Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Adware


  • This topic is locked This topic is locked
5 replies to this topic

#1 samwiseOrgin

samwiseOrgin

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:03:44 PM

Posted 22 November 2017 - 08:27 PM

Good Morning/Afternoon/Evening Community!

 

While i was on my boss' computer trying to fix microsoft b/c he had 2 versions colliding with each other resulting of documents not to open, I was informed that his PC has been slow for years and found out he had some serious adware problem. I was informed of this information not less than 5 mins ago. 

I am going to post FRST log in the reply when it's done. If someone can assist me from there, your help will be very much appreciated!



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:44 AM

Posted 22 November 2017 - 08:31 PM

Hello. please do steps 6 and 7.

Please follow this Preparation Guide and post in a new topic.
Let me know if all went well..
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 samwiseOrgin

samwiseOrgin
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:03:44 PM

Posted 22 November 2017 - 11:45 PM

Thank you Boopme

 

I have reolved adware issue using adware cleaner provided by Bleeping Computer. 

Running FRST ATM, log will be up sooner or later. 



#4 samwiseOrgin

samwiseOrgin
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:03:44 PM

Posted 22 November 2017 - 11:50 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-11-2017
Ran by aa (administrator) on OFFICE-PC (23-11-2017 13:43:43)
Running from C:\Users\aa\Downloads
Loaded Profiles: aa (Available Profiles: aa)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: 한국어(대한민국)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Interezen. Co., Ltd.) C:\Program Files (x86)\IPinside_LWS\I3GMainSvc.exe
(ESTsoft Corp.) C:\Program Files (x86)\ESTsoft\ALUpdate\eausvc.exe
(EFM networks) C:\Program Files\ipTIME\ipTIME NAS\ipDISK_Drive\ipTIME_ipDISK_Drive.exe
(SOFTFORUM) C:\Program Files (x86)\SoftForum\XecureWeb\AnySign\dll\AnySign4PCLauncher.exe
(Interezen. Co., Ltd.) C:\Program Files (x86)\IPinside_LWS\I3GProc.exe
() C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(AhnLab, Inc.) C:\Program Files\AhnLab\V3Lite30\v3lite.exe
(NAVER Corporation) C:\Program Files\naver\NaverCleaner\ncleaner.exe
(AhnLab, Inc.) C:\Program Files\AhnLab\Safe Transaction\stsess.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Kakao Corp. ) C:\Program Files (x86)\Kakao\KakaoTalk\KakaoTalk.exe
(Dreamsecurity) C:\Program Files (x86)\DreamSecurity\MagicLine4NP\MagicLineNP.exe
(iniLINE Co., Ltd.) C:\Program Files (x86)\iniLINE\CrossEX\crossex\CrossEXService.exe
(NHN Corporation) C:\Program Files (x86)\naver\NaverAgent\NaverAgent.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe
(WIZVERA) C:\Program Files (x86)\Wizvera\Veraport20\veraport.exe
(Wizvera) C:\Program Files (x86)\Wizvera\Delfino-G3\delfino.exe
(Wizvera) C:\Program Files (x86)\KeySharpNxBiz\keysharpnxbiz.exe
() C:\Program Files (x86)\INFovine\UBIKeyService.exe
(GVIX) C:\Program Files (x86)\ExBC\ExBCCtrl.exe
(HANCOM SECURE Inc.) C:\Program Files (x86)\SoftForum\XecureWeb\AnySign\dll\AnySign4PC.exe
(SignKorea) C:\Program Files (x86)\SignKorea\skcert\SKCertService.exe
(Gvix(주)) C:\Program Files (x86)\CCDNService\CCDNService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
() C:\Program Files\ipTIME\ipTIME NAS\ipDISK_Drive\mounter.exe
(GVIX) C:\Program Files (x86)\ExBC\ExBCSvc.exe
(Marvell) C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Initech Co., Ltd.) C:\Program Files (x86)\Initech\common\ClientService\IniClientSvc.exe
(Initech Co., Ltd.) C:\Program Files (x86)\Initech\INISAFE Web EX Client\INISAFECrossWebEXSvc.exe
() C:\Program Files\KCP\kcppayplugin.exe
(Kings Information & Network Co., Ltd) C:\Kings\KOS\KOSSvc.exe
(NAVER Corp.) C:\Program Files (x86)\naver\NaverCommon\NaverAdminAPISvc.exe
(NAVER Corp.) C:\Program Files\naver\NaverCommon\NaverAdminAPISvc.exe
(NAVER Corp.) C:\Program Files (x86)\naver\Naver Comic Viewer\ComicService.exe
(INCA Internet Co., Ltd.) C:\Program Files (x86)\INCAInternet\nProtect Online Security\nossvc.exe
(Kings Information & Network Co., Ltd) C:\Kings\KOS\KOSinj.exe
(INCA Internet Co., Ltd.) C:\Windows\SysWOW64\npkfxsvc.exe
(SGA Solutions) C:\Program Files (x86)\eps\Lib\Support\PWSLocalServer.exe
(AhnLab, Inc.) C:\Program Files\AhnLab\Safe Transaction\asdsvc.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe
(INCA Internet Co., Ltd.) C:\Program Files (x86)\INCAInternet\nProtect Online Security\nosstarter.npe
(AhnLab, Inc.) C:\Program Files\AhnLab\V3Lite30\asdsvc.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(VP Inc.) C:\Program Files (x86)\VP\VPWalletService\VPWalletService.exe
(VP Inc.) C:\Program Files (x86)\VP\VPWalletService\VPWalletDaemon.exe
(WIZVERA) C:\Program Files (x86)\Wizvera\Common\wpmsvc\wpmsvc.exe
(AhnLab, Inc.) C:\Program Files\AhnLab\Safe Transaction\Nz32\stsess32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
(Microsoft Corporation) C:\Windows\System32\Dism.exe
(Farbar) C:\Users\aa\Downloads\FRST64 (1).exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [V3 Application] => C:\Program Files\AhnLab\V3Lite30\V3Lite.exe [2311368 2017-09-13] (AhnLab, Inc.)
HKLM\...\Run: [NCleaner] => C:\Program Files\naver\NaverCleaner\ncleaner.exe [3252888 2016-12-12] (NAVER Corporation)
HKLM\...\Run: [AhnLab Safe Transaction Application] => C:\Program Files\AhnLab\Safe Transaction\stsess.exe [4849368 2017-11-13] (AhnLab, Inc.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] ()
HKLM\...\Run: [Korean IME Migration] => C:\Program Files\Common Files\Microsoft Shared\IME12\IMEKR\IMKRMIG.EXE [43808 2006-10-26] (Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [wizvera-veraport] => C:\Program Files (x86)\Wizvera\Veraport20\veraport.exe [1415400 2015-11-23] (WIZVERA)
HKLM-x32\...\Run: [wizvera-delfino-pc] => C:\Program Files (x86)\Wizvera\Delfino-G3\delfino.exe [15326736 2016-02-02] (Wizvera)
HKLM-x32\...\Run: [keysharpbiz] => C:\Program Files (x86)\KeySharpNxBiz\keysharpnxbiz.exe [12677872 2015-09-21] (Wizvera)
HKLM-x32\...\Run: [UBIKey] => C:\Program Files (x86)\INFovine\UBIKeyService.exe [4109168 2016-06-28] ()
HKLM-x32\...\Run: [ipinside-lws] => C:\Program Files (x86)\IPinside_LWS\I3GProc.exe [269088 2017-01-20] (Interezen. Co., Ltd.)
HKLM-x32\...\Run: [확장된 브라우저 컨트롤러] => C:\Program Files (x86)\ExBC\ExBCCtrl.exe [1689176 2017-04-04] (GVIX)
HKLM-x32\...\Run: [AnySign4PC] => C:\Program Files (x86)\SoftForum\XecureWeb\AnySign\dll\AnySign4PC.exe [2397168 2016-09-01] (HANCOM SECURE Inc.)
HKLM-x32\...\Run: [SKCertService Client] => C:\Program Files (x86)\SignKorea\skcert\SKCertService.exe [1990152 2016-05-02] (SignKorea)
HKLM-x32\...\Run: [ALMountTray] => C:\Program Files (x86)\ESTsoft\ALZip\ALMountTray.exe [2131672 2017-09-13] (ESTsoft Corp.)
HKLM-x32\...\Run: [Korean IME Migration] => C:\Program Files (x86)\Common Files\microsoft shared\IME12\IMEKR\IMKRMIG.EXE [26400 2006-10-26] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4202491627-2688634506-2428423890-1000\...\Run: [KakaoTalk] => C:\Program Files (x86)\Kakao\KakaoTalk\KakaoTalk.exe [8546112 2017-11-20] (Kakao Corp. )
HKU\S-1-5-21-4202491627-2688634506-2428423890-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-4202491627-2688634506-2428423890-1000\...\Run: [MagicLine4NP] => C:\Program Files (x86)\DreamSecurity\MagicLine4NP\MagicLineNP.exe [3257736 2016-03-02] (Dreamsecurity)
HKU\S-1-5-21-4202491627-2688634506-2428423890-1000\...\Run: [CrossEXService] => C:\Program Files (x86)\iniLINE\CrossEX\crossex\CrossEXService.exe [1414168 2016-07-14] (iniLINE Co., Ltd.)
HKU\S-1-5-21-4202491627-2688634506-2428423890-1000\...\Run: [NaverAgent] => C:\Program Files (x86)\naver\NaverAgent\NaverAgent.exe [1840464 2014-10-24] (NHN Corporation)
HKU\S-1-5-21-4202491627-2688634506-2428423890-1000\...\MountPoints2: {a163aaa9-6b89-11e7-89e9-806e6f6e6963} - E:\SISetup.exe
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Network PC Fax.lnk [2017-08-03]
ShortcutTarget: Samsung Network PC Fax.lnk -> C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe (Samsung Electronics Co., Ltd.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 210.94.0.73
Tcpip\..\Interfaces\{40B68BA5-4AF2-470D-A7A4-12E73F6568CF}: [DhcpNameServer] 210.94.0.73
 
Internet Explorer:
==================
HKU\S-1-5-21-4202491627-2688634506-2428423890-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://zum.com/?af=gt
HKU\S-1-5-21-4202491627-2688634506-2428423890-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/ko-kr/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {FFECAB6B-3FD5-48E2-9A4C-0E6193CF988B} URL = hxxp://esearch.ilikeclick.com/ilikeclick/?ec=20077999&MD=B&TT=%BC%D5%BD%AC%BF%EE+%B0%CB%BB%F6+-+%C0%CC%C1%F6%BC%AD%C4%A1&HK=&AT=&PL=10&TP=4&BT=4&query={searchTerms}
SearchScopes: HKU\.DEFAULT -> {FFECAB6B-3FD5-48E2-9A4C-0E6193CF988B} URL = hxxp://esearch.ilikeclick.com/ilikeclick/?ec=20077999&MD=B&TT=%BC%D5%BD%AC%BF%EE+%B0%CB%BB%F6+-+%C0%CC%C1%F6%BC%AD%C4%A1&HK=&AT=&PL=10&TP=4&BT=4&query={searchTerms}
BHO: 네이버 세이프가드 -> {000011A1-74C9-4c7e-9B4E-59B5765CF409} -> c:\program files\naver\navertoolbar\naversafeguard\nsafeguard_2016_5_23_1.dll [2017-04-21] (NAVER Corp.)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-11-20] (Microsoft Corporation)
BHO: 네이버 툴바 도우미 -> {67C41E9E-2EBF-4F2B-AF74-314F0D793172} -> C:\Program Files\naver\NaverToolbar\NaverTB_4_0_30_300.dll [2017-04-25] (NAVER Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2017-11-08] (Microsoft Corporation)
BHO-x32: 네이버 세이프가드 -> {000011A1-74C9-4c7e-9B4E-59B5765CF409} -> c:\program files (x86)\naver\navertoolbar\naversafeguard\nsafeguard_2016_5_23_1.dll [2017-04-21] (NAVER Corp.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems Incorporated)
BHO-x32: 네이버 툴바 도우미 -> {67C41E9E-2EBF-4F2B-AF74-314F0D793172} -> C:\Program Files (x86)\naver\NaverToolbar\NaverTB_4_0_30_302.dll [2017-07-11] (NAVER Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2017-11-20] (Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKLM - 네이버 툴바 - {D09CFF09-A42A-4EDC-9804-E61224F59CA1} - C:\Program Files\naver\NaverToolbar\NaverTB_4_0_30_300.dll [2017-04-25] (NAVER Corp.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - 네이버 툴바 - {D09CFF09-A42A-4EDC-9804-E61224F59CA1} - C:\Program Files (x86)\naver\NaverToolbar\NaverTB_4_0_30_302.dll [2017-07-11] (NAVER Corp.)
DPF: HKLM-x32 {1CBDCD5A-18EE-4CCA-9AEA-93D5D27E310B} hxxp://update.nprotect.net/keycrypt/fsb/nhcapital/cab/npkfxx_1505271.cab
DPF: HKLM-x32 {1CEB15C5-CEE7-4424-94E2-60B2FFC68849} hxxps://www.tradesign.net/download/TradeInstaller_sha2.cab
DPF: HKLM-x32 {24F6E6A8-852C-45A8-ADD3-C4AB0D6FD231} hxxps://plugin.inicis.com/wallet61/INIwallet61_vista.cab
DPF: HKLM-x32 {2B93D4DA-2E44-4D93-B290-F9BA3E95EDFA} hxxp://patch1.pdpop.com/appx/PDPopAXCtrl.cab
DPF: HKLM-x32 {37D91428-0E1B-4154-9771-D977CE193864} hxxp://download.softforum.co.kr/Published/KSCertRlayW/v1.0.1.6/KSCertRelayW.cab
DPF: HKLM-x32 {39461460-2552-4D51-A062-3AB6A7B902E9} hxxp://img.shinhan.com/shttp/install/72013/down/INIS70.cab
DPF: HKLM-x32 {39FC0CF9-86F3-4502-B773-D16706EDEC83} hxxp://img.shinhan.com/nexrib2/common/keyStroke/SoftCamp/403210/SCSK4_VISTA.cab
DPF: HKLM-x32 {6CE20149-ABE3-462E-A1B4-5B549971AA38} C:\Users\aa\Downloads\TouchEnKey_Installer (2).exe
DPF: HKLM-x32 {99C709C7-4F58-46C1-855B-90213C760395} hxxps://pay.kcp.co.kr//plugin_new/file/kcp_ansimclick.cab
DPF: HKLM-x32 {9A09EAA0-EC66-4A07-B6C8-B54C27BC94A6} hxxp://cdn.nicepay.co.kr/dn/ags/plugin/test/AGSWalletforVista1005.cab
DPF: HKLM-x32 {A2561EA5-D4C6-4C3D-97C7-67F2C12416AD} hxxps://download.raonsecure.com/KSCertRelay/v2.1.0.2/ibk/KSCertRelay.cab
DPF: HKLM-x32 {A5261EF0-76F0-4D9C-891C-56813163D9DA} hxxps://822.co.kr/download/_cab/KoinoLoader.cab
DPF: HKLM-x32 {A56A1518-A259-4109-98B3-06A30F09AB1B} hxxps://srtk.hometax.go.kr/JXmailActiveX_2.cab
DPF: HKLM-x32 {B33FEBDC-FF38-4D0F-9C76-58C4733947AD} hxxp://download.signgate.com/download/certmgt/3.0.0.29/AxSignGATE.cab
DPF: HKLM-x32 {B9B38E70-EEF6-4E3A-AE84-DDE59A053B7C} hxxp://mail2.daum.net/hanmail-ax/DaumActiveX/2_0_1_8/DaumActiveX.cab?ver=2,0,1,8
DPF: HKLM-x32 {C1143E84-B2B1-473B-9F20-E62DD754FCAF} 
DPF: HKLM-x32 {C1339348-E262-4F01-9DCD-B162A29C1276} hxxps://pgdownload.uplus.co.kr/dacom/IssacWebProCMS_4_5_0_10_oovi.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {DD8C54E8-9028-4A54-96B9-30761B1F80DF} hxxp://loan.nhcapital.co.kr/initech/plugin/down/INIS60.cab
DPF: HKLM-x32 {E78928A6-3D2A-4BF7-A100-F3FBAA351B49} hxxp://www.vpay.co.kr/kvpfiles_new/KVPISPCTLD_VISTA64.cab
DPF: HKLM-x32 {F939FEB8-9518-4A4A-BE60-D10FFB9557F2} hxxp://update.nprotect.net/netizenv55/bank/fsb/81/fsbdev/win10/npenkIEInstall5.cab
DPF: HKLM-x32 {FE342FC7-4374-4EBE-86DB-D73AE861F779} hxxps://cloud.naver.com/activex/NaverAXGuide.cab?151119
Handler-x32: crosswebex - {dcd6ae90-ee9a-11e6-a777-005056c00008} - C:\Program Files (x86)\INITECH\INISAFE Web EX Client\bridge\CrossEX\crosswebex\1.0.1.1021\CrossEXProtocol.dll [2017-02-09] (iniLINE Co., Ltd.)
Handler: kos-loader - {06D7B628-D2C0-484D-A912-6F0AD1CBF875} - C:\Users\aa\AppData\LocalLow\kdefense\kosldr64.dll [2016-02-23] (Kings Information & Network Co., Ltd.)
Handler-x32: kos-loader - {06D7B628-D2C0-484D-A912-6F0AD1CBF875} - C:\Users\aa\AppData\LocalLow\kdefense\kosldr.dll [2016-02-23] (Kings Information & Network Co., Ltd.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-08] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-08] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-08] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-08] (Microsoft Corporation)
Handler-x32: s-http - {D37E6C5F-1C0F-47C0-A3B6-403EEC555402} - C:\Program Files (x86)\Initech\SHTTP\InitechSHTTPInterface.11018.dll [2016-02-29] (© INITECH)
Handler: secukitnx - {84f3fcde-9c99-11e5-90c1-005056c00008} - C:\Program Files\KICA\SecukitNX\CrossEX\secukitnx\1.0.1.846\CrossEXProtocol.dll [2015-12-07] (iniLINE Co., Ltd.)
Handler-x32: secukitnx - {84f3fcde-9c99-11e5-90c1-005056c00008} - C:\Program Files (x86)\KICA\SecukitNX\CrossEX\secukitnx\1.0.1.846\CrossEXProtocol.dll [2015-12-07] (iniLINE Co., Ltd.)
Handler-x32: setNTB - {9FD1305E-4C8F-4974-A4C1-A92B98D5DBD6} - C:\Program Files (x86)\naver\NaverToolbar\NTBProtocol.dll [2017-07-11] (NAVER Corp.)
Handler: smartmanagerex - {3d062750-4a63-11e6-a84d-005056c00008} -  No File
Handler-x32: touchenex - {4a20e600-8604-11e6-a5d1-005056c00008} - C:\Program Files (x86)\RaonSecure\bridge\CrossEX\touchenex\1.0.1.981\CrossEXProtocol.dll [2016-09-29] (iniLINE Co., Ltd.)
 
