just few days ago my internet started running really slow. just to let you know, my kaspersky antivirus has been out of date for like a year, thus i have many spyware and adwars and possibly virus. My msn messenger worked however it doesn't anymore. I know my internet is still up because i can still download files but at extremely slow rates. I am running windows vista. i have done adware scans and avira virus scans and noticed the many virus or malwares. some were eradicated while some were not. Also, i am using my other computer via wireless which works perfectly fine. Please help
my hijackthis log
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Razer\Tarantula\razerhid.exe
C:\Program Files\Common Files\PWC3800\PWCam.exe
C:\Windows\VM_STI.EXE
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\Public\SoftRun\NoPhishing\NoPhishing.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Razer\Tarantula\razertra.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\System32\mobsync.exe
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {028CE0D5-6644-428C-B410-9C4D35215261} - C:\PROGRA~1\lowbar\lowbar.dll (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5B953EB9-5F1A-4DC3-8D7B-69DB378370F3} - C:\PROGRA~1\q-search\Q-SEAR~1.DLL (file missing)
O2 - BHO: O - {740F52BA-2C3F-4319-A513-C6F9EF0AA6D1} - C:\Windows\System32\nus\nu.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Daum-빛자루 툴바 - {D7045991-84D6-46D3-8487-84FBEDC21B84} - C:\Program Files\DaumVitzaru\AhnToolbar.dll
O3 - Toolbar: ADDON 툴바 - {F72AA64E-E4C3-4974-B2DF-3F1BF0D2147F} - C:\PROGRA~1\addontb\addontb.dll (file missing)
O3 - Toolbar: 네이버 툴바(&N) - {D09CFF09-A42A-4EDC-9804-E61224F59CA1} - C:\Program Files\naver\NaverToolbar\NaverTB_3_1_1_107.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\JM\JMInsIDE.exe
O4 - HKLM\..\Run: [Tarantula] C:\Program Files\Razer\Tarantula\razerhid.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [PWCam] C:\Program Files\Common Files\PWC3800\PWCam.exe
O4 - HKLM\..\Run: [BigDogPath] C:\Windows\VM_STI.EXE PLEOMAX PWC-3800
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [nsconf] C:\Windows\System32\nsconf.exe
O4 - HKLM\..\Run: [addontb] C:\Program Files\addontb\addontb_u.exe
O4 - HKLM\..\Run: [nus] C:\Windows\System32\nus\nus.exe
O4 - HKLM\..\Run: [q-search] C:\Program Files\q-search\q-searche.exe
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [NoPhishing] C:\Users\Public\SoftRun\NoPhishing\NPUT.exe -s
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Daum검색 (3.0) - res://c:\program files\daumvitzaru\ahntoolbar.dll/213
O8 - Extra context menu item: Daum사전 검색 (3.0) - res://c:\program files\daumvitzaru\ahntoolbar.dll/214
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: 네이버 검색 - res://C:\Program Files\naver\NaverToolbar\NaverTB_3_1_1_107.dll /SEARCH.HTML
O8 - Extra context menu item: 네이버 북마크하기 - res://C:\Program Files\naver\NaverToolbar\NaverTB_3_1_1_107.dll /BOOKMARK.HTML
O8 - Extra context menu item: 네이버 블로그 담기 - res://C:\Program Files\naver\NaverToolbar\NaverTB_3_1_1_107.dll /BLOG.HTML
O8 - Extra context menu item: 네이버 사전 검색 - res://C:\Program Files\naver\NaverToolbar\NaverTB_3_1_1_107.dll /DIC.HTML
O8 - Extra context menu item: 네이버 일한 번역 - res://C:\Program Files\naver\NaverToolbar\NaverTB_3_1_1_107.dll /JKTRANS.HTML
O9 - Extra button: (no name) - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - (no file)
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O9 - Extra button: (no name) - {77BF5300-1474-4EC7-9980-D32B190E9B07} - (no file)
O9 - Extra button: (no name) - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (no file)
O13 - Gopher Prefix:
O15 - Trusted Zone: http://*.arumin.co.kr
O15 - Trusted Zone: http://*.goodi.com
O15 - Trusted Zone: http://*.shinhan.com
O15 - Trusted Zone: http://*.shinhancard.com
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {00001024-A15C-11D4-97A4-0050BF0FBE67} (NetmarbleStarter24 Class) - http://download.netmarble.com/web/nm...MStarter24.cab
O16 - DPF: {00001025-A15C-11D4-97A4-0050BF0FBE67} (NetmarbleStarter25 Class) - http://download.netmarble.com/web/nm...MStarter25.cab
O16 - DPF: {04E7BADF-F3B9-420D-B82D-8D8CADEFE4F9} (CyImage2Ctl Class) - http://cyimg8.cyworld.com/ImageUploa...load_10217.cab
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10...I.cab55579.cab
O16 - DPF: {0A4E624A-F7EA-4313-B721-C5669E0C6266} (TrustSiteAuction Control) - http://download.auction.co.kr/active...uctionCtrl.cab
