Virus récalcitrant
Fermé
045Greg
Messages postés
32
Date d'inscription
jeudi 8 novembre 2007
Statut
Membre
Dernière intervention
3 février 2008
-
17 déc. 2007 à 18:50
045Greg Messages postés 32 Date d'inscription jeudi 8 novembre 2007 Statut Membre Dernière intervention 3 février 2008 - 17 déc. 2007 à 19:28
045Greg Messages postés 32 Date d'inscription jeudi 8 novembre 2007 Statut Membre Dernière intervention 3 février 2008 - 17 déc. 2007 à 19:28
A voir également:
- Virus récalcitrant
- Svchost.exe virus - Guide
- Youtu.be virus - Accueil - Guide virus
- Supprimer fichier récalcitrant - Guide
- Faux message virus ordinateur - Accueil - Arnaque
- Faux message virus iphone - Forum iPhone
1 réponse
045Greg
Messages postés
32
Date d'inscription
jeudi 8 novembre 2007
Statut
Membre
Dernière intervention
3 février 2008
3
17 déc. 2007 à 19:28
17 déc. 2007 à 19:28
Voici un log de hijack this (si il y a des écritures bizarres c'est normal : le pc en question est le pc de ma copine, un pc coréen) :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at ¿ÀÈÄ 7:21:07, on 2007-12-17
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\OO Software\CleverCache\ooccag.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\samsung\Samsung Network Manager\SNMWLANService.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\Program Files\Samsung\Samsung Command Center\PIC_UI.exe
C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
C:\Program Files\Samsung\AVStation premium\bin\AVStation agent.exe
C:\PROGRA~1\FASOOD~1\fclient.exe
C:\PROGRA~1\Samsung\SAMSUN~1\SAMSUN~1.EXE
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\SAMSUNG\MagicKBD\MagicKBD.exe
C:\Program Files\OO Software\CleverCache\ooccctrl.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\conime.exe
C:\PROGRA~1\FASOOD~1\fph.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\s\LOCALS~1\Temp\winime.exe
O2 - BHO: BrowserHook Class - {09F93072-DE5E-4b5a-B347-F80FD7CB7309} - C:\WINDOWS\system32\webmailHook20060113.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: wNavy Åø¹Ù - {8D4095C3-3314-40AA-A227-136FFD1195C9} - C:\Program Files\navy\navy.dll
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [SamsungPIC] C:\Program Files\Samsung\Samsung Command Center\PIC_UI.exe
O4 - HKLM\..\Run: [MagicKeyboard] C:\Program Files\SAMSUNG\MagicKBD\PreMKBD.exe
O4 - HKLM\..\Run: [BatteryManager] C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
O4 - HKLM\..\Run: [AVStation premium] "C:\Program Files\Samsung\AVStation premium\bin\AVStation agent.exe"
O4 - HKLM\..\Run: [zcl] "C:\PROGRA~1\FASOOD~1\fclient.exe"
O4 - HKLM\..\Run: [HncUpdate] C:\WINDOWS\system32\HncUpdate.exe /A
O4 - HKLM\..\Run: [navy] C:\Program Files\navy\navy.exe
O4 - HKLM\..\Run: [Inciter Inspector] C:\WINDOWS\InciterInstaller\ICAgent30.exe -reboot
O4 - HKLM\..\Run: [ooccctrl.exe] C:\Program Files\OO Software\CleverCache\ooccctrl.exe /tasktray
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [FPH Exe] "C:\PROGRA~1\FASOOD~1\fph.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NATEON] C:\Program Files\NATEON\BIN\NATEON.exe -as
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [ctfmon.exe] ctfmon.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [ctfmon.exe] ctfmon.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] ctfmon.exe (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Microsoft Excel·Î ³»º¸³»±â(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java ÄÜ¼Ö - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: wnavy - {7A485BBD-3558-4451-BDD9-A25513C078A2} - C:\Program Files\navy\navyal.exe (file missing)