FireFox:
========
FF HKU\S-1-5-21-4202491627-2688634506-2428423890-1000\...\Firefox\Extensions: [npSandBox@initech.com] - C:\Program Files (x86)\initech\INISAFE SandBox V1\npSandBox.xpi
FF Extension: (INISAFE SandBox) - C:\Program Files (x86)\initech\INISAFE SandBox V1\npSandBox.xpi [2014-11-10] [Lagacy] [not signed]
FF Plugin-x32: @ahnlab.com/asp/npaosmgr.1 -> C:\Program Files (x86)\AhnLab\ASP\Components\aosmgr\npaosmgr.dll [2017-05-31] (AhnLab, Inc.)
FF Plugin-x32: @ahnlab.com/asp/npmkd25sp -> C:\Program Files (x86)\AhnLab\ASP\MyKeyDefense 2.5\npmkd25sp.dll [2016-06-22] (AhnLab, Inc.)
FF Plugin-x32: @clipsoft.com/rexpert30 -> C:\Program Files (x86)\clipsoft\rexpert30\bin\viewer\nprexpert3.0.plugin.dll [2016-07-15] ( )
FF Plugin-x32: @gomtv.com/gomtvx-plugin -> C:\Program Files (x86)\Common Files\GRETECH\npgomtvx_nie.dll [2013-05-28] (Gretech Corporation)
FF Plugin-x32: @interezen.co.kr/npi3gmanager -> C:\Program Files (x86)\Interezen\Plugins\NPI3GManager.dll [2017-07-21] (Interezen © Interezen.)
FF Plugin-x32: @lguplus.co.kr/application/lguplus-xpayplugin,version=1.0.5.1 -> C:\Program Files (x86)\XPayPlugin\npXPayPlugin_1.0.5.1.dll [2016-04-28] (LG Uplus Corp)
FF Plugin-x32: @markany.com/npMAOnFPS_COURT_OZWeb -> C:\Users\aa\AppData\Local\MarkAny\npMAOnFPS_COURT_OZWeb.dll [2016-09-20] (MarkAny)
FF Plugin-x32: @markany.com/npMAOnFPS_COURT_PrtChk -> C:\Users\aa\AppData\Local\MarkAny\npMAOnFPS_COURT_PrtChk.dll [2015-02-06] (MarkAny)
FF Plugin-x32: @markany.com/npMAOnFPS_COURT_PrtList -> C:\Users\aa\AppData\Local\MarkAny\npMAOnFPS_COURT_PrtList.dll [2015-08-31] (MarkAny)
FF Plugin-x32: @markany.com/npMAOnFPS_MultiBrowser2 -> C:\Users\aa\AppData\Local\MarkAny\npMAOnFPS_MultiBrowser2.dll [2014-09-04] (MarkAny)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-10-19] (Microsoft Corporation)
FF Plugin-x32: @nprotect.com/keycrypt -> C:\Windows\SysWOW64\npkfxmp.dll [2015-08-13] (INCA Internet Co., Ltd.)
FF Plugin-x32: @nprotect.com/npEfdsWPlugin -> C:\Users\aa\AppData\Local\nProtect\npEfdsWCtrl\npEfdsWPlugin.dll [2013-11-01] (INCA Internet Co., Ltd)
FF Plugin-x32: @nprotect.com/nProtect Netizen v5.5 -> C:\Program Files (x86)\INCAInternet\nProtect Netizen v5.5\npenkOBInstall5.dll [2016-05-04] (INCA Internet Co., Ltd)
FF Plugin-x32: @raonsecure.com/npKSCertRelay -> C:\Program Files (x86)\KeySharp\kscertrelay\npKSCertRelay.dll [2017-01-19] (RaonSecure Co., Ltd.)
FF Plugin-x32: @softforum.com/npKeyPro -> C:\Windows\system32\npKeyPro.dll [No File]
FF Plugin-x32: @softforum.com/npXecureMacuxNPPlugin -> C:\Program Files (x86)\Softforum\XecureWeb\NPPlugin\dll\npXecureMacuxNPPlugin.dll [2014-06-02] (Softforum Co., LTD.)
FF Plugin-x32: @softforum.com/npXEVplugin -> C:\Program Files (x86)\SoftForum\XecureExpress\npXEVplugin.dll [2013-05-24] (SoftForum Co., Ltd.)
FF Plugin-x32: @softforum.com/npxwebplugins -> C:\Program Files (x86)\SoftForum\XecureWeb\ActiveX\npxwebplugin.dll [2016-09-01] (SoftForum Co., Ltd.)
FF Plugin-x32: @softforum.com/npxwebplugins_file -> C:\Program Files (x86)\SoftForum\XecureWeb\ActiveX\npxwebplugin_file.dll [2016-09-01] (SoftForum Co., Ltd.)
FF Plugin-x32: @softforum.com/xwmfPlugin -> C:\Program Files (x86)\Softforum\XecureWeb FCMS\NPPlugin\dll\npxwmfplugin.dll [2015-08-20] (Softforum Co., LTD.)
FF Plugin-x32: @SoftSecurity.com/npTEFWplugin -> C:\Windows\system32\NPTEFW.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @wideline.net/EZKeytecPlugin -> C:\Program Files (x86)\WideLine\Easykeytec v2.1\npEZKeytecPlugin.dll [2015-07-27] (Wideline, Inc. )
FF Plugin-x32: @wideline.net/EZKeytecPlugins -> C:\Program Files (x86)\WideLine\Easykeytec v2.1\npEZKeytecPlugins.dll [2015-07-27] (Wideline, Inc. )
FF Plugin-x32: @wizvera.com/npdolphin -> C:\Program Files (x86)\Wizvera\Delfino\npdelfinoplugin.dll [2016-02-12] (Wizvera)
FF Plugin-x32: @wizvera.com/npVeraport20 -> C:\Program Files (x86)\Wizvera\Veraport20\npveraport20.dll [2015-11-23] ()
FF Plugin-x32: @www.ubikey.co.kr/application/npvinetransfer-plugin -> C:\Program Files (x86)\INFovine\npVineTransfer.dll [2015-07-16] (INFOVINE)
FF Plugin-x32: crosswebex@iniline.com/npCrossEXPlugin -> C:\Program Files (x86)\INITECH\INISAFE Web EX Client\bridge\CrossEX\crosswebex\1.0.1.1021\npinilinecrosswebex.dll [2017-02-09] (iniLINE Co., Ltd.)
FF Plugin-x32: secukitnx@kica.com/npCrossEXPlugin -> C:\Program Files (x86)\KICA\SecukitNX\CrossEX\secukitnx\1.0.1.846\npkicasecukitnx.dll [2015-12-07] (iniLINE Co., Ltd.)
FF Plugin-x32: touchenex@raon.com/npCrossEXPlugin -> C:\Program Files (x86)\RaonSecure\bridge\CrossEX\touchenex\1.0.1.981\npraontouchenex.dll [2016-09-29] (iniLINE Co., Ltd.)
FF Plugin HKU\S-1-5-21-4202491627-2688634506-2428423890-1000: @ahnlab.com/asp/npmkd25sp -> C:\Program Files (x86)\AhnLab\ASP\MyKeyDefense 2.5\npmkd25sp.dll [2016-06-22] (AhnLab, Inc.)
FF Plugin HKU\S-1-5-21-4202491627-2688634506-2428423890-1000: @designmade.com/application/designmade-printmade -> C:\Program Files (x86)\Printmade2\npPrintmade2.dll [2015-07-10] ( )
FF Plugin HKU\S-1-5-21-4202491627-2688634506-2428423890-1000: @iniline.com/npCrossWeb -> C:\Users\aa\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{0AB9084F-0EF8-499a-A461-DE46D3C4A45B}\plugins\npCrossWeb.dll [2015-07-09] (INITECH Co., Ltd.)
FF Plugin HKU\S-1-5-21-4202491627-2688634506-2428423890-1000: @initech.com/npSandBox -> C:\Program Files (x86)\initech\INISAFE SandBox V1\npSandBox.10052.dll [2014-11-10] (Initech Co., Ltd.)
FF Plugin HKU\S-1-5-21-4202491627-2688634506-2428423890-1000: @naver.com/npNLiveCast -> C:\Users\aa\AppData\Roaming\Mozilla\Plugins\NPNLiveCast.dll [2015-10-07] (NAVER Corp.)
FF Plugin HKU\S-1-5-21-4202491627-2688634506-2428423890-1000: @naver.com/npNLiveCast64 -> C:\Users\aa\AppData\Roaming\Mozilla\Plugins\NPNLiveCast64.dll [2015-10-07] (NAVER Corp.)
FF Plugin HKU\S-1-5-21-4202491627-2688634506-2428423890-1000: @raonsecure.com/npKSCertRelay -> C:\Program Files (x86)\KeySharp\kscertrelay\npKSCertRelay.dll [2017-01-19] (RaonSecure Co., Ltd.)
FF Plugin HKU\S-1-5-21-4202491627-2688634506-2428423890-1000: @softforum.com/npXEVplugin -> C:\Program Files (x86)\SoftForum\XecureExpress\npXEVplugin.dll [2013-05-24] (SoftForum Co., Ltd.)
FF Plugin HKU\S-1-5-21-4202491627-2688634506-2428423890-1000: @softforum.com/npxwebplugins -> C:\Program Files (x86)\SoftForum\XecureWeb\ActiveX\npxwebplugin.dll [2016-09-01] (SoftForum Co., Ltd.)
FF Plugin HKU\S-1-5-21-4202491627-2688634506-2428423890-1000: @softforum.com/npxwebplugins_file -> C:\Program Files (x86)\SoftForum\XecureWeb\ActiveX\npxwebplugin_file.dll [2016-09-01] (SoftForum Co., Ltd.)
FF Plugin HKU\S-1-5-21-4202491627-2688634506-2428423890-1000: @www.ubikey.co.kr/application/npvinetransfer-plugin -> C:\Program Files (x86)\INFovine\npVineTransfer.dll [2015-07-16] (INFOVINE)
FF Plugin HKU\S-1-5-21-4202491627-2688634506-2428423890-1000: www.navercorp.com/NDownloaderObj -> C:\Users\aa\AppData\Roaming\NAVER\FileDownloader\npNDownloaderObj_1_0_0_35.dll [2014-03-13] (NAVER Corp.)
FF Plugin HKU\S-1-5-21-4202491627-2688634506-2428423890-1000: www.navercorp.com/NDownloaderObjX64 -> C:\Users\aa\AppData\Roaming\NAVER\FileDownloader\npNDownloaderObj64_1_0_0_35.dll [2014-03-13] (NAVER Corp.)
FF Plugin ProgramFiles/Appdata: C:\Users\aa\AppData\Roaming\mozilla\plugins\NPNLiveCast.dll [2015-10-07] (NAVER Corp.)
FF Plugin ProgramFiles/Appdata: C:\Users\aa\AppData\Roaming\mozilla\plugins\npNLiveCast64.dll [2015-10-07] (NAVER Corp.)
 
Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\aa\AppData\Local\Google\Chrome\User Data\Default [2017-11-23]
CHR Profile: C:\Users\aa\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-11-23]
CHR Extension: (프레젠테이션) - C:\Users\aa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (문서) - C:\Users\aa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google 드라이브) - C:\Users\aa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-08]
CHR Extension: (YouTube) - C:\Users\aa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-08]
CHR Extension: (스프레드시트) - C:\Users\aa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Google 문서 오프라인) - C:\Users\aa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-09]
CHR Extension: (AdBlock) - C:\Users\aa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-11-14]
CHR Extension: (Chrome 웹 스토어 결제) - C:\Users\aa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-23]
CHR Extension: (Gmail) - C:\Users\aa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-08]
CHR Extension: (Chrome Media Router) - C:\Users\aa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-17]
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 ALMountService; C:\Program Files (x86)\ESTsoft\ALZip\ALMountService.exe [228568 2017-09-13] (ESTsoft Corp.)
R2 ALUpdateService; C:\Program Files (x86)\ESTsoft\ALUpdate\eausvc.exe [381384 2017-03-22] (ESTsoft Corp.)
R2 AnySign4PC Launcher; C:\Program Files (x86)\SoftForum\XecureWeb\AnySign\dll\AnySign4PCLauncher.exe [2278384 2016-09-01] (SOFTFORUM)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [18656 2011-02-02] ()
R2 CCDN Service; C:\Program Files (x86)\CCDNService\CCDNService.exe [1925272 2016-12-20] (Gvix(주))
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8063656 2017-11-02] (Microsoft Corporation)
R2 DokanMounter; C:\Program Files\ipTIME\ipTIME NAS\ipDISK_Drive\mounter.exe [14848 2013-08-29] () [File not signed]
R2 Extended Brower Controler Service; C:\Program Files (x86)\ExBC\ExBCSvc.exe [115288 2017-04-04] (GVIX)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2016-02-15] (Macrovision Europe Ltd.) [File not signed]
R2 HPM1210RcvFaxSrvc; C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [355840 2009-11-18] (Marvell) [File not signed]
R2 I3GMainSvc; C:\Program Files (x86)\IPinside_LWS\I3GMainSvc.exe [240440 2017-01-20] (Interezen. Co., Ltd.)
S3 IMGSF50_Svc; C:\Windows\IMGSF50Svc.exe [70968 2015-11-25] (MarkAny)
R2 INISAFEClientManager; C:\Program Files (x86)\initech\common\ClientService\IniClientSvc.exe [221800 2017-05-23] (Initech Co., Ltd.)
S2 KCPTOTALPLUGIN; c:\Program Files\KCP\kcppayservice.exe [30784 2016-02-17] ()
R2 KOS_Service; C:\Kings\KOS\KOSSvc.exe [8009976 2016-02-15] (Kings Information & Network Co., Ltd)
S3 MyFw40Service; C:\Program Files\AhnLab\ASP\MyFirewall 4.0\ASDSvc.exe [681120 2016-08-30] (AhnLab, Inc.)
R2 Naver Updater; C:\Program Files (x86)\Naver\NaverCommon\NaverAdminAPISvc.exe [270480 2016-11-24] (NAVER Corp.)
R2 Naver Updater_x64; C:\Program Files\Naver\NaverCommon\NaverAdminAPISvc.exe [332432 2016-11-24] (NAVER Corp.)
R2 NaverComicService; C:\Program Files (x86)\Naver\Naver Comic Viewer\ComicService.exe [142304 2016-03-25] (NAVER Corp.)
S3 NCleanService; C:\Program Files\naver\NaverCleaner\NCleanService.exe [991384 2016-12-12] (NAVER Corporation)
R2 nossvc; C:\Program Files (x86)\INCAInternet\nProtect Online Security\nossvc.exe [1726800 2017-08-31] (INCA Internet Co., Ltd.)
R2 npkfxsvc; C:\Windows\SysWow64\npkfxsvc.exe [203600 2016-03-29] (INCA Internet Co., Ltd.)
R2 PSSWSCSVC; C:\Program Files (x86)\EPS\Lib\Support\PWSLocalServer.exe [925384 2016-11-23] (SGA Solutions)
R2 SafeTransactionSVC; C:\Program Files\AhnLab\Safe Transaction\ASDSvc.exe [690880 2017-09-20] (AhnLab, Inc.)
R2 Samsung Network Fax Server; C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe [793280 2014-11-04] (Samsung Electronics Co., Ltd.)
R2 V3 Service; C:\Program Files\AhnLab\V3Lite30\ASDSvc.exe [690880 2017-09-12] (AhnLab, Inc.)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2012-12-12] (VIA Technologies, Inc.)
R2 VPWalletService; C:\Program Files (x86)\VP\VPWalletService\VPWalletService.exe [977320 2017-11-01] (VP Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
R2 WizveraPMSvc; C:\Program Files (x86)\Wizvera\Common\wpmsvc\wpmsvc.exe [924848 2015-09-21] (WIZVERA)
S2 NATService; C:\Program Files (x86)\NAT Service\natsvc.exe [X]
S2 SDLRunS; C:\Users\aa\AppData\Roaming\SPEEDD~1\speeddownsvc.exe [X]
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AhnFlt2K; C:\Windows\system32\drivers\AhnFlt2K.sys [84048 2015-09-03] (AhnLab, Inc.)
S3 AhnRec2K; C:\Windows\system32\drivers\AhnRec2K.sys [36280 2015-09-03] (AhnLab, Inc.)
R3 AhnRghNt; C:\Windows\system32\drivers\AhnRghNt.sys [84488 2017-09-05] (AhnLab, Inc.)
R1 AMonLWLH; C:\Windows\System32\DRIVERS\amonlwlh.sys [61112 2015-03-12] (AhnLab, Inc.)
R1 AMonTDLH; C:\Windows\system32\Drivers\AMonTDLH.sys [155256 2017-08-29] (AhnLab, Inc.)
S3 AntiStealth_MYFIREWALL40ASD; C:\Program Files\AhnLab\ASP\MyFirewall 4.0\AHAWKENT.sys [62720 2016-08-25] (AhnLab, Inc.)
S3 AntiStealth_MYFIREWALL40ASDF; C:\Program Files\AhnLab\ASP\MyFirewall 4.0\TfFRegNt.sys [200832 2016-08-25] (AhnLab, Inc.)
R3 AntiStealth_SafeTransaction; C:\Program Files\AhnLab\Safe Transaction\AHAWKENT.sys [61664 2017-09-05] (AhnLab, Inc.)
R3 AntiStealth_SafeTransactionF; C:\Program Files\AhnLab\Safe Transaction\TfFRegNt.sys [197152 2017-09-05] (AhnLab, Inc.)
R3 AntiStealth_V3LITE30; C:\Program Files\AhnLab\V3Lite30\AHAWKENT.sys [61664 2017-09-05] (AhnLab, Inc.)
R3 AntiStealth_V3LITE30F; C:\Program Files\AhnLab\V3Lite30\TfFRegNt.sys [197152 2017-09-05] (AhnLab, Inc.)
S3 ascrts_SafeTransaction; C:\Program Files\AhnLab\Safe Transaction\asc\ascrts.sys [3447128 2017-11-22] (AhnLab, Inc.)
S3 ascrts_V3LITE30; C:\Program Files\AhnLab\V3Lite30\asc\ascrts.sys [3447128 2017-11-22] (AhnLab, Inc.)
S3 ATamptNt_MYFIREWALL40ASD; C:\Program Files\AhnLab\ASP\MyFirewall 4.0\atamptnt.sys [342768 2016-08-25] (AhnLab, Inc.)
R3 ATamptNt_SafeTransaction; C:\Program Files\AhnLab\Safe Transaction\atamptnt.sys [337496 2017-08-29] (AhnLab, Inc.)
R1 ATamptNt_V3LITE30; C:\Program Files\AhnLab\V3Lite30\atamptnt.sys [337496 2017-08-29] (AhnLab, Inc.)
R1 CBFilterFS; C:\Windows\system32\drivers\cbfltfs.sys [154816 2013-08-16] (EldoS Corporation)
R3 Cdm2DrNt; C:\Windows\system32\Drivers\Cdm2DrNt.sys [92296 2017-05-23] (AhnLab, Inc.)
R3 dfmirage; C:\Windows\System32\DRIVERS\dfmirage.sys [36432 2008-03-05] (DemoForge, LLC)
R2 Dokan; C:\Windows\system32\drivers\dokan.sys [120408 2013-08-29] (Windows ® Win 7 DDK provider)
R3 HCVDRV3; C:\Windows\System32\DRIVERS\HCVDRV3.sys [11992 2012-01-26] (Cnesty)
S3 HP1210FAX; C:\Windows\System32\Drivers\HPM1210FAX.sys [16384 2009-12-04] ()
R3 HSBDrv64; C:\Windows\System32\drivers\HSBDrv64.sys [140112 2017-10-18] (AhnLab, Inc.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-10-28] (Intel Corporation)
S3 ISMgr; C:\Windows\system32\ImageSAFERDrv64.sys [11256 2009-11-26] ()
R3 JRSUKD25; C:\Windows\system32\JRSUKD25.SYS [40232 2017-01-10] (RaonSecure Co., Ltd.)
S3 JRTDIFW; C:\Windows\system32\JRTDIFW.sys [17184 2017-01-19] (SoftSecurity Corporation)
S3 kck64; C:\Windows\system32\kck64.sys [101152 2016-10-31] (Kings Information & Network)
S3 MeDCoreD_SafeTransaction; C:\Program Files\AhnLab\Safe Transaction\MeDCoreD.sys [1024312 2017-11-03] (AhnLab, Inc.)
R3 MeDCoreD_V3LITE30; C:\Program Files\AhnLab\V3Lite30\MeDCoreD.sys [1024312 2017-11-03] (AhnLab, Inc.)
S3 MeDVpDrv_SafeTransaction; C:\Program Files\AhnLab\Safe Transaction\MeDVpDrv.sys [619832 2017-11-03] (AhnLab, Inc.)
R3 MeDVpDrv_V3LITE30; C:\Program Files\AhnLab\V3Lite30\MeDVpDrv.sys [619832 2017-11-03] (AhnLab, Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-03-20] (Intel Corporation)
S3 Mkd2Bthf; C:\Windows\System32\drivers\Mkd2Bthf.sys [119856 2017-09-01] (AhnLab, Inc.)
R3 Mkd2Nadr; C:\Windows\System32\drivers\Mkd2Nadr.sys [160840 2017-09-01] (AhnLab, Inc.)
R3 Mkd3kfNt; C:\Windows\System32\drivers\Mkd3kfNt.sys [205648 2017-11-01] (AhnLab, Inc.)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2009-12-04] (Marvell Semiconductor, Inc.)
R3 noskp; C:\Windows\syswow64\noskp64.sys [50064 2017-08-04] (INCA Internet Co.,Ltd.)
R3 nosku; C:\Windows\syswow64\nosku64.sys [58896 2017-07-24] (INCA Internet Co.,Ltd.)
S3 NPFW; C:\Windows\system32\NPFWVT64.sys [154312 2014-04-02] (INCA Internet Co.,Ltd.)
S3 NPFW; C:\Windows\SysWOW64\NPFWVT64.sys [154312 2014-04-02] (INCA Internet Co.,Ltd.)
S3 NPIDS; C:\Windows\system32\NpIdsVt64.sys [89352 2013-09-09] (INCA Internet Co.,Ltd.)
S3 NPIDS; C:\Windows\SysWOW64\NpIdsVt64.sys [89352 2013-09-09] (INCA Internet Co.,Ltd.)
S3 npkfxp; c:\windows\syswow64\npkfxp.sys [28152 2017-10-17] (INCA Internet Co.,Ltd.)
S3 npkfxu; c:\windows\syswow64\npkfxu.sys [37416 2017-10-17] (INCA Internet Co.,Ltd.)
R3 np_ck64s; C:\Windows\syswow64\np_ck64s.sys [75680 2017-10-17] (INCA Internet Co.,Ltd.)
S3 ProDefense; C:\Windows\system32\drivers\ProDefense.sys [28552 2017-09-08] (Bluegem Security)
S3 scsk5; C:\Windows\SysWow64\drivers\scsk5.sys [51560 2017-08-04] ()
R3 TKCtrl; C:\Windows\system32\TKCtrl2k64.sys [147240 2016-05-03] (INCA Internet Co., Ltd.)
R3 TKCtrl; C:\Windows\SysWOW64\TKCtrl2k64.sys [136528 2014-05-21] (INCA Internet Co., Ltd.)
R3 TKFsAvM; C:\Windows\system32\TKFsAv64.sys [198808 2017-08-07] (INCA Internet Co., Ltd.)
R3 TKFsFtM; C:\Windows\system32\TKFsFt64.sys [28824 2014-07-07] (INCA Internet Co., Ltd.)
R1 TKFWFV; C:\Windows\System32\TKFWFV64.sys [34400 2013-11-27] (INCA Internet Co., Ltd.)
S3 TKFWVT; C:\Windows\system32\TKFWVT64.sys [199856 2017-01-18] (INCA Internet Co.,Ltd.)
S3 TkIdsVt; C:\Windows\system32\TkIdsVt64.sys [118904 2017-07-24] (INCA Internet Co.,Ltd.)
R3 TKPcFt; C:\Windows\system32\TKPcFtCb64.sys [54504 2017-04-17] (INCA Internet Co., Ltd.)
R3 TKRgAc; C:\Windows\system32\TKRgAc2k64.sys [115760 2017-08-01] (INCA Internet Co., Ltd.)
R3 TKRgFt; C:\Windows\system32\TKRgFtXp64.sys [68968 2017-08-01] (INCA Internet Co., Ltd.)
S3 TNFwNt_MYFIREWALL40ASD; C:\Program Files\AhnLab\ASP\MyFirewall 4.0\TNFwNt.sys [172816 2016-08-25] (AhnLab, Inc.)
S3 TNFwNt_SafeTransaction; C:\Program Files\AhnLab\Safe Transaction\TNFwNt.sys [156624 2017-05-24] (AhnLab, Inc.)
S3 TNNipsNt_MYFIREWALL40ASD; C:\Program Files\AhnLab\ASP\MyFirewall 4.0\TNNipsNt.sys [213352 2016-08-25] (AhnLab, Inc.)
S3 TNNipsNt_SafeTransaction; C:\Program Files\AhnLab\Safe Transaction\TNNipsNt.sys [197784 2017-09-14] (AhnLab, Inc.)
S3 TSFLTDRV_SafeTransaction; C:\Program Files\AhnLab\Safe Transaction\tsfltdrv.sys [521896 2017-09-11] (AhnLab, Inc.)
R1 TSFLTDRV_V3LITE30; C:\Program Files\AhnLab\V3Lite30\tsfltdrv.sys [521896 2017-09-11] (AhnLab, Inc.)
S3 JRSKD24; \??\C:\Windows\system32\JRSKD24.SYS [X]
S3 x64kdss; syswow64\Drivers\x64kdss.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-11-23 13:43 - 2017-11-23 13:44 - 000037117 _____ C:\Users\aa\Downloads\FRST.txt
2017-11-23 13:43 - 2017-11-23 13:43 - 002391552 _____ (Farbar) C:\Users\aa\Downloads\FRST64 (1).exe
2017-11-23 13:43 - 2017-11-23 13:43 - 000000000 ____D C:\FRST
2017-11-23 13:38 - 2017-11-23 13:38 - 000281552 _____ C:\Windows\Minidump\112317-17940-01.dmp
2017-11-23 13:34 - 2017-11-23 13:34 - 002391552 _____ (Farbar) C:\Users\aa\Downloads\FRST64.exe
2017-11-23 13:33 - 2017-11-23 13:37 - 000000000 ____D C:\AdwCleaner
2017-11-23 13:33 - 2017-11-23 13:33 - 008261584 _____ (Malwarebytes) C:\Users\aa\Downloads\AdwCleaner.exe
2017-11-23 11:09 - 2017-11-23 11:09 - 000000000 ____D C:\Users\Happy.Bus.Day.2016.720p.HDRip.H264.AAC-JAYENT.egg
2017-11-23 11:09 - 2017-11-22 17:55 - 1792405478 _____ C:\Users\Happy.Bus.Day.2016.720p.HDRip.H264.AAC-JAYENT.egg\Happy.Bus.Day.2016.720p.HDRip.H264.AAC-JAYENT.mp4
2017-11-23 10:15 - 2017-11-23 10:15 - 000000000 ___HD C:\Users\aa\Documents\$#UPD4I
2017-11-23 10:15 - 2017-11-23 10:15 - 000000000 ___HD C:\$#UPD4I
2017-11-22 16:34 - 2017-11-22 16:34 - 000000000 ____D C:\Users\aa\AppData\LocalLow\AEGIS
2017-11-22 16:27 - 2017-11-22 16:27 - 000000000 ____D C:\Program Files (x86)\Aegis Enterprise inc
2017-11-22 16:26 - 2017-11-22 16:26 - 000000000 ____D C:\Users\aa\AppData\Local\Downloaded Installations