O16 - DPF: {10093E98-C073-4C75-8D0E-FB5CD3A71D33} (ZoneUpwords Object) - http://messenger.zone.msn.com/binary...s.cab57176.cab
O16 - DPF: {12D50929-57AF-4B39-88B9-03B239E4C72E} (VarovisionPlayer Control) - http://music.tworld.co.kr/varovision...ayerX_1507.cab
O16 - DPF: {15C4019C-C917-4905-999A-99B4EC71B7CF} (DaumPlayerPan Class) - http://listen.daum.net/52st/DaumMPlayer/DaumMPlayer.dll
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab56986.cab
O16 - DPF: {20BBA18F-5BC8-47B5-8FC9-5DFCA8E56A4B} (XacsPop Control) - http://mpi.dacom.net/XMPI/js/LGDacom_XMPI_20090220.cab
O16 - DPF: {286A75C3-11FB-4FB4-AC4A-4DD1B0750050} (INISAFEWeb6 V6 Class) - http://img.shinhan.com/initech/plugi...own/INIS60.cab
O16 - DPF: {36A4B20A-2B75-4101-86CE-F9B03CA4B91C} (DownStarter Control) - http://bgweb.clubbox.co.kr/bin/DownStarter.cab
O16 - DPF: {39461460-2552-4D51-A062-3AB6A7B902E9} (INISAFE Updater Control) - http://img.shinhan.com/shttp/install/down/INIS70.cab
O16 - DPF: {39FC0CF9-86F3-4502-B773-D16706EDEC83} (SCSK Control) - http://img.shinhan.com/rib/common/ke...CSK4_vista.cab
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games ?Buddy Invite) - http://zone.msn.com/BinFrameWork/v10...y.cab55579.cab
O16 - DPF: {42E8651D-C437-4203-93F5-24E20C2C4465} (KvpVCardCtl Control) - https://www.vpay.co.kr/kvpfiles_vist...Card_VISTA.cab
O16 - DPF: {48ECCD73-123C-4C25-A64C-76E8E8A30CAF} (XPayMPIOCX Control) - http://mpi.dacom.net/XPayMPI/Xecure_...XPayMPIOCX.cab
O16 - DPF: {4FE4E8BE-CD7E-42D8-B0EE-E52B360E11AF} (ITmoney Client Control) - http://www.i-tmoney.com/plugin/install/itmny4vista.cab
O16 - DPF: {518059C9-3257-4B29-88EE-102E02DE5F25} (NetmarbleDownloaderCtrl Class) - http://download.netmarble.com/web/NM...Downloader.cab
O16 - DPF: {51B1D5ED-67DC-43F0-A3F8-8502F1A5E404} (nPCom2 Control) - http://update.nprotect.net/nprotect2.....;/npstarter.cab
O16 - DPF: {5267557D-D090-44EA-BCAA-8576A24810C5} (SysInfoCJI Class) - http://download.netmarble.com/web/6N...nformerCJI.cab
O16 - DPF: {53EED863-B547-40F8-B24A-2D6DE807CFE8} (Printmade Control) - http://img.shinhan.com/rib//ko/print/Printmade.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10...t.cab55579.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...n.cab56986.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/...oUploader3.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-PH/.....;/GAME_UNO1.cab
O16 - DPF: {5D9446DB-E849-4B95-9872-D0C21343ABF0} (MAWizard Class) - http://www.csafer.net/ActiveX/MASetupWizard.cab
O16 - DPF: {5DBE942F-CE91-4EED-853F-A1CD022665AF} (DacomCrossDomain Control) - http://pgdownload.dacom.net/common/j...rossDomain.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1195129474027
O16 - DPF: {662B4974-EE36-426D-BD11-E75122E6BE18} (EasyPlugX Control) - http://ec2.kicc.co.kr/PLUGIN_GS/EasyPlugX.cab
O16 - DPF: {66413DC2-F891-40BC-822D-B7EEC8ADC281} (ProWorksGrid Control) - http://img.shinhan.com/rib/common/ProWorksGrid_78.cab
O16 - DPF: {67BC8188-4CDD-4969-8195-10970DE2D8FB} (SIS2005ViewerWeb Class) - http://adult.neomtel.com/activex/vis...xVISWebSKT.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6C46D0C1-1B3C-4D1E-AB6C-3ADEA4D86346} (HLiveRobotVT Control) - http://fx.hauri.net/HProduct/livesui...iveRobotVT.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/de...e/HPDEXAXO.cab
O16 - DPF: {7770D530-D188-4F50-8C8C-23FAD2636EBF} (WawaDisk File Share Control 5) - http://www.wawadisk.com/mmsv/WawaDiskControl.CAB
O16 - DPF: {78D3A4C5-B113-4628-93FA-2D1957092341} (Clubzin Control v3) - http://www.clubzin.co.kr/append/appl...zinControl.CAB
O16 - DPF: {7E9FDB80-5316-11D4-B02C-00C04F0CD404} (XecureWeb 4.0 Client Control) - http://download.softforum.co.kr/Publ...xw_install.cab
O16 - DPF: {8055C6FC-E2F3-4FFF-8385-9D71D57A3CF6} (WebCompass Control) - http://www.mncast.com/cache/dynamic/...x/WSmncast.cab
O16 - DPF: {80AEEC0E-A2BE-4B8D-985F-350FE869DC40} (HPDDClientExec Class) - http://h20264.www2.hp.com/ediags/dd/...sticsVista.cab
O16 - DPF: {820359CA-BD53-4BDF-8393-282FEEAE8C53} (Monkey3ActiveXControl Control) - http://www.monkey3.co.kr/Monkey3Acti...veXControl.cab
O16 - DPF: {858033B9-13BC-4DFE-B62A-78E1FAA0DFD7} (MABugsDownload Control) - http://www.csafer.net/activex/mabugsdownload.cab
O16 - DPF: {8FA8D5F7-7CBA-46D4-9568-68D70C5280E8} (NoPhishingX Control) - http://www.nophishing.co.kr/softrun/SH02/SRNPSH.cab
O16 - DPF: {92E82FBB-DA00-41E0-ABFE-95482E21A4F6} (NMTransX Module) - http://download.netmarble.net/NMChatX/NMTransX.cab