O9 - Extra button: ¸®¼Ä¡ - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.allthegate.com
O15 - Trusted Zone: http://*.inicis.com
O15 - Trusted Zone: http://www.iros.go.kr
O15 - Trusted Zone: http://*.kcp.co.kr
O15 - Trusted Zone: http://*.telec.co.kr
O15 - Trusted Zone: http://*.vpay.co.kr
O15 - Trusted Zone: http://*.wedisk.co.kr
O15 - Trusted Zone: http://*.wedisk.net
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {00001024-A15C-11D4-97A4-0050BF0FBE67} (NetmarbleStarter24 Class) - http://download.netmarble.com/web/nmstarter/NMStarter24.cab
O16 - DPF: {1EC772E3-6882-4D42-812E-5882CCB60536} (Csession Object) - http://www.ebslang.co.kr/error.html
O16 - DPF: {2086592C-34CB-46BC-A042-715910AFBE81} (EBSSessionCheck.SessionCheck) - http://img.ebs.co.kr/ActiveX/Session/EBSSessionCheck.CAB
O16 - DPF: {2D394D05-A066-4678-BA38-E85882B09B2E} (Controller Class) - http://www.cosmotan.com/cabinet/myspeed.cab
O16 - DPF: {2E68BEE5-A640-11D2-AEA4-00AA006E5B34} (HnwActiv Control) - http://kmu.hhu.ac.kr/ezgen/hnwactive/hnwactiv_5_0_0_7.cab
O16 - DPF: {31FA72F5-BE46-4D6D-A10D-857C8D6F4BFA} (OrangeFileSearch Control) - http://www.orangefile.com/ActiveX/OrangeFileSearch.cab
O16 - DPF: {474AD63A-9B7E-40FE-8E4E-7067CC0F8D3D} (IB_OnAir.IBOnAir) - http://ionair.sbs.co.kr/onair/IB_OnAir.CAB
O16 - DPF: {5DAEF053-DEF0-4752-A963-CCE9B49B0B79} (Gogs Class) - http://bridge.item2.naver.com/music/cab/nbgm.cab
O16 - DPF: {6CE20149-ABE3-462E-A1B4-5B549971AA38} (XecureCKKB Class) - http://ck.softforum.co.kr/CKKeyPro/yescard/CKKeyPro.cab
O16 - DPF: {7513B187-5954-4C64-ABF4-E652FE899F24} (Wedisk Control) - http://www.wedisk.co.kr/app/WeDisk.cab
O16 - DPF: {8C99859C-05D9-4CA5-B7DB-BCE80E4185BC} (AGSWallet Control) - http://www.allthegate.com/plugin/AGSWallet.cab
O16 - DPF: {8ED577E0-25F4-4477-866B-3C572B7FB603} - http://viout.com/downloader/ViOutActive.cab
O16 - DPF: {92E82FBB-DA00-41E0-ABFE-95482E21A4F6} (NMTransX Module) - http://download.netmarble.com/NMChatX/NMTransX.cab
O16 - DPF: {938527D1-CDB7-4147-998A-B20FCA5CC976} (Cdmcco Class) - http://cafeimg.hanmail.net/activex/dmcc2.cab?Version=1,0,0,10
O16 - DPF: {93F83364-58E3-43C6-BE34-DE1252B26307} - http://sbill.em4s.com/sbill/cruzbill.cab
O16 - DPF: {970E1B88-8AC1-4E31-86D6-BFA769CEF7A6} (eGSignPlus For_EBS Class) - http://www.ebs.co.kr/sso/eGEBS.cab
O16 - DPF: {9CDD57AC-CA86-464C-B920-3228A388CC78} (NaverFileControl Control) - http://file.naver.com/down/NaverFile.cab
O16 - DPF: {9DA9609B-9237-40D3-A66D-24FE73CE3CD0} (IB_SiteSigning.IBSiteSigning) - http://img.sbs.co.kr/vobos/site/IB_SiteSigning.CAB
O16 - DPF: {A4D2A490-7F5F-464C-B8D7-99E52932C4D9} - http://124.2.41.10/ocx/XDocRegister.cab
O16 - DPF: {A671DC03-71D0-4CF0-895C-7D4A248FC1F1} (skcbgmset Class) - http://cyimg7.cyworld.nate.com/cymusic/package/skcbgmset.cab
O16 - DPF: {D31B8502-F679-44A2-8671-29D984AA4121} - http://124.2.41.10/ocx/ApvlXApvlLine.cab
O16 - DPF: {DC4207CE-C03E-4449-ACB1-032CA4137053} (Npz Control) - http://update.nprotect.net/nprotect2006/yescard/npz.cab
O21 - SSODL: ocwnklfdu - {86E5EBE9-7DF5-4D76-AE8B-BC43743A0EE1} - (no file)
O21 - SSODL: NewsCheck - {48D2B539-9C78-40A1-92EC-C1078858E0CD} - C:\WINDOWS\xuqfrgslv.dll