2017-11-16 17:17 - 2017-11-16 17:33 - 1711810518 _____ C:\Users\The.Outlaws.2017.1280x720.HD-Movement.mp4
2017-11-16 17:07 - 2017-11-16 17:07 - 002398187 _____ C:\Users\aa\Desktop\기성관련20171116.xlsx
2017-11-16 16:12 - 2017-11-16 16:12 - 000187005 _____ C:\Users\aa\Desktop\복사본 4.17년09월2차_자재_테라솔루션(외자재-통신)_5회-김진성.xlsx
2017-11-10 10:14 - 2017-11-10 17:25 - 000065233 _____ C:\Users\회사\2017년 10일급여정산20171110.xlsx
2017-11-08 15:05 - 2017-11-08 15:05 - 000000000 ____D C:\Users\MEMOIR.OF.A.MURDERER.2016.720p.HDRip.H264.AC3-PCHD.egg
2017-11-08 15:05 - 2017-11-07 19:24 - 2625704176 _____ C:\Users\MEMOIR.OF.A.MURDERER.2016.720p.HDRip.H264.AC3-PCHD.egg\MEMOIR.OF.A.MURDERER.2016.720p.HDRip.H264.AC3-PCHD.mkv
2017-11-08 15:04 - 2017-11-08 15:04 - 000001771 _____ C:\Users\Public\Desktop\AhnLab V3 Zip 2.0.lnk
2017-11-08 14:54 - 2017-11-08 14:54 - 000000000 ____D C:\Users\The.Fortress.2017.720p.HDRip.H264.AAC-PCHD.egg
2017-11-08 14:54 - 2017-11-07 18:58 - 3447770879 ____N C:\Users\The.Fortress.2017.720p.HDRip.H264.AAC-PCHD.egg\The.Fortress.2017.720p.HDRip.H264.AAC-PCHD.mkv
2017-11-08 13:48 - 2017-11-08 13:50 - 000000000 ____D C:\Users\[멜론] 2017년 11월 06일 실시간 TOP100.egg
2017-11-08 13:09 - 2017-11-08 13:10 - 915674364 _____ C:\Users\최신곡.zip
2017-11-07 17:19 - 2017-11-07 17:21 - 000000000 ____D C:\Program Files (x86)\VP
2017-11-07 17:15 - 2017-11-07 17:19 - 000000000 ____D C:\Users\aa\Documents\Koino
2017-11-07 15:34 - 2017-11-07 15:34 - 000065951 _____ C:\Users\aa\Desktop\2017년 10일법인급여신고20171107.xlsx
2017-11-06 12:38 - 2017-11-06 12:38 - 000000000 ____D C:\Users\aa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Daum
2017-11-06 12:38 - 2017-11-06 12:38 - 000000000 ____D C:\Program Files (x86)\Daum
2017-11-06 11:22 - 2017-11-06 11:22 - 004765279 _____ (ffdshow ) C:\Users\aa\Downloads\ffdshow_rev4532_20140717_clsid (1).exe
2017-11-03 16:25 - 2017-11-03 16:26 - 010793856 _____ C:\Users\aa\Downloads\VPISPPlusSetup_V2101.exe
2017-11-02 17:25 - 2017-11-02 17:25 - 000008331 _____ C:\Users\aa\Downloads\전체이용내역조회_20171102172519.zip
2017-11-02 17:21 - 2017-11-02 17:21 - 002419432 _____ (Initech Co., Ltd.) C:\Users\aa\Downloads\SmartManagerEX (2).exe
2017-11-02 17:20 - 2017-11-02 17:20 - 002419432 _____ (Initech Co., Ltd.) C:\Users\aa\Downloads\SmartManagerEX (1).exe
2017-11-02 16:36 - 2017-11-02 16:37 - 000000000 ____D C:\Users\2017.09.10 벅스 성인가용 챠트 100.egg
2017-11-02 16:34 - 2017-11-02 16:35 - 675879987 _____ C:\Users\2017.09.10 벅스 성인가용 챠트 100.egg.zip
2017-11-02 15:25 - 2017-11-02 15:25 - 000000000 ____D C:\Users\aa\AppData\Local\Packages
2017-11-02 14:37 - 2017-11-02 14:37 - 000659536 _____ (Soft25 Inc ) C:\Users\aa\Downloads\JXMailEnterprisePlugin (14).exe
2017-11-01 14:31 - 2017-11-02 12:36 - 000036701 _____ C:\Users\aa\Desktop\OI-ATO17080012(Invoice)-20170906 10h18m03s.pdf
2017-10-31 16:01 - 2017-10-31 16:04 - 1997240547 _____ C:\Users\S07E02.1080p.KorSub.HDTV.x264.mkv
2017-10-31 12:45 - 2017-10-31 12:46 - 583671089 _____ C:\Users\SD(mkv)\Fear.the.Walking.Dead.S03E15-E16.HDTV.x264.PROPER-SVA.mkv
2017-10-31 12:45 - 2017-10-31 12:45 - 264916510 _____ C:\Users\SD(mkv)\Fear.the.Walking.Dead.S03E14.HDTV.x264-SVA.mkv
2017-10-31 12:45 - 2017-10-31 12:45 - 000201133 _____ C:\Users\SD(mkv)\Fear.the.Walking.Dead.S03E15-E16.HDTV.x264.PROPER-SVA.smi
2017-10-31 12:44 - 2017-10-31 12:44 - 238119182 _____ C:\Users\SD(mkv)\Fear.the.Walking.Dead.S03E13.HDTV.x264-FLEET.mkv
2017-10-31 12:44 - 2017-10-31 12:44 - 000091277 _____ C:\Users\SD(mkv)\Fear.the.Walking.Dead.S03E14.HDTV.x264-SVA.smi
2017-10-31 12:44 - 2017-10-31 12:44 - 000081163 _____ C:\Users\SD(mkv)\Fear.the.Walking.Dead.S03E13.HDTV.x264-FLEET.smi
2017-10-31 12:43 - 2017-10-31 12:44 - 398990703 _____ C:\Users\SD(mkv)\Fear.the.Walking.Dead.S03E12.WEB-DL.x264-RARBG.mp4
2017-10-31 12:43 - 2017-10-31 12:43 - 000080825 _____ C:\Users\SD(mkv)\Fear.the.Walking.Dead.S03E12.WEB-DL.x264-RARBG.smi
2017-10-31 12:42 - 2017-10-31 12:43 - 403451432 _____ C:\Users\SD(mkv)\Fear.the.Walking.Dead.S03E11.WEB-DL.x264-RARBG.mp4
2017-10-31 12:42 - 2017-10-31 12:42 - 292165568 _____ C:\Users\SD(mkv)\Fear.the.Walking.Dead.S03E10.WEB-DL.x264-RARBG.mp4
2017-10-31 12:42 - 2017-10-31 12:42 - 000101845 _____ C:\Users\SD(mkv)\Fear.the.Walking.Dead.S03E10.WEB-DL.x264-RARBG.smi
2017-10-31 12:42 - 2017-10-31 12:42 - 000095655 _____ C:\Users\SD(mkv)\Fear.the.Walking.Dead.S03E11.WEB-DL.x264-RARBG.smi
2017-10-31 12:41 - 2017-10-31 12:42 - 268395486 _____ C:\Users\SD(mkv)\Fear.the.Walking.Dead.S03E09.WEB-DL.x264-RARBG.mp4
2017-10-31 12:41 - 2017-10-31 12:41 - 000120837 _____ C:\Users\SD(mkv)\Fear.the.Walking.Dead.S03E09.WEB-DL.x264-RARBG.smi
2017-10-31 12:40 - 2017-10-31 12:41 - 323869009 _____ C:\Users\SD(mkv)\Fear.the.Walking.Dead.S03E08.WEB-DL.x264-RARBG.mp4
2017-10-31 12:40 - 2017-10-31 12:40 - 259528530 _____ C:\Users\SD(mkv)\Fear.the.Walking.Dead.S03E07.WEB-DL.x264-RARBG.mp4
2017-10-31 12:40 - 2017-10-31 12:40 - 000128064 _____ C:\Users\SD(mkv)\Fear.the.Walking.Dead.S03E07.WEB-DL.x264-RARBG.smi
2017-10-31 12:40 - 2017-10-31 12:40 - 000104759 _____ C:\Users\SD(mkv)\Fear.the.Walking.Dead.S03E08.WEB-DL.x264-RARBG.smi
2017-10-31 12:39 - 2017-10-31 12:40 - 271549805 _____ C:\Users\SD(mkv)\Fear.the.Walking.Dead.S03E06.WEB-DL.x264-RARBG.mp4
2017-10-31 12:39 - 2017-10-31 12:39 - 000133718 _____ C:\Users\SD(mkv)\Fear.the.Walking.Dead.S03E06.WEB-DL.x264-RARBG.smi
2017-10-31 12:36 - 2017-11-10 17:47 - 000000000 ____D C:\Users\SD(mkv)
2017-10-31 12:17 - 2017-10-31 12:20 - 1292349488 _____ C:\Users\Game.of.Thrones.S07E04.720p.WEB-DL.DDP5.1.H.264-GoT.mkv
2017-10-31 12:17 - 2017-10-31 12:17 - 000062923 _____ C:\Users\Game.of.Thrones.S07E04.720p.WEB-DL.DDP5.1.H.264-GoT.smi
2017-10-31 11:54 - 2017-10-31 11:54 - 000046515 _____ C:\Users\aa\Desktop\Traffic 2차분Invoice  Packing List 20171031(한신).pdf
2017-10-31 11:28 - 2017-10-31 11:28 - 461794720 _____ C:\Users\Game.of.Thrones.S07E07.WEB.H264-STRiFE.mkv
2017-10-31 11:28 - 2017-10-31 11:28 - 000096005 _____ C:\Users\Game.of.Thrones.S07E07.WEB.H264-STRiFE.smi
2017-10-31 11:26 - 2017-10-31 11:28 - 951911798 _____ C:\Users\Game.of.Thrones.S07E06.WEB.h264-TBS.mkv
2017-10-31 11:26 - 2017-10-31 11:26 - 000067841 _____ C:\Users\Game.of.Thrones.S07E06.WEB.h264-TBS.smi
2017-10-31 11:22 - 2017-10-31 11:26 - 795744511 _____ C:\Users\Game.of.Thrones.S07E05.WEB.h264.REPACK-TBS.mkv
2017-10-31 11:22 - 2017-10-31 11:22 - 000076293 _____ C:\Users\Game.of.Thrones.S07E05.WEB.h264.REPACK-TBS.smi
2017-10-31 11:16 - 2017-10-31 11:16 - 000055743 _____ C:\Users\Game.of.Thrones.S07E06.XviD-AFG.smi
2017-10-31 11:11 - 2017-10-31 11:13 - 847619038 _____ C:\Users\Game.of.Thrones.S07E03.WEB.h264-TBS.mkv
2017-10-31 11:11 - 2017-10-31 11:11 - 000084077 _____ C:\Users\Game.of.Thrones.S07E03.WEB.h264-TBS.smi
2017-10-30 18:23 - 2017-10-30 18:23 - 306090602 _____ C:\Users\Game.of.Thrones.S07E01.HDTV.x264-SVA.mkv
2017-10-30 18:23 - 2017-10-30 18:23 - 000065006 _____ C:\Users\Game.of.Thrones.S07E01.HDTV.x264-SVA.smi
2017-10-27 17:01 - 2017-10-27 17:01 - 000000000 ____D C:\Users\Resurrected.Victims.2017.1080p.H264.AAC-Unknown.egg
2017-10-27 17:01 - 2017-10-26 22:16 - 3741097017 ____N C:\Users\Resurrected.Victims.2017.1080p.H264.AAC-Unknown.egg\Resurrected.Victims.2017.1080p.H264.AAC-Unknown.mp4
2017-10-24 19:03 - 2017-10-24 19:03 - 000064821 _____ C:\Users\회사\2017년 25일급여정산20171025.xlsx
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-11-23 13:39 - 2017-07-20 12:26 - 000000000 ____D C:\ProgramData\CCDN
2017-11-23 13:38 - 2016-10-18 16:04 - 875225322 _____ C:\Windows\MEMORY.DMP
2017-11-23 13:38 - 2016-10-18 16:04 - 000000000 ____D C:\Windows\Minidump
2017-11-23 13:38 - 2009-07-14 14:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-11-23 13:37 - 2017-07-19 15:22 - 000000000 ___RD C:\Users\aa\Documents\.
2017-11-23 13:37 - 2009-07-14 13:45 - 000010512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-11-23 13:37 - 2009-07-14 13:45 - 000010512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-11-23 13:30 - 2017-07-18 17:27 - 000000000 ____D C:\james@guardon.co.kr - james
2017-11-23 11:51 - 2016-07-27 13:20 - 000000000 ____D C:\Program Files (x86)\GRETECH
2017-11-23 11:09 - 2017-07-20 12:25 - 000000000 ____D C:\Program Files (x86)\pdpopx
2017-11-23 11:02 - 2016-02-15 12:09 - 000166984 _____ C:\Users\aa\AppData\Local\GDIPFONTCACHEV1.DAT
2017-11-23 10:49 - 2017-07-20 12:27 - 000010717 _____ C:\Users\aa\AppData\Roaming\dp.dat
2017-11-23 10:49 - 2017-07-20 12:26 - 000000000 ____D C:\Users\aa\AppData\LocalLow\ExBC
2017-11-23 10:18 - 2017-07-18 18:45 - 000000000 ____D C:\Users\aa\AppData\Roaming\Nas_Drive_Cache
2017-11-23 10:18 - 2016-02-15 12:03 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-11-23 10:16 - 2017-08-07 17:52 - 000002340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2017-11-23 10:13 - 2009-07-14 13:45 - 005211656 _____ C:\Windows\system32\FNTCACHE.DAT
2017-11-23 10:11 - 2009-07-14 11:34 - 000000478 _____ C:\Windows\win.ini
2017-11-23 09:32 - 2017-01-31 09:06 - 000000000 ____D C:\Users\aa\AppData\LocalLow\IPinside
2017-11-22 18:55 - 2017-07-19 15:12 - 000000000 ____D C:\Users\aa\Desktop\업무일지
2017-11-22 17:28 - 2010-11-22 02:21 - 000429954 _____ C:\Windows\system32\perfh012.dat
2017-11-22 17:28 - 2010-11-22 02:21 - 000121046 _____ C:\Windows\system32\perfc012.dat
2017-11-22 17:28 - 2009-07-14 14:13 - 001329062 _____ C:\Windows\system32\PerfStringBackup.INI
2017-11-22 17:28 - 2009-07-14 12:20 - 000000000 ____D C:\Windows\inf
2017-11-22 16:27 - 2009-07-14 14:32 - 000000000 ____D C:\Windows\Downloaded Program Files
2017-11-22 15:23 - 2016-03-11 10:06 - 000000172 _____ C:\Users\aa\AppData\LocalLow\.delfino.conf
2017-11-22 11:52 - 2016-02-15 13:10 - 003353240 _____ (AhnLab, Inc.) C:\Windows\system32\btscan.exe
2017-11-22 09:35 - 2017-08-07 17:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-11-20 18:20 - 2017-07-18 17:13 - 000500224 _____ C:\Users\aa\Desktop\연락처20170718.xls
2017-11-15 19:07 - 2017-07-18 19:36 - 000000000 ____D C:\Users\회사
2017-11-15 12:40 - 2016-05-04 11:46 - 000000000 ____D C:\Users\aa\AppData\Local\ElevatedDiagnostics
2017-11-15 09:45 - 2016-02-15 13:08 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-11-15 09:45 - 2016-02-15 13:08 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-11-15 09:45 - 2016-02-15 13:08 - 000004104 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-11-15 09:45 - 2016-02-15 13:08 - 000000000 ____D C:\Windows\system32\Macromed
2017-11-15 09:45 - 2016-02-15 12:34 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-11-14 17:58 - 2016-02-26 10:06 - 000000000 ____D C:\Users\aa\AppData\LocalLow\Naver
2017-11-14 17:58 - 2016-02-26 10:06 - 000000000 ____D C:\Program Files\naver
2017-11-14 17:58 - 2016-02-26 10:06 - 000000000 ____D C:\Program Files (x86)\naver
2017-11-14 17:09 - 2016-02-15 14:46 - 000003116 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-11-14 17:09 - 2016-02-15 14:46 - 000002988 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-11-14 09:40 - 2016-02-15 14:46 - 000002169 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chrome.lnk
2017-11-08 15:04 - 2016-02-15 13:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AhnLab
2017-11-08 15:04 - 2016-02-15 13:09 - 000000000 ____D C:\Program Files\AhnLab
2017-11-08 14:53 - 2016-04-15 14:50 - 000000000 ___SD C:\Users\aa\AppData\LocalLow\Temp
2017-11-07 17:19 - 2015-08-12 17:53 - 000214584 _____ (SoftCamp Co.,Ltd.) C:\Windows\SysWOW64\SCSKLoader.exe
2017-11-07 17:18 - 2016-04-28 15:58 - 000000000 ____D C:\Users\aa\AppData\LocalLow\KVP
2017-11-07 16:09 - 2017-08-07 14:59 - 000000000 ____D C:\Users\회사\월별지급
2017-11-03 16:38 - 2017-10-17 18:35 - 000000000 ____D C:\Program Files (x86)\TradeSign
2017-11-03 16:37 - 2017-09-05 10:22 - 000000000 ____D C:\Program Files (x86)\KICA
2017-11-03 16:37 - 2016-12-13 14:40 - 000000000 ____D C:\Program Files (x86)\VOICEYE
2017-11-03 16:36 - 2017-08-07 17:56 - 000000000 ___RD C:\Users\aa\OneDrive
2017-11-03 16:36 - 2017-07-24 10:08 - 000000000 ____D C:\Program Files (x86)\jmi
2017-11-03 16:36 - 2016-12-13 14:40 - 000000000 ____D C:\Users\aa\AppData\Local\MarkAny
2017-11-03 16:36 - 2016-04-25 11:29 - 000000000 ____D C:\Program Files (x86)\DreamSecurity
2017-11-01 01:45 - 2016-03-29 14:09 - 000205648 _____ (AhnLab, Inc.) C:\Windows\system32\Drivers\mkd3kfnt.sys
 