O16 - DPF: {938527D1-CDB7-4147-998A-B20FCA5CC976} (Cdmcco Class) - http://cafeimg.hanmail.net/activex/d...rsion=1,0,0,10
O16 - DPF: {9488BAE7-ED3D-4A77-BBDE-253982910C01} (Mini Control) - http://touch.imbc.com/ActiveX/mini/mini.ocx
O16 - DPF: {99C709C7-4F58-46C1-855B-90213C760395} (V3D Client Control) - https://v3d.kcp.co.kr/file/kcp_ansimclick.cab
O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} (MSN Games ?Texas Holdem Poker) - http://zone.msn.com/bingame/zpagames...e.cab60231.cab
O16 - DPF: {A1832535-5218-42F9-8959-19E2BCABFABF} (INIwallet50 Control) - http://plugin.inicis.com/vista/INIwallet50.cab
O16 - DPF: {A3F9657A-976F-4719-B370-C6F765728C4B} (SecureSession Class) - http://www.dfsshilla.com/secui/clien...fsShillaIE.cab
O16 - DPF: {A4508A45-F1C4-40F3-99B4-0CA08AC77E3B} (Kdfense8 Control) - http://kings.nefficient.co.kr/kings/...2/kdfense8.cab
O16 - DPF: {A8AFF156-AC9A-4513-A9EA-01F63E2AC162} (SunAx Control) - http://sunmuz.sunzio.com/SunAx.cab
O16 - DPF: {A977FF0C-8757-4E76-8533-482F91946233} (Neowiz Login Control) - http://dl.sayclub.com/sayclub/sayctl/sayax.cab
O16 - DPF: {A9F090E5-FC80-4772-AFEE-D102AB6E77D6} (IssacWebProCMS Class) - http://pgdownload.dacom.net/dacom/Is...MS_3_1_0_1.cab
O16 - DPF: {AD514D05-9166-4878-A562-D6F30C1986B8} (MelonUp Class) - http://www.melon.com/cab/P3MelSet.cab
O16 - DPF: {B0A75875-3622-48BA-B5FF-45AD77AC2D0E} (BankPayEFTCtrl Control) - https://download.auction.co.kr/activ...BankPayEFT.cab
O16 - DPF: {B128EFF9-0B1C-4C65-A162-28165A3A0A18} (MakeShop Secure Control) - http://ssl.makeshop.co.kr/ssl/MSecure.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramewor...o.cab56649.cab
O16 - DPF: {B8C4B31D-6DCE-4DF0-BF73-44686849F67D} (PDRInst1 Class) - http://imgcdn.pandora.tv/pan_img/p3p...ge/pdrinst.cab
O16 - DPF: {BC44D4D0-D94D-4031-A76F-DD9B70078B2B} (WawaDisk File Share Control 6) - http://www.wawadisk.com/mmsv/WawaDiskControl.CAB
O16 - DPF: {BCEF5CDE-BAD4-4532-A30B-9D16D502DE69} (BugsInstallEx Control) - http://install.bugs.co.kr/install/BugsInstallerEx.cab
O16 - DPF: {C021A4D6-173F-4BF4-B38C-B12CAA20E518} (Mgoon Launcher Control) - http://www.mgoon.com/launcher.cab
O16 - DPF: {C044CD87-DFB0-4130-A5E4-49361106FBC8} (HanSetupCtrl1010 Class) - http://id.hangame.com/common/HanSetup1020.cab
O16 - DPF: {C1143E84-B2B1-473B-9F20-E62DD754FCAF} (VineTransfer Control) - http://img.shinhan.com/rib/common/in...neTransfer.cab
O16 - DPF: {C39AB2A8-5089-4E8D-82C7-EB256059B99F} (AuHCBase Control) - http://210.92.16.250/auHCBase.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab
O16 - DPF: {CA03E4BD-6232-4680-8C08-3AF1CF46102A} (ClubNex File Share Control 5) - http://www.clubnex.co.kr/mmsv/ClubNexControl.CAB
O16 - DPF: {CBB45291-871B-4ADA-81D0-40D0C89ABD20} (NetmarbleDownloaderExCtrl Class) - http://download.netmarble.com/web/NM...wnloaderEx.cab
O16 - DPF: {CEE326E8-7571-4086-B347-3C0ACA9A9DE8} (PcubeSet Class) - http://player.muz.co.kr/package/inst...3/p3Instal.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} (NPKCX Control) - https://vbv.shinhancard.com/popup/npkcx.cab
O16 - DPF: {D711C9FC-B37A-49C3-8229-2F5F3641D6DB} (DigitalAria MobileFlash 2.0 Control) - http://activex.digitalaria.com/m/MFActiveX.cab
O16 - DPF: {D912AABC-6CB0-416F-85B6-CABBB86FD558} (INIwallet60 Control) - https://plugin.inicis.com/wallet60/I...et60_vista.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games ?Game Communicator) - http://zone.msn.com/binframework/v10...y.cab55579.cab
O16 - DPF: {DA758BB1-5F89-4465-975F-8D7179A4BCF3} (WheelofFortune Object) - http://messenger.zone.msn.com/binary/WoF.cab57176.cab
O16 - DPF: {DB962ED5-C4A1-4B50-8CEB-D6F9CD70A6F8} (Netmarble GameCheck Class) - http://download.netmarble.com/web/NM...MGameCheck.cab
O16 - DPF: {E3FA6DAA-04BF-4AEF-9612-341B2B7A25FC} (Payplus Client Control) - https://pay.kcp.co.kr/plugin/file_vista/payplus.cab
O16 - DPF: {E5A02FD2-A8EF-4E5B-80C1-CB386F95E049} (BtPmntClient Class) - https://plugin.inicis.com/banktown/w...PmntClient.cab
O16 - DPF: {E75386B4-C629-11DB-8338-444553544200} (PcubeSet Class) - http://cyimg7.cyworld.com/cymusic/package/cyinstal.cab
O16 - DPF: {E78928A6-3D2A-4BF7-A100-F3FBAA351B49} (KvpIspCtlD Control) - http://www.vpay.co.kr/kvpfiles_vista...CTLD_VISTA.cab
O16 - DPF: {EA0995BF-45DD-4DB0-ADD5-A39C37397841} (ShbAutoTrustSite Control) - http://img.shinhan.com/rib/common/Tr...TrustSiteX.cab
O16 - DPF: {EC5D5118-9FDE-4A3E-84F3-C2B711740E70} (SKCommAX Control) - http://www.kiwoom.com/SKCommAX/SKCommAX.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab56986.cab
