | 000,926,552 | ---- | M] (Prevx) -- C:\Documents and Settings\user\바탕 화면\PREVXCSIFREE.EXE [2010-03-29 15:24:58 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010-03-29 15:24:46 | 000,020,824 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010-03-29 07:21:17 | 000,439,088 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010-03-29 07:21:17 | 000,240,230 | ---- | M] () -- C:\WINDOWS\System32\perfh012.dat [2010-03-29 07:21:17 | 000,069,348 | ---- | M] () -- C:\WINDOWS\System32\perfc012.dat [2010-03-29 07:21:17 | 000,069,348 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010-03-29 07:21:16 | 000,832,756 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010-03-28 12:59:32 | 001,666,435 | ---- | M] () -- C:\Documents and Settings\user\바탕 화면\dsds.mp3 [2010-03-26 00:26:50 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-03-25 01:06:36 | 000,000,425 | ---- | M] () -- D:\My Documents\6540654의 바로 가기.lnk [2010-03-24 20:06:58 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2010-03-22 19:24:35 | 000,000,325 | --S- | M] () -- C:\WINDOWS\System32\2718170913.dat [2010-03-21 21:36:27 | 001,004,888 | ---- | M] () -- C:\Documents and Settings\user\바탕 화면\oh_happy_day.pdf [2010-03-18 08:30:47 | 000,360,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys [2010-03-18 08:30:47 | 000,333,192 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys [2010-03-18 08:30:47 | 000,142,495 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg [2010-03-18 08:30:47 | 000,028,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys [2010-03-18 08:30:34 | 000,001,507 | ---- | M] () -- C:\Documents and Settings\All Users\바탕 화면\AVG Free 9.0.lnk [2010-03-18 08:30:32 | 000,113,461 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm [2010-03-18 08:30:32 | 000,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll [2010-03-18 08:08:43 | 000,891,248 | ---- | M] (AVG Technologies) -- C:\Documents and Settings\user\바탕 화면\avg_free_stb_all_9_40_cnet.exe [2010-03-13 00:54:01 | 000,000,650 | ---- | M] () -- C:\WINDOWS\win.ini [2010-03-12 19:19:47 | 000,000,270 | ---- | M] () -- C:\Documents and Settings\user\바탕 화면\Watch Jennifer's Body Online Free , download Jennifersbody - Watch Movies Online For Free Full Movie Downloads.url [2010-03-12 19:07:03 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010-03-11 18:28:42 | 000,000,584 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010-03-10 19:53:27 | 000,032,256 | ---- | M] () -- C:\Documents and Settings\user\바탕 화면\타종교안에서의 선교.hwp [2010-03-07 13:14:27 | 000,205,233 | ---- | M] () -- C:\Documents and Settings\user\바탕 화면\%EC%98%A5%ED%83%9D%EC%97%B0~1.jpg [2010-03-04 22:22:53 | 000,000,126 | ---- | M] () -- C:\Documents and Settings\user\바탕 화면\Awards for Young Musicians.url [2010-03-04 22:17:23 | 000,000,206 | ---- | M] () -- C:\Documents and Settings\user\바탕 화면\The Diploma in Engineering is made up of many parts that you study to get your qualification..url [1 C:\Documents and Settings\user\바탕 화면\*.tmp files -> C:\Documents and Settings\user\바탕 화면\*.tmp -> ] ========== Files Created - No Company Name ========== [2010-03-30 17:25:34 | 000,000,478 | ---- | C] () -- C:\Documents and Settings\All Users\바탕 화면\Malwarebytes' Anti-Malware.lnk [2010-03-29 20:23:20 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\user\바탕 화면\exeHelper.com [2010-03-29 20:14:03 | 536,399,872 | -HS- | C] () -- C:\hiberfil.sys [2010-03-28 12:59:29 | 001,666,435 | ---- | C] () -- C:\Documents and Settings\user\바탕 화면\dsds.mp3 [2010-03-25 01:06:36 | 000,000,425 | ---- | C] () -- D:\My Documents\6540654의 바로 가기.lnk [2010-03-24 19:29:07 | 000,000,236 | ---- | C] () -- C:\WINDOWS\tasks\OGALogon.job [2010-03-21 21:36:24 | 001,004,888 | ---- | C] () -- C:\Documents and Settings\user\바탕 화면\oh_happy_day.pdf [2010-03-20 17:26:27 | 000,000,325 | --S- | C] () -- C:\WINDOWS\System32\2718170913.dat [2010-03-18 22:19:36 | 006,504,448 | ---- | C] () -- C:\Documents and Settings\user\ntuser.dat [2010-03-18 08:30:34 | 000,001,507 | ---- | C] () -- C:\Documents and Settings\All Users\바탕 화면\AVG Free 9.0.lnk [2010-03-12 19:20:06 | 000,000,270 | ---- | C] () -- C:\Documents and Settings\user\바탕 화면\Watch Jennifer's Body Online Free , download Jennifersbody - Watch Movies Online For Free Full Movie Downloads.url [2010-03-10 19:53:24 | 000,032,256 | ---- | C] () -- C:\Documents and Settings\user\바탕 화면\타종교안에서의 선교.hwp [2010-03-07 13:22:15 | 000,205,233 | ---- | C] () -- C:\Documents and Settings\user\바탕 화면\%EC%98%A5%ED%83%9D%EC%97%B0~1.jpg [2010-03-04 22:23:05 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\user\바탕 화면\Awards for Young Musicians.url [2010-03-04 22:17:42 | 000,000,206 | ---- | C] () -- C:\Documents and Settings\user\바탕 화면\The Diploma in Engineering is made up of many parts that you study to get your qualification..url [2009-11-22 23:55:54 | 000,596,512 | ---- | C] () -- C:\WINDOWS\System32\INICRYPTOSDK.dll [2009-11-22 23:55:53 | 000,008,821 | ---- | C] () -- C:\WINDOWS\System32\np_jpn.ini [2009-11-22 23:55:53 | 000,008,517 | ---- | C] () -- C:\WINDOWS\System32\np_kor.ini [2009-11-22 23:55:53 | 000,008,023 | ---- | C] () -- C:\WINDOWS\System32\np_Eng.ini [2009-11-22 23:55:53 | 000,006,808 | ---- | C] () -- C:\WINDOWS\System32\np_chs.ini [2009-08-03 16:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll [2008-11-05 17:56:17 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\WaveletGrayDecoder.dll [2008-11-05 17:56:17 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\WindowMoveHook.dll [2008-11-05 17:56:16 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\WaveletColorDecoder.dll [2008-08-23 11:21:36 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt [2008-08-23 11:12:21 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2008-07-10 12:56:39 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\DAUMCRYPT.DLL [2008-06-04 10:42:46 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\ToonsHook2.dll [2008-01-18 20:17:41 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\CSDLGE1LIB.dll [2008-01-18 19:12:55 | 000,124,432 | ---- | C] () -- C:\WINDOWS\System32\PanInstaller.dll [2008-01-18 19:12:55 | 000,083,480 | ---- | C] () -- C:\WINDOWS\System32\FirstLoad.dll [2008-01-03 22:10:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI [2007-09-30 09:37:38 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2007-09-30 09:37:38 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2007-09-30 09:37:31 | 000,356,352 | ---- | C] () -- C:\WINDOWS\System32\p3max.dll [2007-07-19 21:43:04 | 000,011,943 | ---- | C] () -- C:\Documents and Settings\user\Application Data\PandoraTVissue2.jpg [2007-06-27 18:59:04 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\user\Application Data\dm.ini [2007-06-27 18:59:03 | 000,001,567 | ---- | C] () -- C:\Documents and Settings\user\Application Data\AdobeDLM.log [2007-06-26 19:28:04 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\KTxtLog.dll [2007-06-26 19:10:12 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\KNetClient.dll [2007-06-26 19:08:00 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\KCharUtil.dll [2007-05-25 14:23:56 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\ver.ini [2007-04-09 21:53:51 | 000,067,352 | ---- | C] () -- C:\WINDOWS\System32\CMListControl.dll [2007-03-14 21:10:37 | 000,000,021 | ---- | C] () -- C:\WINDOWS\System32\drcheck.dll [2007-03-12 11:09:37 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2007-03-11 11:46:50 | 000,000,270 | ---- | C] () -- C:\WINDOWS\LEXSTAT.INI [2007-03-09 21:32:25 | 000,037,376 | ---- | C] () -- C:\WINDOWS\System32\CoInst.dll [2007-03-09 21:32:24 | 000,016,053 | ---- | C] () -- C:\WINDOWS\wwdslcfg.ini [2007-03-09 21:16:35 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2007-03-09 21:13:18 | 000,000,049 | ---- | C] () -- C:\WINDOWS\Hjimesv.ini [2007-03-09 21:11:11 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\winhcfg.ini [2007-03-09 20:26:08 | 000,127,488 | ---- | C] () -- C:\Documents and Settings\user\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007-02-06 15:49:50 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\CaptureProtect.dll [2006-12-26 13:20:46 | 000,360,448 | ---- | C] () -- C:\WINDOWS\System32\p3einsctrl.dll [2006-11-24 13:06:32 | 000,360,448 | ---- | C] () -- C:\WINDOWS\System32\p3einsweb.dll [2006-01-05 13:43:38 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ToonsXHook.dll [2004-11-25 16:30:44 | 000,184,320 | ---- | C] () -- C:\WINDOWS\System32\dmvm.dll [2003-05-19 10:16:48 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\WaveletDecoder.dll [2003-05-19 10:16:48 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\IndexedColorDecoder.dll [2003-03-05 10:57:50 | 000,005,021 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2001-08-29 04:00:00 | 000,192,560 | ---- | C] () -- C:\WINDOWS\System32\hfont.sys [2001-08-29 04:00:00 | 000,056,505 | ---- | C] () -- C:\WINDOWS\System32\hbios.sys [2001-08-29 04:00:00 | 000,002,890 | ---- | C] () -- C:\WINDOWS\System32\disp_win.sys [2001-08-29 04:00:00 | 000,000,793 | ---- | C] () -- C:\WINDOWS\System32\font_win.sys [1999-01-23 00:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL ========== LOP Check ========== [2010-03-29 18:50:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9 [2009-02-01 17:56:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cyworld [2008-04-24 17:01:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driving Test Success [2009-04-25 08:59:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} [2007-03-09 22:09:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Hnc [2007-06-27 19:11:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Leadertech [2008-04-24 17:01:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\LGSync [2009-06-03 18:21:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\LimeWire [2008-04-24 17:02:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Orbit [2007-07-19 21:42:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\PandoraTV [2009-04-23 20:47:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Samsung [2007-11-27 03:33:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\YTN [2010-03-30 19:01:31 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job [2010-03-30 19:03:11 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job ========== Purity Check ========== ========== Custom Scans ========== < Code: > < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2004-08-03 17:05:04 | 018,914,088 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys [2009-05-08 11:42:16 | 024,351,158 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys [2009-05-08 11:42:16 | 024,351,158 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys [2008-04-13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008-04-13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys [2004-08-04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys [2004-08-03 15:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\i386\AGP440.SYS
  14. kwikimart
    here is the rest... (SORRY!!) NetSvcs: 6to4 - File not found NetSvcs: Ias - C:\WINDOWS\system32\ias [2007-03-09 20:01:22 | 000,000,000 | ---D | M] NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found CREATERESTOREPOINT Restore point Set: OTL Restore Point (11543867069300736) ========== Files/Folders - Created Within 30 Days ==========
  15. kwikimart
    OTL logfile created on: 2010-03-30 오후 7:34:28 - Run 1 OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\user\바탕 화면 Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000412 | Country: 대한민국 | Language: KOR | Date Format: yyyy-MM-dd 511.00 Mb Total Physical Memory | 143.00 Mb Available Physical Memory | 28.00% Memory free 1.00 Gb Paging File | 1.00 Gb Available in Paging File | 70.00% Paging File free Paging file location(s): C:\pagefile.sys 768 1536 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 15.92 Gb Total Space | 5.42 Gb Free Space | 34.04% Space Free | Partition Type: NTFS Drive D: | 58.61 Gb Total Space | 25.82 Gb Free Space | 44.06% Space Free | Partition Type: NTFS Unable to calculate disk information. F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: PB Current User Name: user Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Documents and Settings\user\바탕 화면\OTL.exe (OldTimer Tools) PRC - C:\Program Files\AVG\AVG9\avgchsvx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG9\avgnsx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG9\avgrsx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG9\avgcsrvx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\WINDOWS\system32\npkcmsvc.exe (INCA Internet Co., Ltd.) PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) PRC - C:\WINDOWS\system32\slserv.exe (Smart Link) ========== Modules (SafeList) ========== MOD - C:\Documents and Settings\user\바탕 화면\OTL.exe (OldTimer Tools) MOD - C:\WINDOWS\system32\framedyn.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (Wind0wsSrv) -- File not found SRV - (ODBC_Server_2009) -- File not found SRV - (kstationA) -- File not found SRV - (IocationA) -- File not found SRV - (IDESRv) -- File not found SRV - (wcsv) -- C:\Program Files\WebCompass\wcsv.dll () SRV - (avg9wd) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) SRV - (npkcmsvc) -- C:\WINDOWS\system32\npkcmsvc.exe (INCA Internet Co., Ltd.) SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) SRV - (vvdsvc) -- C:\WINDOWS\system32\Nagasoft\vjocx.dll (NanJing Nagasoft Co, LTD.) SRV - (mgsv) -- C:\Program Files\Mplus\mgsv.dll () SRV - (SLService) -- C:\WINDOWS\System32\slserv.exe (Smart Link) ========== Driver Services (SafeList) ========== DRV - (AvgTdiX) -- C:\WINDOWS\System32\Drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.) DRV - (AvgLdx86) -- C:\WINDOWS\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.) DRV - (AvgMfx86) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.) DRV - (npkakl) -- C:\WINDOWS\system32\npkakl.sys (INCA Internet Co.,Ltd.) DRV - (npkcrypt) -- C:\WINDOWS\system32\npkcrypt.sys (INCA Internet Co., Ltd.) DRV - (StarOpen) -- C:\WINDOWS\system32\drivers\StarOpen.sys () DRV - (sscdmdm) -- C:\WINDOWS\system32\drivers\sscdmdm.sys (MCCI Corporation) DRV - (sscdmdfl) -- C:\WINDOWS\system32\drivers\sscdmdfl.sys (MCCI Corporation) DRV - (sscdbus) SAMSUNG USB Composite Device driver (WDM) -- C:\WINDOWS\system32\drivers\sscdbus.sys (MCCI Corporation) DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.) DRV - (USBModem) -- C:\WINDOWS\system32\drivers\lgusbmodem.sys (LG Electronics Inc.) DRV - (usbbus) -- C:\WINDOWS\system32\drivers\lgusbbus.sys (LG Electronics Inc.) DRV - (SlNtHal) -- C:\WINDOWS\system32\drivers\slnthal.sys (Smart Link) DRV - (SlWdmSup) -- C:\WINDOWS\system32\drivers\slwdmsup.sys (Smart Link) DRV - (Slntamr) -- C:\WINDOWS\system32\drivers\slntamr.sys (Smart Link) DRV - (NtMtlFax) -- C:\WINDOWS\system32\drivers\ntmtlfax.sys (Smart Link) DRV - (Mtlmnt5) -- C:\WINDOWS\system32\drivers\mtlmnt5.sys (Smart Link) DRV - (RecAgent) -- C:\WINDOWS\system32\DRIVERS\RecAgent.sys (Smart Link) DRV - (Mtlstrm) -- C:\WINDOWS\system32\drivers\mtlstrm.sys (Smart Link) DRV - (rtl8139) Realtek RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation) DRV - (w****b) -- C:\WINDOWS\system32\drivers\gwausb.sys (GlobespanVirata Inc.) DRV - (FsVga) -- C:\WINDOWS\system32\drivers\fsvga.sys (Microsoft Corporation) DRV - (MODEMCSA) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Google Search IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Daum - ìƒí™œì´ ë°”ë€ë‹¤! Life On Daum IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search" FF - prefs.js..browser.search.selectedEngine: "Yahoo! Search" FF - prefs.js..browser.startup.homepage: "www.daum.net" FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.783 FF - prefs.js..extensions.enabledItems: searchrecs@veoh.com:1.5.2 FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010-03-19 18:00:08 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-03-23 20:52:27 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-03-20 15:09:41 | 000,000,000 | ---D | M] [2008-07-22 20:27:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Mozilla\Extensions [2010-03-28 22:21:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\ao9fvfgf.default\extensions [2009-09-14 23:46:43 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\ao9fvfgf.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-01-27 13:20:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\ao9fvfgf.default\extensions\searchrecs@veoh.com [2008-07-22 20:27:32 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2008-10-28 22:46:05 | 000,004,573 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\danawa-kr.xml [2008-10-28 22:46:05 | 000,003,396 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\daum-kr.xml [2008-10-28 22:46:05 | 000,002,312 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\naver-kr.xml [2008-10-28 22:46:05 | 000,001,196 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-kr.xml [2008-10-28 22:46:05 | 000,000,803 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-kr.xml O1 HOSTS File: ([2001-08-29 04:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (WebCompass Search Class) - {2D3BA117-A67B-4BE3-B692-A0F399E7EBC3} - C:\Program Files\WebCompass\wc_src_1m.dll () O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (Mplus Search Class) - {8EA9A253-227C-4b03-9DD7-A138E8600430} - C:\Program Files\Mplus\mg_src_1g.dll () O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O2 - BHO: (WebCompass Reward Class) - {EA1B77B3-505A-4F0D-95A2-EB7C46F7FE90} - C:\Program Files\WebCompass\wc_rwd_1p.dll (Datawave System Inc) O2 - BHO: (WebGuide Class) - {F90BB714-01B6-438B-8993-F6E46ACBFA24} - c:\program files\WebGuide\webguide7a_C.dll File not found O3 - HKLM\..\Toolbar: (Veoh Web Player Video Finder) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll (Veoh Networks Inc) O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O3 - HKLM\..\Toolbar: (Veoh Browser Plug-in) - {D0943516-5076-4020-A3B5-AEFAF26AB263} - D:\Veoh\Plugins\reg\VeohToolbar.dll (Veoh Networks Inc) O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [iTunesHelper] D:\iTunesHelper.exe (Apple Inc.) O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] D:\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [QuickTime Task] D:\qttask.exe (Apple Inc.) O4 - HKCU..\Run: [VeohPlugin] C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Veoh Networks) O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] D:\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - Startup: C:\Documents and Settings\All Users\시작 메뉴\프로그램\시작프로그램\Adobe Reader Speed Launch.lnk = D:\Reader\reader_sl.exe (Adobe Systems Incorporated) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra Button: 스크랩 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Live Writer에 스크랩(&B) - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {04E7BADF-F3B9-420D-B82D-8D8CADEFE4F9} http://cyimg7.cyworld.com/ImageUpload/CyImageUpload_10217.cab (CyImage2Ctl Class) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {1DE9BB01-B121-401D-8877-BCD5ED5B7EE5} http://www.crezio.com/test/leeyunho/AlwaysOn/AlwaysOn.CAB (Tpwin Control) O16 - DPF: {2029F1D2-90E4-49EF-9824-F666D238BFF6} http://jr.naver.com/comic/book/viewer_new/NHNComicViewer.cab (NHNComicViewer Class) O16 - DPF: {21FDDE58-51A6-402A-8040-39DA033DC196} http://image.pullbbang.com/newTop/Pull0Control.ocx (Pull0PlayerX Control) O16 - DPF: {4AFE617E-ABD5-48F2-9107-774310802352} http://img.cyworld.com/img/video_v3/tvon/CyTVAxLauncher_V12.CAB (CyTVAx Class) O16 - DPF: {882A7CC6-0163-4BC1-8BC1-505E36C9FFA2} http://www.mnet.com/Ver2/App/totalApp/maxhelper/maxhelper.cab (MaxHelper Control) O16 - DPF: {8DC067B8-911D-473A-90F1-1171B887CDE0} http://cyimg7.cyworld.com/ImageUpload/CyPictureU1.cab?20080604 (CyImage Class) O16 - DPF: {938527D1-CDB7-4147-998A-B20FCA5CC976} http://cafeimg.hanmail.net/activex/dmcc2.cab?Version=1,0,0,10 (Cdmcco Class) O16 - DPF: {9B75502C-BBED-4BBD-8FE2-822E5E0AD32C} http://www.diodeo.com/ActiveDiodeoPlayer.cab (MagicLockOCX Control) O16 - DPF: {B9B38E70-EEF6-4E3A-AE84-DDE59A053B7C} http://cafeimg.hanmail.net/cto/xman.cab?ver=1,2,3,2 (Daum ActiveX manager Class) O16 - DPF: {BD6BB450-7C69-43B8-96F3-689CAE57AB51} http://netv.sbs.co.kr/object/player/SBSWebPlayer.cab (SBSWebPlayer Class) O16 - DPF: {C021A4D6-173F-4BF4-B38C-B12CAA20E518} http://www.mgoon.com/launcher.cab (Mgoon Launcher Control) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E1CDC08F-F464-4682-AE6A-7689451387C0} http://cafeimg.hanmail.net/activex/dmcm.cab?Version=1,0,0,22 (CAFE multiupload control) O16 - DPF: {E6C4420E-0669-4518-B825-F63CDDEF7D5D} http://rc.puppyred.com/init.cab (InitOcx Control) O16 - DPF: {E75386B4-C629-11DB-8338-444553544200} http://cyimg7.cyworld.nate.com/cymusic/package/cyinstal.cab (PcubeSet Class) O16 - DPF: {F4A1D5E2-AF49-47A7-A945-23038106F3A4} http://imgcdn.pandora.tv/pan_img/launcher/codebase/Pandora_SetUpAX.cab (Pandora_SetUp Control) O16 - DPF: {FCD61199-E187-4ADD-88E5-9AF238486D11} http://www.50yb.com/player/forceplayer.cab (CPPMediaCtrl Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\sdra64.exe) - C:\WINDOWS\System32\sdra64.exe File not found O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.) O24 - Desktop Components:0 (현재 홈 페이지) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2007-03-09 20:01:54 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{05c9ea7a-0a69-11de-9c00-000c762886fc}\Shell - "" = AutoRun O33 - MountPoints2\{af37c64b-fd9d-11dd-9beb-000c762886fc}\Shell - "" = AutoRun O33 - MountPoints2\{af37c64b-fd9d-11dd-9beb-000c762886fc}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %*
×
×
  • Create New...