==================== Files in the root of some directories =======
 
2017-07-20 12:27 - 2017-11-23 10:49 - 000010717 _____ () C:\Users\aa\AppData\Roaming\dp.dat
2016-04-28 15:52 - 2016-04-28 16:04 - 000084155 _____ () C:\Users\aa\AppData\Local\issacweb.log
2016-09-29 09:32 - 2016-09-29 09:32 - 000004096 ____H () C:\Users\aa\AppData\Local\keyfile3.drm
 
Some files in TEMP:
====================
2017-11-02 15:24 - 2017-11-14 17:58 - 005423192 _____ (NAVER Corp.) C:\Users\aa\AppData\Local\Temp\InstToolbar.exe
2017-11-02 15:24 - 2017-11-02 15:24 - 001762800 _____ () C:\Users\aa\AppData\Local\Temp\NaverAdminAPISetup_x64.exe
2017-11-02 15:25 - 2017-11-02 15:25 - 001160960 _____ () C:\Users\aa\AppData\Local\Temp\NaverAdminAPISetup_x86.exe
2017-11-02 15:24 - 2017-11-14 17:58 - 000454936 _____ () C:\Users\aa\AppData\Local\Temp\NaverAgent_Setup.exe
2017-11-02 15:24 - 2017-11-02 15:24 - 001486944 _____ (NHN Corp.) C:\Users\aa\AppData\Local\Temp\NaverCommonUpdaterInst.exe
2017-11-20 16:32 - 2017-11-20 16:32 - 000015872 _____ () C:\Users\aa\AppData\Local\Temp\NsisCrypt.dll
2017-11-22 16:36 - 2017-11-22 16:36 - 001288864 _____ () C:\Users\aa\AppData\Local\Temp\VpKeyboardSetup64.exe
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe
[2010-11-21 12:24] - [2011-01-16 08:01] - 000389632 _____ (Microsoft Corporation) 87A00ED70FEC36D0DD968E5058C29AA1
 
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll
[2010-11-21 12:24] - [2009-07-14 10:41] - 001008640 _____ (Microsoft Corporation) E573BD9AB55C8E333C202B9E255F972E
 
C:\Windows\SysWOW64\User32.dll
[2010-11-21 12:24] - [2009-10-21 14:53] - 000833024 _____ (Microsoft Corporation) 2C9CC9F492CA596B1B9FC1AE5E916356
 
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2017-11-20 11:32
 
==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-11-2017
Ran by aa (23-11-2017 13:44:52)
Running from C:\Users\aa\Downloads
Windows 7 Professional Service Pack 1 (X64) (2016-02-15 02:49:19)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
aa (S-1-5-21-4202491627-2688634506-2428423890-1000 - Administrator - Enabled) => C:\Users\aa
Administrator (S-1-5-21-4202491627-2688634506-2428423890-500 - Administrator - Disabled)
Guest (S-1-5-21-4202491627-2688634506-2428423890-501 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: V3 Lite (Enabled - Up to date) {F53321E8-06B4-04FE-3F4B-C79E730117D6}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: V3 Lite (Enabled - Up to date) {4E52C00C-208E-0B70-05FB-FCEC08865D6B}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-4202491627-2688634506-2428423890-1000\...\uTorrent) (Version: 3.4.9.43295 - BitTorrent Inc.)
Adobe Acrobat 9 Pro - Korean (HKLM-x32\...\{AC76BA86-1042-0000-7760-000000000004}{AC76BA86-1042-0000-7760-000000000004}) (Version: 9.0.0 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Creative Suite 5.5 Master Collection (HKLM-x32\...\{D57FC112-312E-4D70-860F-2DB8FB6858F0}) (Version: 5.5 - Adobe Systems Incorporated)
Adobe Flash Player 27 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 27.0.0.187 - Adobe Systems Incorporated)
AGSWalletforVista (HKLM-x32\...\{9C71B1EA-59A3-404F-9B04-CEC28188A234}) (Version: 1.0.0.3 - Aegis Enterprise inc)
AhnLab Online Security (HKLM-x32\...\AhnLab Online Security) (Version:  - AhnLab, Inc)
AhnLab Safe Transaction (HKLM\...\{19DD1D8D-927F-45DF-ADF4-75D38267848D}) (Version: 1.3.23.955 - AhnLab, Inc.)
AhnLab V3 Zip 2.0 (HKLM\...\{0A9DDB30-C3E4-4760-B7BF-959EB2874C64}) (Version: 2.0.2.216 - AhnLab, Inc.)
AnySign4PC 1.1.0.8 (HKLM-x32\...\AnySign4PC) (Version: 1.1.0.8 - HANCOM SECURE Inc.)
AutoCAD 2012 - Korean (HKLM\...\{5783F2D7-A001-0412-0102-0060B0CE6BBA}) (Version: 18.2.51.0 - Autodesk) Hidden
AutoCAD 2012 - Korean (HKLM\...\AutoCAD 2012 - Korean) (Version: 18.2.51.0 - Autodesk)
AutoCAD 2012 Language Pack - Korean (HKLM\...\{5783F2D7-A001-0412-1102-0060B0CE6BBA}) (Version: 18.2.51.0 - Autodesk) Hidden
AutoCAD 2012용 Autodesk Inventor Fusion 플러그인 (HKLM\...\{EAB3AC1A-68FF-486B-9C6B-E48EBB4B05CC}) (Version: 0.0.1.138 - Autodesk) Hidden
AutoCAD 2012용 Autodesk Inventor Fusion 플러그인 언어 팩 (HKLM\...\{E552C39C-C70E-464F-9733-8311331BDD90}) (Version: 0.0.1.138 - Autodesk) Hidden
Autodesk Content Service (HKLM-x32\...\{086F9A69-CD39-4893-A9FB-D3A0634CE3F7}) (Version: 2.0.90 - Autodesk)
Autodesk Inventor Fusion 2012 (HKLM\...\{FFF5619F-6669-4EC5-A85E-9994F70A9E5D}) (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion 2012 (HKLM\...\Autodesk Inventor Fusion 2012) (Version: 1.0.0.79 - Autodesk, Inc.)
Autodesk Inventor Fusion 2012 언어 팩 (HKLM\...\{FFF7F80F-929E-497F-A112-B070DE816128}) (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion plug-in for AutoCAD 2012 (HKLM\...\AutoCAD 2012용 Autodesk Inventor Fusion 플러그인) (Version: 0.0.1.138 - Autodesk)
Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
AxSignGATE 3.0 (HKLM-x32\...\AxSignGATE) (Version: 3.0 - 한국정보인증(주))
CCDNService 2.0.0.12 (HKLM-x32\...\CCDNService) (Version: 2.0.0.12 - Gvix(주))
Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.94 - Google Inc.)
Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden
CPUID CPU-Z 1.75 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Daum ActiveX 컨트롤 - Daum 메일 파일업로더 (HKLM-x32\...\{A21E6CD8-70E4-45CF-A1A8-FC1584D8523E}) (Version:  - Kakao Corp.)
Delfino (x86) 버전 2.1.4.3 (HKLM-x32\...\{E48E2437-FB9B-4596-9525-00DAFC7AABED}_is1) (Version: 2.1.4.3 - Wizvera)
Delfino G3 (x86) 버전 3.1.4.1 (HKLM-x32\...\{1CBD185A-9CB3-4f30-B7E4-75CC551455F9}_is1) (Version: 3.1.4.1 - Wizvera)
EasyKeytec (키보드 보안 프로그램) (HKLM-x32\...\Easykeytec) (Version:  - )
eISP 2.0 (HKLM-x32\...\eISP 2.0) (Version: 2.01 - 브이피(주))
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version:  - )
HP LaserJet Professional M1210 MFP Series Fax Installer (HKLM\...\{E65099C4-9110-4C31-BD03-5C17EFB5FE92}) (Version: 1.1.0 - HP)
iniLINE CrossEX Service (HKU\S-1-5-21-4202491627-2688634506-2428423890-1000\...\iniLINE_CrossEX) (Version: 1.0.2.2 - iniLINE Co., Ltd.)
INISAFE CrossWeb EX v3.0 (HKLM-x32\...\UnINISafeWebEX) (Version: 3.0.0.73 - Initech, Inc.)
INISAFE SandBox 1.0 (HKLM-x32\...\INISAFE SandBox) (Version: 1.0 - Initech, Inc.)
INISafe SFilter v7.2 (HKLM-x32\...\UnINISafeWeb7) (Version: 7.2.0.16 - ©INITECH)
INISAFE Web v6.4 (HKLM-x32\...\UnINISafeWeb64) (Version: 6 - Initech ©.)
IPinside Agent (HKLM-x32\...\IPinside Agent) (Version: 1.0.2.9 - interezen)
IPinside LWS Agent (HKLM-x32\...\IPinside LWS Agent) (Version: 3.0.0.3 - interezen)
IPinside Non-p Agent (HKLM-x32\...\IPinside Non-p Agent) (Version: 2.0.0.3 - interezen)
ipTIME NAS Wizard (HKLM-x32\...\ipTIMENAS) (Version:  - )
IssacWebProCMS 4.5.0.10 oovi (HKLM-x32\...\IssacWebProCMS_oovi_is1) (Version:  - Penta Security Systems, Inc.)
JX-Mail ActiveX (HKLM-x32\...\JX-Mail ActiveX_is1) (Version:  - )
KBS Kong v3 (HKLM-x32\...\{EEED2879-F4AB-430A-998C-801D0E5B9C1E}) (Version: 3.2.2.03 - KBS인터넷(주))
KeySharp CertRelay (HKLM-x32\...\KeySharp CertRelay) (Version: 2.1.0.8 - RaonSecure Co., Ltd.)
KeySharp CertRelay(W) (HKLM-x32\...\KeySharp CertRelay(W)) (Version:  - )
keysharpnxbiz (x86) 버전 3.2.2.3 (HKLM-x32\...\{E18C0D1F-EA43-4bb3-B28A-CEA42110C331}_is1) (Version: 3.2.2.3 - WIZVERA & RAONSECURE)
Kings Online Security (HKLM-x32\...\KOS) (Version: 1.0.0.5 - Kings Information & Network Co., Ltd.)
League of Legends (HKLM-x32\...\{75B5DFD2-414C-45F1-82C0-B03337597862}) (Version: 3.0.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
LG Uplus XPay Plugin (Plugin) 1.0.5.1 (HKLM-x32\...\LG Uplus XPay Plugin (npRuntime)) (Version: 1.0.5.1 - LG Uplus Corp)
MagicLine4NP (HKLM-x32\...\MagicLine4NP) (Version: 1.0.0.25 - DreamSecurity, Co.Ltd)
MAGICXML (HKLM-x32\...\MAGICXML) (Version: 1.0.0.27 - Dreamsecurity Inc.)
MarkAny Inc. e-PageSafer v2.5 COURT OzWeb(Uninstall) (HKLM-x32\...\MarkAny Inc. e-PageSafer v2.5 COURT OzWeb(Uninstall)) (Version: v2.5 - MarkAny Inc.)
MarkAny Inc. e-PageSafer V2.5 NoAX ( Basic )_2.5.1.3 (HKLM-x32\...\ePageSafer) (Version: v2.5 - MarkAny Inc.)
MAWS_NARA - 증명서 발급 시스템 (HKLM-x32\...\MAWS_NARA - 증명서 발급 시스템) (Version: v2.5 - MarkAny Inc.)
Microsoft .NET Framework 4 Client Profile 한국어 언어 팩 (HKLM\...\Microsoft .NET Framework 4 Client Profile KOR Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended 한국어 언어 팩 (HKLM\...\Microsoft .NET Framework 4 Extended KOR Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft Office 365 - ko-kr (HKLM\...\O365HomePremRetail - ko-kr) (Version: 16.0.8625.2127 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
MPEG2코덱(libmpeg2/mad) (HKLM-x32\...\MPEG2코덱(libmpeg2/mad)) (Version:  - )
NAT Service 3.5.4.19 (HKLM-x32\...\{F67E509A-0033-4759-9E71-CE372F4D89B4}}_is1) (Version: 3.5.4.19 - Neo Network)
Naver Software Downloader (HKLM-x32\...\Naver Software Downloader) (Version: 0.0.0.1 - NAVER Corp.)
npEfdsWCtrl (HKLM-x32\...\npEfdsWCtrl) (Version:  - INCA Internet Co., Ltd.)
nProtect KeyCrypt V6.5 (HKLM-x32\...\npkfx) (Version: 6.5 - INCA Internet Co., Ltd.)
nProtect Netizen v5.5 (HKLM-x32\...\nProtect Netizen v5.5) (Version: 2015.8.20.1 - INCA Internet Co., Ltd.)
nProtect Online Security V1.0(PFS) (HKLM-x32\...\nProtect Online Security V1.0(PFS)) (Version: 2016.3.24.1 - INCA Internet Co., Ltd.)
NTSMagicLineMBX (HKLM-x32\...\NTSMagicLineMBX) (Version: 1.0.10.13 - Dreamsecurity Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8625.2127 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8625.2127 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8625.2127 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0412-0000-0000000FF1CE}) (Version: 16.0.8326.2076 - Microsoft Corporation) Hidden
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
PDPOP (HKLM-x32\...\PDPOP) (Version:  - TBENM Co., Ltd.)
Printmade2 (HKLM-x32\...\{4EF8C716-1E9A-4FD4-BC4F-E18BD949974C}_is1) (Version: 2.0.1.20 - NagoSoft, Inc.)
ProWorksGrid 1,0,0,78 (HKLM-x32\...\{DF7D9461-61E6-43E8-8E15-49D32544C187}) (Version: 1.00.0078 - INSWAVE Systems)
REDBC NX_PRNMAN (HKLM-x32\...\REDBC NX_PRNMAN_is1) (Version: 1.0.0.6 - RedBC Co.,Ltd.)
Rexpert30 Viewer 1,0,0,447 (HKLM-x32\...\Rexpert30 Viewer) (Version: 1,0,0,447 - ClipSoft)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.06.46 (2014-10-30) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.06.00.08(2016-09-07) - Samsung Electronics Co., Ltd.)
Samsung M2070 Series (HKLM-x32\...\Samsung M2070 Series) (Version: 1.26 (2017-03-13) - Samsung Electronics Co., Ltd.)
Samsung Network PC Fax (HKLM-x32\...\Samsung Network PC Fax) (Version: 1.11.14 (2014-11-04) - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (HKLM-x32\...\Samsung Scan Process Machine) (Version: 1.03.05.18 - Samsung Electronics Co., Ltd.) Hidden
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 1.0.1 - HP)
SecuKit NX (HKLM\...\SecuKit NX) (Version: 1.0.0.8 - 한국정보인증(주))
SignKorea NA Certification Toolkit(공인인증 프로그램) (HKLM-x32\...\SKCert.{FF902CAB-2018-4036-9CAC-91AAC839021C}) (Version: 2.1.6.2656 - 코스콤)
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
SpeedDownload - Bomul (HKLM-x32\...\SpeedDownLoader) (Version: 2.0 - DreamWiz Internet Co.,Ltd)
TouchEn key with E2E for 32bit (HKLM-x32\...\TouchEn_key) (Version:  - RaonSecure Co., Ltd.)
TouchEn nxFirewall32 (HKLM-x32\...\{27640517-0513-4d81-A61E-228DC51680F8}) (Version: 1.0.0.11 - RaonSecure Co., Ltd.)
TouchEn nxKey with E2E for 32bit (HKLM-x32\...\TouchEn nxKey) (Version: 1.0.0.47 - RaonSecure Co., Ltd.)
V3 Lite (HKLM\...\{5FC548FC_0888_4832_B037_835C34A0B599}) (Version: 3.3.3.727 - AhnLab, Inc.)
Veraport(보안모듈 관리 프로그램) G3 - 3,0,4,2 (HKLM-x32\...\{2D992E01-604B-472C-A883-1DDA105A24D5}_is1) (Version: 3,0,4,2 - Wizvera)
WIZVERA Process Manager 1,0,1,7 (HKLM-x32\...\{8941A397-4065-4F41-92CE-0EB610846EED}_is1) (Version: 1,0,1,7 - WIZVERA)
XecureExpress (HKLM-x32\...\XecureExpress) (Version:  - )
XecureWeb Control (HKLM-x32\...\XecureWeb Control) (Version: 7, 2, 9, 1 - SoftForum Co., Ltd.)
XecureWeb UnifiedPlugin (HKLM-x32\...\XecureWeb UnifiedPlugin) (Version: 1.0.5.15 - SoftForum Co., Ltd.)
XecureWeb-Multi FCMS (HKLM-x32\...\XecureWeb-Multi FCMS) (Version: 1.0.1.4 - SoftForum Co., Ltd.)
yessign7 XML ActiveX Control (HKLM-x32\...\yessign7XMLActiveX) (Version: 1,0,1,50 - 금융결제원)
Youtube Downloader HD v. 2.9.9.27 (HKLM-x32\...\Youtube Downloader HD_is1) (Version:  - YoutubeDownloaderHD.com)
곰TV 플러그인 (HKLM-x32\...\GomTV Launcher Plugin) (Version: 1.0.0.3 - Gretech Corporation)
곰플레이어 (HKLM-x32\...\GOM Player) (Version: 2.3.22.5279 - GOM & Company)
네이버 ActiveX 가이드 (HKLM-x32\...\NaverSetup) (Version: 1.0.3.13 - NAVER Corp.)
네이버 라이브 스트리밍 서비스 (HKU\S-1-5-21-4202491627-2688634506-2428423890-1000\...\NLiveCast) (Version: 2.0.0.19 - NAVER Corp.)
네이버 만화뷰어 (HKLM-x32\...\NComic) (Version: 1.0.1.1 - NAVER Corp.)
네이버 업데이터 (HKLM-x32\...\NaverUpdater) (Version: 1.0.2.31 - NAVER Corp.)
네이버 업데이터 64bit (HKLM\...\NaverUpdater) (Version: 1.0.64.31 - NAVER Corp.)
네이버 클리너 (HKLM\...\NCleaner) (Version: 1.0.64.171 - NAVER Corp. )
네이버 툴바 (HKLM-x32\...\NaverToolbar) (Version: 4.0.30.302 - NAVER Corp.)
사용 설명서 보기 (HKLM-x32\...\View User Guide) (Version: 3.60.47.0 - )
삼성 프린터 진단 (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.1.6.02 - Samsung Electronics Co., Ltd.)
알PDF 1.1 (HKLM-x32\...\ALPDF_is1) (Version: v1.1 - ESTsoft Corp.)
알집 10.72 (HKLM-x32\...\ALZip_is1) (Version: v10.72 - ESTsoft Corp.)
알툴즈 업데이트 (HKLM-x32\...\ALUpdate_is1) (Version: v16.1 - ESTsoft Corp.)
영웅문4 (HKLM-x32\...\{116E39FB-DB41-42D8-B976-A648BD68BBD9}) (Version: 4.00.000 - Kiwoom Securities)
카카오톡 (HKLM-x32\...\KakaoTalk) (Version: 2.6.3.1672 - Kakao Corp.)
하우코덱 (HKLM-x32\...\하우코덱) (Version:  - )
한글과컴퓨터 한글 2007 (HKLM-x32\...\{B2423C36-006E-4270-AEBC-CFC4CAF2C310}) (Version: 7.0.0.121 - Haansoft)
확장된 브라우저 컨트롤러 (HKLM-x32\...\ExBC) (Version:  - Gvix Co.,Ltd)
휴대폰인증서(보관)서비스 (HKLM-x32\...\INFovine) (Version:  - INFovine)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-4202491627-2688634506-2428423890-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\aa\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileCoAuthLib64.dll => No File
CustomCLSID: HKU\S-1-5-21-4202491627-2688634506-2428423890-1000_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\aa\AppData\Local\Microsoft\OneDrive\17.3.7074.1023\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-4202491627-2688634506-2428423890-1000_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2017 - English\en-US\dwgviewrficn.dll => No File
CustomCLSID: HKU\S-1-5-21-4202491627-2688634506-2428423890-1000_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Korean\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4202491627-2688634506-2428423890-1000_Classes\CLSID\{720DB9AF-D62C-4ED0-A377-429C22312852}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2017 - English\dwgviewr.exe => No File
CustomCLSID: HKU\S-1-5-21-4202491627-2688634506-2428423890-1000_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\aa\AppData\Local\Microsoft\OneDrive\17.3.7074.1023\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-4202491627-2688634506-2428423890-1000_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\aa\AppData\Local\Microsoft\OneDrive\17.3.7074.1023\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-4202491627-2688634506-2428423890-1000_Classes\CLSID\{b039d18d-c6c5-54f8-ace1-0b8fff1ed771}\InprocServer32 -> C:\Users\aa\AppData\Roaming\NAVER\FileDownloader\npNDownloaderObj64_1_0_0_35.dll (NAVER Corp.)
CustomCLSID: HKU\S-1-5-21-4202491627-2688634506-2428423890-1000_Classes\CLSID\{B77E471C-FBF3-4CB5-880F-D7528AD4B349}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Korean\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4202491627-2688634506-2428423890-1000_Classes\CLSID\{C92FB640-AD4D-498A-9979-A51A2540C977}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Korean\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4202491627-2688634506-2428423890-1000_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Korean\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4202491627-2688634506-2428423890-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Korean\acadficn.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2016-02-07] (Autodesk, Inc.)
ContextMenuHandlers1: [!NetFax0] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2014-11-04] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [!NetFax1] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2014-11-04] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [!NetFax2] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2014-11-04] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [!NetFax3] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2014-11-04] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [!NetFax4] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2014-11-04] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [!NetFax5] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2014-11-04] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [!NetFax6] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2014-11-04] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [!NetFax7] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2014-11-04] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2016-02-07] (Autodesk)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2008-06-11] (Adobe Systems Inc.)
ContextMenuHandlers1: [AhnLab.V3Shl] -> {F2F52A0A-D37B-481B-8861-547A512D2295} => C:\Program Files\AhnLab\V3Lite30\V3Shl.dll [2015-05-28] (AhnLab, Inc.)
ContextMenuHandlers1: [AhnLab.V3Zip] -> {3F967A1C-9BFA-4555-8D19-1184E22212FA} => C:\Program Files\AhnLab\V3Zip20\V3ZipSh3.dll [2011-10-06] (AhnLab, Inc.)
ContextMenuHandlers1: [ALZip] -> {4EB37360-49E8-11D3-95B5-004033382980} => C:\Program Files (x86)\ESTsoft\ALZip\AZCTM64.dll [2017-09-14] (ESTsoft Corp.)
ContextMenuHandlers2: [AhnLab.V3Shl] -> {F2F52A0A-D37B-481B-8861-547A512D2295} => C:\Program Files\AhnLab\V3Lite30\V3Shl.dll [2015-05-28] (AhnLab, Inc.)
ContextMenuHandlers2: [AhnLab.V3Zip] -> {3F967A1C-9BFA-4555-8D19-1184E22212FA} => C:\Program Files\AhnLab\V3Zip20\V3ZipSh3.dll [2011-10-06] (AhnLab, Inc.)
ContextMenuHandlers2: [ALZip] -> {4EB37360-49E8-11D3-95B5-004033382980} => C:\Program Files (x86)\ESTsoft\ALZip\AZCTM64.dll [2017-09-14] (ESTsoft Corp.)
ContextMenuHandlers4: [AhnLab.V3Shl] -> {F2F52A0A-D37B-481B-8861-547A512D2295} => C:\Program Files\AhnLab\V3Lite30\V3Shl.dll [2015-05-28] (AhnLab, Inc.)
ContextMenuHandlers4: [AhnLab.V3Zip] -> {3F967A1C-9BFA-4555-8D19-1184E22212FA} => C:\Program Files\AhnLab\V3Zip20\V3ZipSh3.dll [2011-10-06] (AhnLab, Inc.)
ContextMenuHandlers4: [ALZip] -> {4EB37360-49E8-11D3-95B5-004033382980} => C:\Program Files (x86)\ESTsoft\ALZip\AZCTM64.dll [2017-09-14] (ESTsoft Corp.)
ContextMenuHandlers5: [AhnLab.V3Shl] -> {F2F52A0A-D37B-481B-8861-547A512D2295} => C:\Program Files\AhnLab\V3Lite30\V3Shl.dll [2015-05-28] (AhnLab, Inc.)
ContextMenuHandlers5: [AhnLab.V3Zip] -> {3F967A1C-9BFA-4555-8D19-1184E22212FA} => C:\Program Files\AhnLab\V3Zip20\V3ZipSh3.dll [2011-10-06] (AhnLab, Inc.)
ContextMenuHandlers5: [ALZip] -> {4EB37360-49E8-11D3-95B5-004033382980} => C:\Program Files (x86)\ESTsoft\ALZip\AZCTM64.dll [2017-09-14] (ESTsoft Corp.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-12-31] (Intel Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2008-06-11] (Adobe Systems Inc.)
ContextMenuHandlers6: [AhnLab.V3Shl] -> {F2F52A0A-D37B-481B-8861-547A512D2295} => C:\Program Files\AhnLab\V3Lite30\V3Shl.dll [2015-05-28] (AhnLab, Inc.)
ContextMenuHandlers6: [AhnLab.V3Zip] -> {3F967A1C-9BFA-4555-8D19-1184E22212FA} => C:\Program Files\AhnLab\V3Zip20\V3ZipSh3.dll [2011-10-06] (AhnLab, Inc.)
ContextMenuHandlers6: [ALZip] -> {4EB37360-49E8-11D3-95B5-004033382980} => C:\Program Files (x86)\ESTsoft\ALZip\AZCTM64.dll [2017-09-14] (ESTsoft Corp.)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {1B33F1C1-61A7-475D-BB1B-0C31BF08F26A} - System32\Tasks\ipTIME_NAS_Drive_Task => C:\Program Files\ipTIME\ipTIME NAS\ipDISK_Drive\ipTIME_ipDISK_Drive.exe [2015-07-08] (EFM networks)
Task: {1D36682C-8D07-49A3-942C-8BB89789221F} - System32\Tasks\NClient\Logon Trigger => C:\Users\aa\AppData\Local\Naver\NClient\NClient.exe [2016-02-25] (NAVER Corp.)
Task: {1EFBCB7B-60BF-4947-96B0-72D19A95B17D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-11-15] (Adobe Systems Incorporated)
Task: {4522F06B-936A-4261-8901-E7CB307D9E72} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-15] (Google Inc)
Task: {561E3BA3-83FB-4096-8E9A-8647914A9A45} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-11-02] (Microsoft Corporation)
Task: {6AF5B1FC-5AA6-4F35-828C-8B10F3302A28} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-29] ()
Task: {90A80A34-8E81-4594-B1FD-27E3DA774778} - System32\Tasks\Microsoft\Internet Explorer\Internet Explorer 이전 버전 정리 => C:\Windows\SYSTEM32\ie4uinit.EXE [2016-02-15] (Microsoft Corporation)
Task: {9FEF1EBD-14D8-473F-9A9F-13EAEE28127D} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-11-20] (Microsoft Corporation)
Task: {A1C6EB91-57BD-484C-A295-A5FC0405F743} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-15] (Google Inc)
Task: {A3335A60-6DC6-46F7-9732-C9A72F9EE13A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-29] ()
Task: {DA74E35E-52DC-4948-8175-220C9D6EC263} - System32\Tasks\NaverSoftware\ToolsLog => C:\Users\aa\AppData\Local\Naver\NClient\NClient.exe [2016-02-25] (NAVER Corp.)
Task: {EEB15CE7-75D2-4108-AABC-23A754CF9CB7} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-11-02] (Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
ShortcutWithArgument: C:\Users\aa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Daum\Daum ActiveX 매니저.Lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://cs.daum.net/faq/124/7912.html?faqId=9731
ShortcutWithArgument: C:\Users\aa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
 
==================== Loaded Modules (Whitelisted) ==============
 
2017-07-19 10:18 - 2009-11-20 13:43 - 000405504 _____ () C:\Windows\System32\HPM1210LM.DLL
2017-08-03 14:43 - 2015-06-11 22:58 - 000022528 _____ () C:\Windows\System32\ssm4mlm.dll
2017-07-19 10:19 - 2009-11-20 13:43 - 000074240 ____N () C:\Windows\system32\spool\PRTPROCS\x64\HPM1210PP.DLL
2011-02-02 14:08 - 2011-02-02 14:08 - 000018656 _____ () C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
2014-09-08 13:39 - 2014-09-08 13:39 - 000464608 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2014-09-08 13:38 - 2014-09-08 13:38 - 000051200 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2016-12-13 13:58 - 2016-06-28 12:30 - 004109168 _____ () C:\Program Files (x86)\INFovine\UBIKeyService.exe
2013-08-29 18:46 - 2013-08-29 18:46 - 000014848 _____ () C:\Program Files\ipTIME\ipTIME NAS\ipDISK_Drive\mounter.exe
2016-03-31 15:11 - 2016-03-02 19:01 - 001849408 _____ () C:\Program Files\KCP\kcppayplugin.exe
2017-08-03 14:44 - 2013-02-22 13:29 - 000365568 _____ () C:\Windows\system32\SaMinDrv.dll
2017-08-03 14:43 - 2015-06-10 15:18 - 000087552 ____N () C:\Windows\system32\ssdevm64.dll
2016-03-29 14:10 - 2015-10-30 14:07 - 001108755 _____ () C:\Program Files\AhnLab\Safe Transaction\RunTmp\klib.dll
2017-11-14 09:40 - 2017-11-10 18:57 - 004135768 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\libglesv2.dll
2017-11-14 09:40 - 2017-11-10 18:57 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\libegl.dll
2016-09-01 15:28 - 2016-09-01 15:28 - 000127984 _____ () C:\Program Files (x86)\SoftForum\XecureWeb\AnySign\dll\xwm_smartcard.dll
2016-06-20 11:03 - 2016-06-20 11:03 - 000014336 _____ () C:\Program Files (x86)\SoftForum\XecureWeb\AnySign\dll\KEBSFSC_WR.dll
2016-06-20 11:04 - 2016-06-20 11:04 - 000143360 _____ () C:\Program Files (x86)\SoftForum\XecureWeb\AnySign\dll\NSLDAP32V50.dll
2016-01-26 16:51 - 2016-01-26 16:51 - 002951680 _____ () C:\Program Files (x86)\DreamSecurity\MagicLine4NP\CertManager.dll
2014-06-13 15:07 - 2014-06-13 15:07 - 000139264 _____ () C:\Program Files (x86)\DreamSecurity\MagicLine4NP\NSLDAP32V50.dll
2016-01-11 14:41 - 2016-01-11 14:41 - 001657856 _____ () C:\Program Files (x86)\DreamSecurity\MagicLine4NP\GPKIProcSession.dll
2017-09-05 10:38 - 2016-05-02 11:38 - 002226688 _____ () C:\Program Files (x86)\SignKorea\skcert\SantiagoSecurityService.dll
2017-09-05 10:38 - 2016-05-02 11:36 - 000141824 _____ () C:\Program Files (x86)\SignKorea\skcert\nss4Mango.dll
2016-12-13 13:57 - 2017-09-08 11:51 - 000361576 _____ () C:\Program Files (x86)\initech\INISAFE Web EX Client\INIExtensionPipe.dll
2016-12-13 13:57 - 2017-09-08 11:51 - 000489064 _____ () C:\Program Files (x86)\INITECH\INISAFE Web EX Client\INISAFECrossWebEX.dll
2016-03-16 14:26 - 2016-03-16 14:26 - 000051712 _____ () C:\Program Files (x86)\Naver\Naver Comic Viewer\tinyxml2.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\aa\AppData\Local\Temp:{67AD6FA5-2A7D-47de-A0C4-F04C8F26F841} [0]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
HKU\S-1-5-21-4202491627-2688634506-2428423890-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-4202491627-2688634506-2428423890-1000\...\customs.go.kr -> hxxps://unipass.customs.go.kr
IE trusted site: HKU\S-1-5-21-4202491627-2688634506-2428423890-1000\...\dacom.net -> dacom.net
IE trusted site: HKU\S-1-5-21-4202491627-2688634506-2428423890-1000\...\lgdacom.net -> lgdacom.net
IE trusted site: HKU\S-1-5-21-4202491627-2688634506-2428423890-1000\...\uplus.co.kr -> uplus.co.kr
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 11:34 - 2016-02-15 12:39 - 000001451 _____ C:\Windows\system32\Drivers\etc\hosts
 
127.0.0.1 localhost
127.0.0.1 3dns.adobe.com
127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com
127.0.0.1 activate.wip2.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 activate.wip4.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-1.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 adobe-dns-4.adobe.com
127.0.0.1 adobeereg.com
127.0.0.1 practivate.adobe
127.0.0.1 practivate.adobe.com
127.0.0.1 practivate.adobe.newoa
127.0.0.1 practivate.adobe.ntp
127.0.0.1 practivate.adobe.ipp
127.0.0.1 ereg.adobe.com
127.0.0.1 ereg.wip.adobe.com
127.0.0.1 ereg.wip1.adobe.com
127.0.0.1 ereg.wip2.adobe.com
127.0.0.1 ereg.wip3.adobe.com
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-4202491627-2688634506-2428423890-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\aa\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 210.94.0.73
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 0) (EnableLUA: 0)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: HncUpdate => C:\Program Files (x86)\Common Files\Hnc\HncUtils\HncUpdate.exe /A
MSCONFIG\startupreg: HotKeysCmds => "C:\Windows\system32\hkcmd.exe"
MSCONFIG\startupreg: IgfxTray => "C:\Windows\system32\igfxtray.exe"
MSCONFIG\startupreg: Korean IME Migration => C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMEKR\IMKRMIG.EXE
MSCONFIG\startupreg: Persistence => "C:\Windows\system32\igfxpers.exe"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{8958866F-193E-4636-BE72-6F4194FFEE76}] => (Allow) C:\Program Files\AhnLab\V3Lite30\MUpdate2\duri.ahn
FirewallRules: [{050B0AC3-4B03-4AF6-9BF9-15DA310DB9AD}] => (Allow) C:\Program Files\AhnLab\V3Lite30\MUpdate2\duri.ahn
FirewallRules: [{4D1D02CA-D851-4513-9441-A0647CC4FFB6}] => (Allow) C:\Program Files (x86)\naver\NaverCommon\NaverAdminAPISvc.exe
FirewallRules: [{72805C0C-E4E8-4575-83BA-E7DFB0905FA2}] => (Allow) C:\Program Files (x86)\naver\NaverCommon\NaverAdminAPISvc.exe
FirewallRules: [{A6373430-93DC-433C-B536-DCC375A978AD}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
FirewallRules: [{6B6419E3-FDCB-430E-B760-07CEF5E7018F}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
FirewallRules: [{2E7297D0-CF11-43B8-98B6-F7905A5BB70A}] => (Allow) C:\Users\aa\AppData\Roaming\NAVER\NLiveCast\NLiveCast.exe
FirewallRules: [{37C9C6A7-8C11-497F-8DD8-DABC8A30C3C2}] => (Allow) C:\Users\aa\AppData\Roaming\NAVER\NLiveCast\NLiveCast.exe
FirewallRules: [{76D67C28-55E2-4F38-A057-FE2B2524B14B}] => (Allow) C:\Program Files (x86)\INCAInternet\nProtect Online Security\nosstarter.npe
FirewallRules: [TCP Query User{021DFAF4-CA4D-4CC2-A4E2-27BCEDCD0C52}C:\program files\kcp\kcppayplugin.exe] => (Allow) C:\program files\kcp\kcppayplugin.exe
FirewallRules: [UDP Query User{B231E97B-0032-411F-9BF7-9CC7E475BF58}C:\program files\kcp\kcppayplugin.exe] => (Allow) C:\program files\kcp\kcppayplugin.exe
FirewallRules: [TCP Query User{2DD9E905-3401-4A13-9BA6-9E13BA4F09A5}C:\program files\kcp\kcppayplugin.exe] => (Allow) C:\program files\kcp\kcppayplugin.exe
FirewallRules: [UDP Query User{5CC341F6-2897-4F80-B3BF-992798A9691F}C:\program files\kcp\kcppayplugin.exe] => (Allow) C:\program files\kcp\kcppayplugin.exe
FirewallRules: [TCP Query User{A0AB84DF-BC77-4500-8074-BEAFF4C9A954}C:\program files (x86)\kakao\kakaotalk\kakaotalk.exe] => (Block) C:\program files (x86)\kakao\kakaotalk\kakaotalk.exe
FirewallRules: [UDP Query User{516676D4-2DFF-455D-8D2E-4BB2AF62B26F}C:\program files (x86)\kakao\kakaotalk\kakaotalk.exe] => (Block) C:\program files (x86)\kakao\kakaotalk\kakaotalk.exe
FirewallRules: [{CF792F22-66C6-4AA3-9348-6A8776CE567F}] => (Allow) C:\Users\aa\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8EDF381B-2FA7-47B1-8BA6-989F5306469D}] => (Allow) C:\Users\aa\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4DAA5A62-A9DC-4642-A051-1BF067ABE9D3}] => (Allow) C:\Users\aa\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CDC7942A-9B8D-438D-B4F4-DC13ECBE1D4D}] => (Allow) C:\Users\aa\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C6744581-7EF8-4619-BC96-530DB34DE58E}] => (Allow) C:\Users\aa\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7C010CFD-D51D-4D77-8F2E-9D9971BD6921}] => (Allow) C:\Users\aa\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{305F9171-50C2-4B1D-AB1D-B975556E6702}] => (Allow) C:\Program Files (x86)\DreamSecurity\MagicLine4NP\MagicLineNP.exe
FirewallRules: [{5D0B46B1-2FF4-4D8C-810B-1652DB24E3E7}] => (Allow) C:\Users\aa\AppData\Roaming\RIOTGames\rgDownload\rgDownload.exe
FirewallRules: [{590FFD72-3977-4AFF-9E94-B3471AB0166C}] => (Allow) C:\Users\aa\AppData\Roaming\RIOTGames\rgDownload\rgDownload.exe
FirewallRules: [{6094AFC6-EF69-4014-8539-12558B668208}] => (Allow) C:\Users\aa\AppData\Roaming\NAVER\NLiveCast\NLiveCast.exe
FirewallRules: [{C3DE1C07-0F56-4B67-ADB9-6B915FC52A53}] => (Allow) C:\Users\aa\AppData\Roaming\NAVER\NLiveCast\NLiveCast.exe
FirewallRules: [TCP Query User{D3BC6CB6-767E-45D6-A11D-21B4A5491C46}C:\program files (x86)\kakao\kakaotalk\kakaotalk.exe] => (Block) C:\program files (x86)\kakao\kakaotalk\kakaotalk.exe
FirewallRules: [UDP Query User{DFC3FCDA-900B-45ED-A4C9-5C0693EC0B14}C:\program files (x86)\kakao\kakaotalk\kakaotalk.exe] => (Block) C:\program files (x86)\kakao\kakaotalk\kakaotalk.exe
FirewallRules: [{A4000BE6-397F-460D-BE14-6EC540239814}] => (Allow) C:\Program Files (x86)\INFovine\UBIKeyService.exe
FirewallRules: [{BF8BA6BE-C47E-4D8D-A391-9F4B01CD6820}] => (Allow) C:\Program Files (x86)\INFovine\UBIKeyService.exe
FirewallRules: [{FD34907F-B557-4494-B664-3C912D4454AB}] => (Allow) C:\Program Files (x86)\IPinside_LWS\I3GProc.exe
FirewallRules: [TCP Query User{08133DC9-C076-481A-8828-1405F6685B0E}C:\program files (x86)\markany\maeps\epagesafer.exe] => (Block) C:\program files (x86)\markany\maeps\epagesafer.exe
FirewallRules: [UDP Query User{AE78D666-33AF-4DE6-9D9B-D29C5165DF30}C:\program files (x86)\markany\maeps\epagesafer.exe] => (Block) C:\program files (x86)\markany\maeps\epagesafer.exe
FirewallRules: [{557CAE4F-42C2-4D19-9AE3-667120A83594}] => (Allow) C:\Program Files\ipTIME\ipTIME NAS\ipDISK_Drive\ipTIME_ipDISK_Drive.exe
FirewallRules: [{0733F319-8EDF-44D5-B4E9-89FC66C0500E}] => (Allow) C:\Program Files (x86)\CCDNService\CCDNService.exe
FirewallRules: [{AED80551-CEE1-4AA9-81F5-899FE010DE41}] => (Allow) C:\Program Files (x86)\CCDNService\CCDNService.exe
FirewallRules: [{DFC5AE82-7707-4D9E-A055-0A45CC77163A}] => (Allow) C:\Program Files (x86)\pdpopx\pdpop_nanoomidown.exe
FirewallRules: [{CEC99107-18C0-4C10-8B47-E85CDEF3DF69}] => (Allow) C:\Program Files (x86)\pdpopx\pdpop_nanoomidown.exe
FirewallRules: [{81690481-C452-4792-B17F-AEB08F05DE50}] => (Allow) C:\Program Files (x86)\NAT Service\natsvc.exe
FirewallRules: [{5C962EDD-9699-41FA-9981-BA638758DD88}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe
FirewallRules: [{D70AA345-B8E0-4B0F-B290-675817A2EEAC}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe
FirewallRules: [{59EFC79C-F2B5-4577-99E4-0380E6A2C103}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{476EF1A8-BBB7-4684-B59D-CA9068AB435C}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{FD18DD8D-E6AC-4659-87E0-275F698C21B7}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{13E6A559-FA39-4EC6-B57A-97FB224FCD61}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{1A28EAF8-E1B3-4761-A786-216F5504AD4B}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{502E910E-15FA-4A49-8C1D-BDC8696CF4BB}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{96246412-6280-4CE8-865C-EB19F9411CEB}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{17501F55-3997-4EEA-995A-C100A14EB986}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe
FirewallRules: [{25A9031C-E76D-43A1-B7F0-493E5A7FE081}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe
FirewallRules: [{ABE7811D-F7FB-4A93-8425-30EBC715BA88}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [{469E0122-BAB8-42AB-A95B-0A9950F3C697}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [{8D391FDF-022C-43B6-B05B-678402E995AB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{A21E6097-E308-4061-8B7D-9841F064FFE8}] => (Allow) C:\Program Files (x86)\SoftForum\XecureWeb\AnySign\dll\AnySign4PC.exe
FirewallRules: [{AAB46BFE-4703-4279-A9A3-3AA17CB9035A}] => (Allow) C:\Program Files (x86)\KICA\Common\kpmsvc\kpmcnt.exe
FirewallRules: [{5D1C81A4-BF07-448C-A21C-A0B6ED7B48FE}] => (Allow) C:\Program Files (x86)\KICA\Common\kpmsvc\kpmcnt.exe
FirewallRules: [{5E69B8CE-967D-43EC-8481-77B0BC498C9C}] => (Allow) LPort=14315
FirewallRules: [{DFA528C9-6367-40D2-B197-2002FB5D7E59}] => (Allow) C:\Program Files (x86)\Initech\INISAFE Web EX Client\INISAFECrossWebEXSvc.exe
FirewallRules: [{C3616205-BBAB-4906-97AA-5C4A8903B9BF}] => (Allow) C:\Program Files (x86)\Initech\INISAFE Web EX Client\INISAFECrossWebEXSvc.exe
FirewallRules: [TCP Query User{284912B2-D14F-4596-94D4-FF867D9D1A0A}C:\program files (x86)\kbs kong v3\kong_v3.exe] => (Allow) C:\program files (x86)\kbs kong v3\kong_v3.exe
FirewallRules: [UDP Query User{23473FFD-AF47-4FA2-B6A4-78BE28769138}C:\program files (x86)\kbs kong v3\kong_v3.exe] => (Allow) C:\program files (x86)\kbs kong v3\kong_v3.exe
FirewallRules: [{454DD134-7A53-459D-82C7-3FCEC8F7B197}] => (Allow) C:\Program Files (x86)\DreamSecurity\MagicLine4NPIZ\MagicLineNPIZ.exe
FirewallRules: [{561889F4-DF2B-4881-A525-449C75B57057}] => (Allow) C:\Users\aa\AppData\Local\Temp\Koino\AnySupport\HOST_KR\KoinoHost.exe
FirewallRules: [{3F8D5376-B23C-4F93-B8D3-B2C4545BCC69}] => (Allow) C:\Users\aa\AppData\Local\Temp\Koino\AnySupport\HOST_KR\KoinoHost.exe
FirewallRules: [{5D960BD0-4EF9-42EA-BB92-95A8840C7918}] => (Allow) LPort=80
FirewallRules: [{7C069D45-F868-4B93-A56F-7848C119351E}] => (Allow) LPort=443
FirewallRules: [{5CA40B8C-B22D-4577-9CDC-C2B92B992828}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{8007AB47-5031-4628-8EF6-19AFD895C8D4}] => (Allow) C:\Program Files (x86)\naver\NaverCommon\NaverAdminAPISvc.exe
FirewallRules: [{524C72E7-1A9B-4375-A955-28B4CB87B70F}] => (Allow) C:\Program Files (x86)\naver\NaverCommon\NaverAdminAPISvc.exe
FirewallRules: [{10CF4C4B-AFC6-458D-9D11-742259A108F9}] => (Allow) C:\Program Files\naver\NaverCommon\NaverAdminAPISvc.exe
FirewallRules: [{55423AEA-09D7-43D1-BFC9-1DD7210315AE}] => (Allow) C:\Program Files\naver\NaverCommon\NaverAdminAPISvc.exe
FirewallRules: [{35C3AE4D-006F-4CA1-B5A6-EFB4BB661CD7}] => (Allow) C:\Program Files\AhnLab\Safe Transaction\StSess.exe
 