O16 - DPF: {FE342FC7-4374-4EBE-86DB-D73AE861F779} (NaverAXGuide Class) - http://cafe.naver.com/common/activex/NaverAXGuide.cab
O16 - DPF: {FFD77E35-1C34-4EAC-B5A7-414CC5D007DA} (AnsimPlugin Class) - https://www.isaackorea.net/update/ansim/ilkactx.cab
O18 - Protocol: s-http - {D37E6C5F-1C0F-47C0-A3B6-403EEC555402} - C:\Program Files\Initech\SHTTP\InitechSHTTPInterface.10113.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple 모바일 장비 (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: Bonjour 서비스 (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: AhnLab SecuOn Service (bssvc) - AhnLab, Inc. - C:\Program Files\AhnLab\Secuon\bssvc.exe
O23 - Service: @comres.dll,-947 (COMSysApp) - Unknown owner - C:\Windows\system32\dllhost.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod 서비스 (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Mega Network Manager - Unknown owner - C:\Program Files\MegaService\Mmgr.exe
O23 - Service: Mega Network Service - Unknown owner - C:\Program Files\MegaService\Msvc.exe
O23 - Service: Mega Network Update - Unknown owner - C:\Program Files\MegaService\Mudt.exe
O23 - Service: Naver Updater - NHN Corp. - C:\Program Files\Naver\NaverCommon\NaverAdminAPISvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NoPhishing - Unknown owner - C:\Users\Public\SoftRun\NoPhishing\NPNTService (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: npkcmsvc - INCA Internet Co., Ltd. - C:\Windows\system32\npkcmsvc.exe
O23 - Service: nProtect Starter (nPStarterSVC) - Unknown owner - C:\Windows\system32\nPStarterSVC.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
--
End of file - 21343 bytes
my DDS Log
DDS (Ver_09-03-16.01) - NTFSx86
Run by Tae Kyu Kim at 22:53:20.02 on 2009-04-07
Internet Explorer: 7.0.6001.18000
Microsoft Windows Vista Home Premium 6.0.6001.1.949.82.1033.18.3582.2149 [GMT 9:00]
AV: Kaspersky Anti-Virus *On-access scanning enabled* (Outdated)
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Razer\Tarantula\razerhid.exe
C:\Program Files\Common Files\PWC3800\PWCam.exe
C:\Windows\VM_STI.EXE
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\AhnLab\Secuon\bssvc.exe
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Program Files\MegaService\Mmgr.exe
C:\Program Files\MegaService\Mudt.exe
C:\Windows\system32\svchost.exe -k Mplus
C:\Program Files\Naver\NaverCommon\NaverAdminAPISvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Users\Public\SoftRun\NoPhishing\NPNTService.exe
C:\Windows\system32\npkcmsvc.exe
C:\Users\Public\SoftRun\NoPhishing\NPM.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\MegaService\Msvc.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\taskeng.exe
C:\Users\Public\SoftRun\NoPhishing\NoPhishing.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Razer\Tarantula\razertra.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\iTunes\iTunes.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Tae Kyu Kim\Desktop\dds.scr
C:\Windows\system32\conime.exe
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://www.naver.com/
mDefault_Page_URL = hxxp://www.naver.com/
uInternet Settings,ProxyOverride = *.local
BHO: : {028ce0d5-6644-428c-b410-9c4d35215261} - c:\progra~1\lowbar\lowbar.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: : {5b953eb9-5f1a-4dc3-8d7b-69db378370f3} - c:\progra~1\q-search\Q-SEAR~1.DLL
BHO: O: {740f52ba-2c3f-4319-a513-c6f9ef0aa6d1} - c:\windows\system32\nus\nu.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
TB: Daum-빛자루 툴바: {d7045991-84d6-46d3-8487-84fbedc21b84} - c:\program files\daumvitzaru\AhnToolbar.dll
TB: ADDON 툴바: {f72aa64e-e4c3-4974-b2df-3f1bf0d2147f} - c:\progra~1\addontb\addontb.dll
TB: 네이버 툴바(&N): {d09cff09-a42a-4edc-9804-e61224f59ca1} - c:\program files\naver\navertoolbar\NaverTB_3_1_1_107.dll
TB: {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No File
EB: &Mplus Search: {afe6768e-4eaa-4518-b547-0185e6ce0822} - c:\progra~1\mplus\mg_lb_1c.dll
EB: &Mplus Reward: {e7d99126-435f-442e-883a-2ebb7f4c7e40} - c:\progra~1\mplus\mg_rb_1d.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [ppshell]
uRun: [MsnMsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [NoPhishing] c:\users\public\softrun\nophishing\NPUT.exe -s
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [JMB36X IDE Setup] c:\windows\jm\JMInsIDE.exe
mRun: [Tarantula] c:\program files\razer\tarantula\razerhid.exe
mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe
mRun: [PWCam] c:\program files\common files\pwc3800\PWCam.exe
mRun: [BigDogPath] c:\windows\VM_STI.EXE PLEOMAX PWC-3800
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_02\bin\jusched.exe"
mRun: [AVP] "c:\program files\kaspersky lab\kaspersky anti-virus 7.0\avp.exe"
mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [nsconf] c:\windows\system32\nsconf.exe
mRun: [addontb] c:\program files\addontb\addontb_u.exe
mRun: [nus] c:\windows\system32\nus\nus.exe
mRun: [q-search] c:\program files\q-search\q-searche.exe
mRun: [Ad-Watch] c:\program files\lavasoft\ad-aware\AAWTray.exe
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\kodake~1.lnk - c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: &D&ownload &with BitComet - c:\program files\bitcomet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files\bitcomet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files\bitcomet\BitComet.exe/AddAllLink.htm
IE: Daum검색 (3.0) - c:\program files\daumvitzaru\ahntoolbar.dll/213
IE: Daum사전 검색 (3.0) - c:\program files\daumvitzaru\ahntoolbar.dll/214
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: 네이버 검색 - c:\program files\naver\navertoolbar\NaverTB_3_1_1_107.dll /SEARCH.HTML
IE: 네이버 북마크하기 - c:\program files\naver\navertoolbar\NaverTB_3_1_1_107.dll /BOOKMARK.HTML
IE: 네이버 블로그 담기 - c:\program files\naver\navertoolbar\NaverTB_3_1_1_107.dll /BLOG.HTML
IE: 네이버 사전 검색 - c:\program files\naver\navertoolbar\NaverTB_3_1_1_107.dll /DIC.HTML
IE: 네이버 일한 번역 - c:\program files\naver\navertoolbar\NaverTB_3_1_1_107.dll /JKTRANS.HTML
IE: {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - {E7A829CC-671F-4C3D-B590-8C0AEA72E6B2} - c:\program files\bitcomet\tools\BitCometBHO_1.1.7.4.dll
Trusted Zone: arumin.co.kr
Trusted Zone: goodi.com
Trusted Zone: shinhan.com
Trusted Zone: shinhancard.com
DPF: {00001024-A15C-11D4-97A4-0050BF0FBE67} - hxxp://download.netmarble.com/web/nmstarter/NMStarter24.cab
DPF: {00001025-A15C-11D4-97A4-0050BF0FBE67} - hxxp://download.netmarble.com/web/nmstarter/NMStarter25.cab
DPF: {04E7BADF-F3B9-420D-B82D-8D8CADEFE4F9} - hxxp://cyimg8.cyworld.com/ImageUpload/CyImageUpload_10217.cab
DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} - hxxp://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab
DPF: {0A4E624A-F7EA-4313-B721-C5669E0C6266} - hxxp://download.auction.co.kr/activexpay/TrustSiteAuctionCtrl.cab
DPF: {10093E98-C073-4C75-8D0E-FB5CD3A71D33} - hxxp://messenger.zone.msn.com/binary/Upwords.cab57176.cab
DPF: {12D50929-57AF-4B39-88B9-03B239E4C72E} - hxxp://music.tworld.co.kr/varovision/VarovisionPlayerX_1507.cab
DPF: {15C4019C-C917-4905-999A-99B4EC71B7CF} - hxxp://listen.daum.net/52st/DaumMPlayer/DaumMPlayer.dll
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/5/b/0/5b0d4654-aa20-495c-b89f-c1c34c691085/LegitCheckControl.cab
DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: {20BBA18F-5BC8-47B5-8FC9-5DFCA8E56A4B} - hxxp://mpi.dacom.net/XMPI/js/LGDacom_XMPI_20090220.cab
DPF: {286A75C3-11FB-4FB4-AC4A-4DD1B0750050} - hxxp://img.shinhan.com/initech/plugin/new6106/down/INIS60.cab
DPF: {36A4B20A-2B75-4101-86CE-F9B03CA4B91C} - hxxp://bgweb.clubbox.co.kr/bin/DownStarter.cab
DPF: {39461460-2552-4D51-A062-3AB6A7B902E9} - hxxp://img.shinhan.com/shttp/install/down/INIS70.cab
DPF: {39FC0CF9-86F3-4502-B773-D16706EDEC83} - hxxp://img.shinhan.com/rib/common/keyStroke/SoftCamp/402011/SCSK4_vista.cab
DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} - hxxp://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab
DPF: {42E8651D-C437-4203-93F5-24E20C2C4465} - hxxps://www.vpay.co.kr/kvpfiles_vista/KVPCyberCard_VISTA.cab
DPF: {48ECCD73-123C-4C25-A64C-76E8E8A30CAF} - hxxp://mpi.dacom.net/XPayMPI/Xecure_LiveUpdate_XPayMPIOCX.cab
DPF: {4FE4E8BE-CD7E-42D8-B0EE-E52B360E11AF} - hxxp://www.i-tmoney.com/plugin/install/itmny4vista.cab
DPF: {518059C9-3257-4B29-88EE-102E02DE5F25} - hxxp://download.netmarble.com/web/NMGameCheck/NetmarbleDownloader.cab
DPF: {51B1D5ED-67DC-43F0-A3F8-8502F1A5E404} - hxxp://update.nprotect.net/nprotect2007/lgcard/npstarter.cab
DPF: {5267557D-D090-44EA-BCAA-8576A24810C5} - hxxp://download.netmarble.com/web/6N/pccheck/SystemInformerCJI.cab
DPF: {53EED863-B547-40F8-B24A-2D6DE807CFE8} - hxxp://img.shinhan.com/rib//ko/print/Printmade.cab
DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} - hxxp://zone.msn.com/binframework/v10/ZPAChat.cab55579.cab
DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} - hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} - hxxp://upload.facebook.com/controls/FacebookPhotoUploader3.cab
DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/EN-PH/a-UNO1/GAME_UNO1.cab
DPF: {5D9446DB-E849-4B95-9872-D0C21343ABF0} - hxxp://www.csafer.net/ActiveX/MASetupWizard.cab
DPF: {5DBE942F-CE91-4EED-853F-A1CD022665AF} - hxxp://pgdownload.dacom.net/common/js/crossdomain/DacomCrossDomain.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1195129474027
DPF: {662B4974-EE36-426D-BD11-E75122E6BE18} - hxxp://ec2.kicc.co.kr/PLUGIN_GS/EasyPlugX.cab
DPF: {66413DC2-F891-40BC-822D-B7EEC8ADC281} - hxxp://img.shinhan.com/rib/common/ProWorksGrid_78.cab
DPF: {67BC8188-4CDD-4969-8195-10970DE2D8FB} - hxxp://adult.neomtel.com/activex/vis/ver1201/AxVISWebSKT.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {6C46D0C1-1B3C-4D1E-AB6C-3ADEA4D86346} - hxxp://fx.hauri.net/HProduct/livesuite/shinhan/CLIENT/LiveSuiteVT/web/HLiveRobotVT.cab
DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
DPF: {7770D530-D188-4F50-8C8C-23FAD2636EBF} - hxxp://www.wawadisk.com/mmsv/WawaDiskControl.CAB
DPF: {78D3A4C5-B113-4628-93FA-2D1957092341} - hxxp://www.clubzin.co.kr/append/application/ClubzinControl.CAB
DPF: {7E9FDB80-5316-11D4-B02C-00C04F0CD404} - hxxp://download.softforum.co.kr/Published/XecureWeb/v7.2.1.7/xw_install.cab
DPF: {8055C6FC-E2F3-4FFF-8385-9D71D57A3CF6} - hxxp://www.mncast.com/cache/dynamic/activex/WSmncast.cab
DPF: {80AEEC0E-A2BE-4B8D-985F-350FE869DC40} - hxxp://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsVista.cab
DPF: {820359CA-BD53-4BDF-8393-282FEEAE8C53} - hxxp://www.monkey3.co.kr/Monkey3ActiveX/Monkey3ActiveXControl.cab
DPF: {858033B9-13BC-4DFE-B62A-78E1FAA0DFD7} - hxxp://www.csafer.net/activex/mabugsdownload.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {8FA8D5F7-7CBA-46D4-9568-68D70C5280E8} - hxxp://www.nophishing.co.kr/softrun/SH02/SRNPSH.cab
DPF: {92E82FBB-DA00-41E0-ABFE-95482E21A4F6} - hxxp://download.netmarble.net/NMChatX/NMTransX.cab
DPF: {938527D1-CDB7-4147-998A-B20FCA5CC976} - hxxp://cafeimg.hanmail.net/activex/dmcc2.cab?Version=1,0,0,10
DPF: {9488BAE7-ED3D-4A77-BBDE-253982910C01} - hxxp://touch.imbc.com/ActiveX/mini/mini.ocx
DPF: {99C709C7-4F58-46C1-855B-90213C760395} - hxxps://v3d.kcp.co.kr/file/kcp_ansimclick.cab
DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} - hxxp://zone.msn.com/bingame/zpagames/zpa_txhe.cab60231.cab
DPF: {A1832535-5218-42F9-8959-19E2BCABFABF} - hxxp://plugin.inicis.com/vista/INIwallet50.cab
DPF: {A3F9657A-976F-4719-B370-C6F765728C4B} - hxxp://www.dfsshilla.com/secui/client/SecuiDfsShillaIE.cab
DPF: {A4508A45-F1C4-40F3-99B4-0CA08AC77E3B} - hxxp://kings.nefficient.co.kr/kings/kdfx/kdfx312/kdfense8.cab
DPF: {A8AFF156-AC9A-4513-A9EA-01F63E2AC162} - hxxp://sunmuz.sunzio.com/SunAx.cab
DPF: {A977FF0C-8757-4E76-8533-482F91946233} - hxxp://dl.sayclub.com/sayclub/sayctl/sayax.cab
DPF: {A9F090E5-FC80-4772-AFEE-D102AB6E77D6} - hxxp://pgdownload.dacom.net/dacom/IssacWebProCMS_3_1_0_1.cab
DPF: {AD514D05-9166-4878-A562-D6F30C1986B8} - hxxp://www.melon.com/cab/P3MelSet.cab
DPF: {B0A75875-3622-48BA-B5FF-45AD77AC2D0E} - hxxps://download.auction.co.kr/activexpay/20090119/BankPayEFT.cab
DPF: {B128EFF9-0B1C-4C65-A162-28165A3A0A18} - hxxp://ssl.makeshop.co.kr/ssl/MSecure.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
DPF: {B8C4B31D-6DCE-4DF0-BF73-44686849F67D} - hxxp://imgcdn.pandora.tv/pan_img/p3player/package/pdrinst.cab
DPF: {BC44D4D0-D94D-4031-A76F-DD9B70078B2B} - hxxp://www.wawadisk.com/mmsv/WawaDiskControl.CAB
DPF: {BCEF5CDE-BAD4-4532-A30B-9D16D502DE69} - hxxp://install.bugs.co.kr/install/BugsInstallerEx.cab
DPF: {C021A4D6-173F-4BF4-B38C-B12CAA20E518} - hxxp://www.mgoon.com/launcher.cab
DPF: {C044CD87-DFB0-4130-A5E4-49361106FBC8} - hxxp://id.hangame.com/common/HanSetup1020.cab
DPF: {C1143E84-B2B1-473B-9F20-E62DD754FCAF} - hxxp://img.shinhan.com/rib/common/infovine/ver1030/VineTransfer.cab
DPF: {C39AB2A8-5089-4E8D-82C7-EB256059B99F} - hxxp://210.92.16.250/auHCBase.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CA03E4BD-6232-4680-8C08-3AF1CF46102A} - hxxp://www.clubnex.co.kr/mmsv/ClubNexControl.CAB
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CBB45291-871B-4ADA-81D0-40D0C89ABD20} - hxxp://download.netmarble.com/web/NMGameCheck/NetmarbleDownloaderEx.cab
DPF: {CEE326E8-7571-4086-B347-3C0ACA9A9DE8} - hxxp://player.muz.co.kr/package/installer2008_03/p3Instal.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} - hxxps://vbv.shinhancard.com/popup/npkcx.cab
DPF: {D711C9FC-B37A-49C3-8229-2F5F3641D6DB} - hxxp://activex.digitalaria.com/m/MFActiveX.cab
DPF: {D912AABC-6CB0-416F-85B6-CABBB86FD558} - hxxps://plugin.inicis.com/wallet60/INIwallet60_vista.cab
DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} - hxxp://zone.msn.com/binframework/v10/StProxy.cab55579.cab
DPF: {DA758BB1-5F89-4465-975F-8D7179A4BCF3} - hxxp://messenger.zone.msn.com/binary/WoF.cab57176.cab
DPF: {DB962ED5-C4A1-4B50-8CEB-D6F9CD70A6F8} - hxxp://download.netmarble.com/web/NMGameCheck/NMGameCheck.cab
DPF: {E3FA6DAA-04BF-4AEF-9612-341B2B7A25FC} - hxxps://pay.kcp.co.kr/plugin/file_vista/payplus.cab
DPF: {E5A02FD2-A8EF-4E5B-80C1-CB386F95E049} - hxxps://plugin.inicis.com/banktown/wallet/plugin/BtPmntClient.cab
DPF: {E75386B4-C629-11DB-8338-444553544200} - hxxp://cyimg7.cyworld.com/cymusic/package/cyinstal.cab
DPF: {E78928A6-3D2A-4BF7-A100-F3FBAA351B49} - hxxp://www.vpay.co.kr/kvpfiles_vista/KVPISPCTLD_VISTA.cab
DPF: {EA0995BF-45DD-4DB0-ADD5-A39C37397841} - hxxp://img.shinhan.com/rib/common/TrustSite/vista/ShbAutoTrustSiteX.cab
DPF: {EC5D5118-9FDE-4A3E-84F3-C2B711740E70} - hxxp://www.kiwoom.com/SKCommAX/SKCommAX.cab
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
DPF: {FE342FC7-4374-4EBE-86DB-D73AE861F779} - hxxp://cafe.naver.com/common/activex/NaverAXGuide.cab
DPF: {FFD77E35-1C34-4EAC-B5A7-414CC5D007DA} - hxxps://www.isaackorea.net/update/ansim/ilkactx.cab
Handler: s-http - {D37E6C5F-1C0F-47C0-A3B6-403EEC555402} - c:\program files\initech\shttp\InitechSHTTPInterface.10113.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Name-Space Handler: http\s-http - {D37E6C5F-1C0F-47C0-A3B6-403EEC555402} - c:\program files\initech\shttp\InitechSHTTPInterface.10113.dll
Notify: klogon - c:\windows\system32\klogon.dll
AppInit_DLLs: c:\progra~1\kasper~1\kasper~1.0\r3hook.dll
================= FIREFOX ===================
FF - ProfilePath - c:\users\taekyu~1\appdata\roaming\mozilla\firefox\profiles\i55tmwmy.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=utf-8&fr=megaup&p=
---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.allow_platform_file_picker", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.cookie.p3plevel", 1); // 0=low, 1=medium, 2=high, 3=custom
c:\program files\mozilla firefox\greprefs\all.js - pref("network.enablePad", false); // Allow client to do proxy autodiscovery
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.hideGoButton", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.search.param.Google.1.default", "chrome://branding/content/searchconfig.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.search.param.Google.1.custom", "chrome://branding/content/searchconfig.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("signon.prefillForms", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.remoteLookups", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.updateURL", "http://sb.google.com/safebrowsing/update?client={moz:client}&appver={moz:version}&");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.lookupURL", "http://sb.google.com/safebrowsing/lookup?sourceid=firefox-antiphish&features=TrustRank&client={moz:client}&appver={moz:version}&");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.reportURL", "http://sb.google.com/safebrowsing/report?");
============= SERVICES / DRIVERS ===============
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-3-28 64160]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\drivers\klim6.sys [2007-4-4 20760]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2009-4-7 108289]
R2 bssvc;AhnLab SecuOn Service;c:\program files\ahnlab\secuon\bssvc.exe [2008-7-29 390360]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-3-10 951632]
R2 Mega Network Manager;Mega Network Manager;c:\program files\megaservice\Mmgr.exe [2008-12-22 114688]
R2 Mega Network Service;Mega Network Service;c:\program files\megaservice\Msvc.exe [2008-12-22 98304]
R2 Mega Network Update;Mega Network Update;c:\program files\megaservice\Mudt.exe [2008-12-22 90112]
R2 mgsv;Mplus Updater Service;c:\windows\system32\svchost.exe -k Mplus [2008-8-2 21504]
R2 Naver Updater;Naver Updater;c:\program files\naver\navercommon\NaverAdminAPISvc.exe [2007-10-11 111288]
R2 NoPhishing;NoPhishing;c:\users\public\softrun\nophishing\npntservice --> c:\users\public\softrun\nophishing\NPNTService [?]
R3 TarFltr;Razer Tarantula USB Keyboard;c:\windows\system32\drivers\UsbFltr.sys [2007-4-11 45440]
R3 VRVD302;VRVD302;c:\windows\system32\drivers\VRVD302.sys [2008-8-19 11296]
S2 nPStarterSVC;nProtect Starter;c:\windows\system32\npstartersvc.exe --> c:\windows\system32\nPStarterSVC.exe [?]