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: npkcsvc - INCA Internet Co., Ltd. - C:\WINDOWS\system32\npkcsvc.exe
O23 - Service: O&O CleverCache Agent (OOCleverCacheAgent) - O&O Software GmbH - C:\Program Files\OO Software\CleverCache\ooccag.exe
O23 - Service: Samsung Update Plus - Unknown owner - C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe
O23 - Service: SNM WLAN Service - Unknown owner - C:\Program Files\samsung\Samsung Network Manager\SNMWLANService.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at ¿ÀÈÄ 7:21:07, on 2007-12-17
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\OO Software\CleverCache\ooccag.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\samsung\Samsung Network Manager\SNMWLANService.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\Program Files\Samsung\Samsung Command Center\PIC_UI.exe
C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
C:\Program Files\Samsung\AVStation premium\bin\AVStation agent.exe
C:\PROGRA~1\FASOOD~1\fclient.exe
C:\PROGRA~1\Samsung\SAMSUN~1\SAMSUN~1.EXE
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\SAMSUNG\MagicKBD\MagicKBD.exe
C:\Program Files\OO Software\CleverCache\ooccctrl.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\conime.exe
C:\PROGRA~1\FASOOD~1\fph.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\s\LOCALS~1\Temp\winime.exe
O2 - BHO: BrowserHook Class - {09F93072-DE5E-4b5a-B347-F80FD7CB7309} - C:\WINDOWS\system32\webmailHook20060113.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: wNavy Åø¹Ù - {8D4095C3-3314-40AA-A227-136FFD1195C9} - C:\Program Files\navy\navy.dll
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [SamsungPIC] C:\Program Files\Samsung\Samsung Command Center\PIC_UI.exe
O4 - HKLM\..\Run: [MagicKeyboard] C:\Program Files\SAMSUNG\MagicKBD\PreMKBD.exe
O4 - HKLM\..\Run: [BatteryManager] C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
O4 - HKLM\..\Run: [AVStation premium] "C:\Program Files\Samsung\AVStation premium\bin\AVStation agent.exe"
O4 - HKLM\..\Run: [zcl] "C:\PROGRA~1\FASOOD~1\fclient.exe"
O4 - HKLM\..\Run: [HncUpdate] C:\WINDOWS\system32\HncUpdate.exe /A
O4 - HKLM\..\Run: [navy] C:\Program Files\navy\navy.exe
O4 - HKLM\..\Run: [Inciter Inspector] C:\WINDOWS\InciterInstaller\ICAgent30.exe -reboot
O4 - HKLM\..\Run: [ooccctrl.exe] C:\Program Files\OO Software\CleverCache\ooccctrl.exe /tasktray
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [FPH Exe] "C:\PROGRA~1\FASOOD~1\fph.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NATEON] C:\Program Files\NATEON\BIN\NATEON.exe -as
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [ctfmon.exe] ctfmon.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [ctfmon.exe] ctfmon.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] ctfmon.exe (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Microsoft Excel·Î ³»º¸³»±â(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java ÄÜ¼Ö - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: wnavy - {7A485BBD-3558-4451-BDD9-A25513C078A2} - C:\Program Files\navy\navyal.exe (file missing)
O9 - Extra button: ¸®¼Ä¡ - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.allthegate.com
O15 - Trusted Zone: http://*.inicis.com
O15 - Trusted Zone: http://www.iros.go.kr
O15 - Trusted Zone: http://*.kcp.co.kr
O15 - Trusted Zone: http://*.telec.co.kr
O15 - Trusted Zone: http://*.vpay.co.kr