==================== Restore Points =========================
 
21-11-2017 17:32:11 Configured Microsoft Office Professional Plus 2007
22-11-2017 16:26:44 AGSWalletforVista 설치됨.
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (11/23/2017 01:31:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: 오류 있는 응용 프로그램 이름: IEXPLORE.EXE, 버전: 11.0.9600.17840, 타임스탬프: 0x555fe1bb
오류 있는 모듈 이름: KERNELBASE.dll, 버전: 6.1.7601.18015, 타임스탬프: 0x50b83c8a
예외 코드: 0x0eedfade
오류 오프셋: 0x0000c41f
오류 있는 프로세스 ID: 0x24ec
오류 있는 응용 프로그램 시작 시간: 0x01d36413fc202785
오류 있는 응용 프로그램 경로: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
오류 있는 모듈 경로: C:\Windows\syswow64\KERNELBASE.dll
보고서 ID: 3e6ce865-d007-11e7-9f2e-b8aeedfe08d2
 
Error: (11/23/2017 01:31:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: 오류 있는 응용 프로그램 이름: IEXPLORE.EXE, 버전: 11.0.9600.17840, 타임스탬프: 0x555fe1bb
오류 있는 모듈 이름: KERNELBASE.dll, 버전: 6.1.7601.18015, 타임스탬프: 0x50b83c8a
예외 코드: 0x0eedfade
오류 오프셋: 0x0000c41f
오류 있는 프로세스 ID: 0x2f9c
오류 있는 응용 프로그램 시작 시간: 0x01d36413f5162412
오류 있는 응용 프로그램 경로: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
오류 있는 모듈 경로: C:\Windows\syswow64\KERNELBASE.dll
보고서 ID: 38520362-d007-11e7-9f2e-b8aeedfe08d2
 
Error: (11/23/2017 01:31:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: 오류 있는 응용 프로그램 이름: IEXPLORE.EXE, 버전: 11.0.9600.17840, 타임스탬프: 0x555fe1bb
오류 있는 모듈 이름: KERNELBASE.dll, 버전: 6.1.7601.18015, 타임스탬프: 0x50b83c8a
예외 코드: 0x0eedfade
오류 오프셋: 0x0000c41f
오류 있는 프로세스 ID: 0x2f4c
오류 있는 응용 프로그램 시작 시간: 0x01d36413d8f5b784
오류 있는 응용 프로그램 경로: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
오류 있는 모듈 경로: C:\Windows\syswow64\KERNELBASE.dll
보고서 ID: 30b840f5-d007-11e7-9f2e-b8aeedfe08d2
 
Error: (11/23/2017 01:31:18 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: "C:\Windows\System32\systemcpl.dll"에 대한 활성화 컨텍스트를 생성하지 못했습니다.
종속 어셈블리 Microsoft.Windows.Common-Controls,language="*",processorArchitecture="*",publicKeyToken="436865772d574741",type="win32",version="6.0.0.0"을(를) 찾을 수 없습니다.
자세한 진단을 위해서는 sxstrace.exe를 사용하십시오.
 
Error: (11/23/2017 10:18:17 AM) (Source: MsiInstaller) (EventID: 1024) (User: NT AUTHORITY)
Description: 제품: Microsoft Office Professional Plus 2007 - '{8B689F89-5E1C-4DA9-B2B1-7B3843275596}' 업데이트를 설치하지 못했습니다. 오류 코드: 1642. Windows Installer에서는  소프트웨어 패키지의 설치 문제의 해결에 도움을 주는 로그 파일을 만들 수 있습니다. 로깅 지원을 사용하도록 설정하는 방법은 다음 링크를 참조해 주십시오. http://go.microsoft.com/fwlink/?LinkId=23127
 
Error: (11/23/2017 09:50:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: 오류 있는 응용 프로그램 이름: I3GProc.exe, 버전: 3.0.0.3, 타임스탬프: 0x587360c9
오류 있는 모듈 이름: unknown, 버전: 0.0.0.0, 타임스탬프: 0x00000000
예외 코드: 0xc0000005
오류 오프셋: 0x00800040
오류 있는 프로세스 ID: 0xcec
오류 있는 응용 프로그램 시작 시간: 0x01d363f504a0006e
오류 있는 응용 프로그램 경로: C:\Program Files (x86)\IPinside_LWS\I3GProc.exe
오류 있는 모듈 경로: unknown
보고서 ID: 5571bca3-cfe8-11e7-a94d-b8aeedfe08d2
 
Error: (11/23/2017 09:50:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: 오류 있는 응용 프로그램 이름: INISAFECrossWebEXSvc.exe, 버전: 3.0.0.7, 타임스탬프: 0x5923deb3
오류 있는 모듈 이름: unknown, 버전: 0.0.0.0, 타임스탬프: 0x00000000
예외 코드: 0xc0000005
오류 오프셋: 0x00440040
오류 있는 프로세스 ID: 0xa30
오류 있는 응용 프로그램 시작 시간: 0x01d363f503682c2a
오류 있는 응용 프로그램 경로: C:\Program Files (x86)\initech\INISAFE Web EX Client\INISAFECrossWebEXSvc.exe
오류 있는 모듈 경로: unknown
보고서 ID: 555c5040-cfe8-11e7-a94d-b8aeedfe08d2
 
Error: (11/22/2017 04:43:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: 오류 있는 응용 프로그램 이름: speeddownopen.exe, 버전: 2017.10.12.1, 타임스탬프: 0x59df2790
오류 있는 모듈 이름: ole32.dll, 버전: 6.1.7601.17514, 타임스탬프: 0x4ce7b96f
예외 코드: 0xc0000005
오류 오프셋: 0x0003bc24
오류 있는 프로세스 ID: 0xef0
오류 있는 응용 프로그램 시작 시간: 0x01d363291972c36d
오류 있는 응용 프로그램 경로: C:\Users\aa\AppData\Roaming\SpeedDown\speeddownopen.exe
오류 있는 모듈 경로: C:\Windows\syswow64\ole32.dll
보고서 ID: e6822f6e-cf58-11e7-b401-b8aeedfe08d2
 
Error: (11/22/2017 04:36:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: 오류 있는 응용 프로그램 이름: VPWalletLauncherC.exe, 버전: 2.1.0.6, 타임스탬프: 0x59f8ffb3
오류 있는 모듈 이름: KvpVcmd.dll, 버전: 5.0.3.0, 타임스탬프: 0x5a093871
예외 코드: 0xc0000005
오류 오프셋: 0x0006e1dd
오류 있는 프로세스 ID: 0x3680
오류 있는 응용 프로그램 시작 시간: 0x01d3636491cf8fed
오류 있는 응용 프로그램 경로: C:\Program Files (x86)\VP\VPWalletService\VPWalletLauncherC.exe
오류 있는 모듈 경로: C:\Users\aa\AppData\LocalLow\KVP\ISP\KvpVcmd.dll
보고서 ID: e1337d6f-cf57-11e7-b401-b8aeedfe08d2
 
Error: (11/22/2017 04:35:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: 오류 있는 응용 프로그램 이름: IEXPLORE.EXE, 버전: 11.0.9600.17840, 타임스탬프: 0x555fe1bb
오류 있는 모듈 이름: KERNELBASE.dll, 버전: 6.1.7601.18015, 타임스탬프: 0x50b83c8a
예외 코드: 0xc000041d
오류 오프셋: 0x0000c41f
오류 있는 프로세스 ID: 0x31d8
오류 있는 응용 프로그램 시작 시간: 0x01d363582f4b6eae
오류 있는 응용 프로그램 경로: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
오류 있는 모듈 경로: C:\Windows\syswow64\KERNELBASE.dll
보고서 ID: ad0136e7-cf57-11e7-b401-b8aeedfe08d2
 
 
System errors:
=============
Error: (11/23/2017 01:40:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: 다음 오류로 인해 TKTool 서비스를 시작하지 못했습니다. 
지정된 파일을 찾을 수 없습니다.
 
Error: (11/23/2017 01:39:23 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: 다음의 부팅-시작 또는 시스템-시작 드라이버를 로드하지 못했습니다. 
cdrom
 
Error: (11/23/2017 01:39:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: 다음 오류로 인해 Speeddownload Services 서비스를 시작하지 못했습니다. 
지정된 파일을 찾을 수 없습니다.
 
Error: (11/23/2017 01:39:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: 다음 오류로 인해 NATService 서비스를 시작하지 못했습니다. 
지정된 파일을 찾을 수 없습니다.
 
Error: (11/23/2017 01:38:37 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 컴퓨터가 오류 검사 후 다시 부팅되었습니다. 오류 검사: 0x0000003b (0x00000000c0000005, 0xfffff80003568341, 0xfffff880097ee870, 0x0000000000000000). 덤프 저장 위치: C:\Windows\MEMORY.DMP. 보고서 ID: 112317-17940-01
 
Error: (11/23/2017 01:38:27 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: ‎2017-‎11-‎23의 오후 1:37:18에서 이전에 예기치 않은 시스템 종료가 있었습니다.
 
Error: (11/23/2017 01:35:47 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: 다음 경고를 받았습니다. 70.
 
Error: (11/23/2017 01:35:46 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: 다음 경고를 받았습니다. 70.
 
Error: (11/23/2017 12:45:05 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: SPP Notification Service 서비스가 다음 오류 때문에 종료되었습니다. 
액세스가 거부되었습니다.
 
Error: (11/23/2017 11:45:05 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: SPP Notification Service 서비스가 다음 오류 때문에 종료되었습니다. 
액세스가 거부되었습니다.
 
 
CodeIntegrity:
===================================
  Date: 2017-11-23 13:38:28.658
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-11-23 13:27:40.295
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-11-23 13:17:38.732
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-11-23 13:07:37.522
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-11-23 12:57:36.413
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-11-23 12:47:34.934
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-11-23 12:37:33.825
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-11-23 12:27:32.757
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-11-23 12:17:31.592
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-11-23 12:07:30.545
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i3-4170 CPU @ 3.70GHz
Percentage of memory in use: 29%
Total physical RAM: 8060.04 MB
Available physical RAM: 5691.7 MB
Total Virtual: 16118.27 MB
Available Virtual: 13574.37 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:195.31 GB) (Free:88.56 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:270.45 GB) (Free:193.23 GB) NTFS
Drive z: () (Network) (Total:445.76 GB) (Free:274.19 GB) 
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 6626E465)
Partition 1: (Active) - (Size=195.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=270.4 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================


#5 samwiseOrgin

samwiseOrgin
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:03:44 PM

Posted 23 November 2017 - 12:23 AM

I am going to post a new topic with better worded format...  

Thank you



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:44 AM

Posted 24 November 2017 - 10:48 AM

You're welcome!

New topic
https://www.bleepingcomputer.com/forums/t/663572/computer-running-very-slow/#entry4386507

Closed this one.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users