S3 JRSKD24;JRSKD24;c:\windows\system32\JRSKD24.sys [2009-1-10 10496]
S3 JRSUKD24;JRSUKD24;c:\windows\system32\JRSUKD24.sys [2009-1-10 6784]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;c:\windows\system32\drivers\s115mdfl.sys [2007-4-23 15112]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;c:\windows\system32\drivers\s115mdm.sys [2007-4-23 108680]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s115mgmt.sys [2007-4-23 100488]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;c:\windows\system32\drivers\s115obex.sys [2007-4-23 98568]
S3 scskusbf;USB SCSK Filter Driver Service;c:\windows\system32\drivers\scskusbf.sys [2007-7-30 11385]
S3 scskusbs;USB SCSK Driver Service;c:\windows\system32\drivers\scskusbs.sys [2007-7-30 169109]
S3 shspusb;Samsung High Speed USB Driver disks;c:\windows\system32\drivers\HSPUSB.sys [2008-7-30 17408]
S3 ZSMC302;PLEOMAX PWC-3800;c:\windows\system32\drivers\usbvm302.sys [2007-8-17 90968]
=============== Created Last 30 ================
2009-04-07 02:15 <DIR> --d----- c:\program files\Trend Micro
2009-04-07 01:49 55,640 a------- c:\windows\system32\drivers\avgntflt.sys
2009-04-06 23:18 <DIR> --d----- c:\windows\pss
2009-04-06 22:53 578,149 a------- C:\Autoruns.zip
2009-04-06 21:56 <DIR> --d----- c:\programdata\Avira
2009-04-06 21:56 <DIR> --d----- c:\program files\Avira
2009-04-06 21:56 <DIR> --d----- c:\progra~2\Avira
2009-04-01 11:03 61,440 a------- c:\windows\system32\proDefense.dll
2009-04-01 10:53 <DIR> --d----- c:\program files\Conquer 2.0
2009-03-29 11:54 26,176 a------- c:\windows\system32\INIUAC.exe
2009-03-28 02:00 15,688 a------- c:\windows\system32\lsdelete.exe
2009-03-28 01:49 64,160 a------- c:\windows\system32\drivers\Lbd.sys
2009-03-28 01:48 <DIR> -cd-h--- c:\programdata\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-03-28 01:48 <DIR> -cd-h--- c:\progra~2\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-03-28 01:48 <DIR> --d----- c:\program files\Lavasoft
2009-03-28 01:19 <DIR> --d----- c:\users\tae kyu kim\Tracing
2009-03-28 01:19 <DIR> --d----- c:\program files\Microsoft
2009-03-28 01:18 <DIR> --d----- c:\program files\Windows Live SkyDrive
2009-03-28 01:12 <DIR> --d----- c:\program files\common files\Windows Live
2009-03-19 23:25 <DIR> --d----- c:\program files\naver
2009-03-12 16:14 77,824 a------- c:\windows\system32\srchrun.exe
2009-03-11 18:43 2,033,152 a------- c:\windows\system32\win32k.sys
2009-03-11 18:42 8,147,456 a------- c:\windows\system32\wmploc.DLL
2009-03-11 18:42 7,680 a------- c:\windows\system32\spwmp.dll
2009-03-11 18:42 4,096 a------- c:\windows\system32\msdxm.ocx
2009-03-11 18:42 4,096 a------- c:\windows\system32\dxmasf.dll
2009-03-11 18:41 268,288 a------- c:\windows\system32\schannel.dll
==================== Find3M ====================
2009-04-07 18:31 204,438,560 a--sh--- c:\windows\system32\drivers\fidbox.dat
2009-04-07 09:17 2,742,080 a--sh--- c:\windows\system32\drivers\fidbox.idx
2009-04-01 11:03 192,512 a------- c:\windows\system32\kdfvmgr.exe
2009-04-01 11:03 83,288 a------- c:\windows\system32\kdfapi.dll
2009-04-01 11:03 75,336 a------- c:\windows\system32\Kdfhok.dll
2009-04-01 11:03 678,480 a------- c:\windows\system32\STYJIMZC.exe
2009-03-30 21:37 10,496 a------- c:\windows\system32\JRSKD24.sys
2009-03-30 21:37 6,784 a------- c:\windows\system32\JRSUKD24.sys
2009-02-26 15:04 451,256 a------- c:\windows\system32\NJUninst.exe
2009-02-09 16:58 526,848 a------- c:\windows\system32\setup_adsweeper.exe
2009-02-06 18:52 49,504 a------- c:\windows\system32\sirenacm.dll
2009-02-04 10:05 376,832 a------- c:\windows\system32\XecureCK.dll
2009-01-30 21:20 1,123,000 a------- c:\windows\system32\HanWebMsg1056.dll
2009-01-15 16:39 217,600 a------- c:\windows\system32\sun_install.exe
2009-01-15 15:11 827,392 a------- c:\windows\system32\wininet.dll
2009-01-12 18:54 643,768 a------- c:\windows\system32\HanSetup.exe
2009-01-12 14:47 41,152 a------- c:\windows\system32\HanGamePlugin19.dll
2009-01-12 10:14 40,960 a------- c:\windows\system32\CKComObj.dll
2009-01-10 00:06 128,368 a------- c:\windows\system32\CKSetup.exe
2008-11-27 02:09 143,360 a------- c:\windows\inf\infstrng.dat
2008-11-27 02:09 51,200 a------- c:\windows\inf\infpub.dat
2008-11-27 02:09 86,016 a------- c:\windows\inf\infstor.dat
2008-08-02 21:32 174 a--sh--- c:\program files\desktop.ini
2008-08-02 21:23 665,600 a------- c:\windows\inf\drvindex.dat
2007-11-26 00:39 22,328 a------- c:\users\taekyu~1\appdata\roaming\PnkBstrK.sys
2006-11-02 21:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 21:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 21:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 21:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 18:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 18:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 18:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 18:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
2008-04-04 11:52 16,384 a--sh--- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\history\history.ie5\index.dat
2008-04-04 11:52 32,768 a--sh--- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat
2008-04-04 11:52 16,384 a--sh--- c:\windows\serviceprofiles\localservice\appdata\roaming\microsoft\windows\cookies\index.dat
============= FINISH: 22:54:16.76 ===============
my attach file is attached~
thank you very much
Attached Files
Edited by eastside914, 07 April 2009 - 09:24 AM.