O15 - Trusted Zone: http://*.wedisk.co.kr
O15 - Trusted Zone: http://*.wedisk.net
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {00001024-A15C-11D4-97A4-0050BF0FBE67} (NetmarbleStarter24 Class) - http://download.netmarble.com/web/nmstarter/NMStarter24.cab
O16 - DPF: {1EC772E3-6882-4D42-812E-5882CCB60536} (Csession Object) - http://www.ebslang.co.kr/error.html
O16 - DPF: {2086592C-34CB-46BC-A042-715910AFBE81} (EBSSessionCheck.SessionCheck) - http://img.ebs.co.kr/ActiveX/Session/EBSSessionCheck.CAB
O16 - DPF: {2D394D05-A066-4678-BA38-E85882B09B2E} (Controller Class) - http://www.cosmotan.com/cabinet/myspeed.cab
O16 - DPF: {2E68BEE5-A640-11D2-AEA4-00AA006E5B34} (HnwActiv Control) - http://kmu.hhu.ac.kr/ezgen/hnwactive/hnwactiv_5_0_0_7.cab
O16 - DPF: {31FA72F5-BE46-4D6D-A10D-857C8D6F4BFA} (OrangeFileSearch Control) - http://www.orangefile.com/ActiveX/OrangeFileSearch.cab
O16 - DPF: {474AD63A-9B7E-40FE-8E4E-7067CC0F8D3D} (IB_OnAir.IBOnAir) - http://ionair.sbs.co.kr/onair/IB_OnAir.CAB
O16 - DPF: {5DAEF053-DEF0-4752-A963-CCE9B49B0B79} (Gogs Class) - http://bridge.item2.naver.com/music/cab/nbgm.cab
O16 - DPF: {6CE20149-ABE3-462E-A1B4-5B549971AA38} (XecureCKKB Class) - http://ck.softforum.co.kr/CKKeyPro/yescard/CKKeyPro.cab
O16 - DPF: {7513B187-5954-4C64-ABF4-E652FE899F24} (Wedisk Control) - http://www.wedisk.co.kr/app/WeDisk.cab
O16 - DPF: {8C99859C-05D9-4CA5-B7DB-BCE80E4185BC} (AGSWallet Control) - http://www.allthegate.com/plugin/AGSWallet.cab
O16 - DPF: {8ED577E0-25F4-4477-866B-3C572B7FB603} - http://viout.com/downloader/ViOutActive.cab
O16 - DPF: {92E82FBB-DA00-41E0-ABFE-95482E21A4F6} (NMTransX Module) - http://download.netmarble.com/NMChatX/NMTransX.cab
O16 - DPF: {938527D1-CDB7-4147-998A-B20FCA5CC976} (Cdmcco Class) - http://cafeimg.hanmail.net/activex/dmcc2.cab?Version=1,0,0,10
O16 - DPF: {93F83364-58E3-43C6-BE34-DE1252B26307} - http://sbill.em4s.com/sbill/cruzbill.cab
O16 - DPF: {970E1B88-8AC1-4E31-86D6-BFA769CEF7A6} (eGSignPlus For_EBS Class) - http://www.ebs.co.kr/sso/eGEBS.cab
O16 - DPF: {9CDD57AC-CA86-464C-B920-3228A388CC78} (NaverFileControl Control) - http://file.naver.com/down/NaverFile.cab
O16 - DPF: {9DA9609B-9237-40D3-A66D-24FE73CE3CD0} (IB_SiteSigning.IBSiteSigning) - http://img.sbs.co.kr/vobos/site/IB_SiteSigning.CAB
O16 - DPF: {A4D2A490-7F5F-464C-B8D7-99E52932C4D9} - http://124.2.41.10/ocx/XDocRegister.cab
O16 - DPF: {A671DC03-71D0-4CF0-895C-7D4A248FC1F1} (skcbgmset Class) - http://cyimg7.cyworld.nate.com/cymusic/package/skcbgmset.cab
O16 - DPF: {D31B8502-F679-44A2-8671-29D984AA4121} - http://124.2.41.10/ocx/ApvlXApvlLine.cab
O16 - DPF: {DC4207CE-C03E-4449-ACB1-032CA4137053} (Npz Control) - http://update.nprotect.net/nprotect2006/yescard/npz.cab
O21 - SSODL: ocwnklfdu - {86E5EBE9-7DF5-4D76-AE8B-BC43743A0EE1} - (no file)
O21 - SSODL: NewsCheck - {48D2B539-9C78-40A1-92EC-C1078858E0CD} - C:\WINDOWS\xuqfrgslv.dll
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: npkcsvc - INCA Internet Co., Ltd. - C:\WINDOWS\system32\npkcsvc.exe
O23 - Service: O&O CleverCache Agent (OOCleverCacheAgent) - O&O Software GmbH - C:\Program Files\OO Software\CleverCache\ooccag.exe
O23 - Service: Samsung Update Plus - Unknown owner - C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe
O23 - Service: SNM WLAN Service - Unknown owner - C:\Program Files\samsung\Samsung Network Manager\SNMWLANService.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe