Inactive Computer freezes occasionally about every 10 minutes for 2 minutes

Status
Not open for further replies.
C

Chuanny

Hi. I have a computer which uses Norton 360 for its anti-virus software. Recently about 3 weeks, the computer has been freezing for about 2 minutes, every 10 minutes or so. I have followed the 8-step removal instructions but the problem continues. I have posted the relevant information that is required. Thankyou.



UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-12-12.02)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 13/02/2006 5:38:22 PM
System Uptime: 9/01/2011 10:29:34 PM (0 hours ago)

Motherboard: Dell Inc. | | 0JC474
Processor: Intel(R) Pentium(R) 4 CPU 2.80GHz | Microprocessor | 2793/800mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 74 GiB total, 6.222 GiB free.
D: is CDROM ()
E: is FIXED (FAT32) - 75 GiB total, 7.261 GiB free.
F: is CDROM (CDFS)

==== Disabled Device Manager Items =============

Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Description: Nokia E65
Device ID: ROOT\WPD\0000
Manufacturer: Nokia
Name: Nokia E65
PNP Device ID: ROOT\WPD\0000
Service: WUDFRd

==== System Restore Points ===================

RP131: 9/01/2011 7:28:03 AM - System Checkpoint

==== Installed Programs ======================

³×ÀÌÆ® ÁÖ¼Òâ °Ë»ö
³×ÀÌÆ®¿Â °£´Ü ¸ÞÀÏ ÀúÀå
µTorrent
°õÇ÷¹À̾î
AC3_looker
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.0
Adobe Shockwave Player 11.5
AOL Australia
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Audacity 1.2.6
Bonjour
Canon Camera Access Library
Canon Camera Support Core Library
Canon G.726 WMP-Decoder
Canon MovieEdit Task for ZoomBrowser EX
Canon MP Navigator EX 1.0
Canon MP210 series
Canon My Printer
Canon RAW Image Task for ZoomBrowser EX
Canon Utilities CameraWindow
Canon Utilities CameraWindow DC
Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
Canon Utilities Easy-PhotoPrint
Canon Utilities Easy-PhotoPrint EX
Canon Utilities EOS Utility
Canon Utilities MyCamera
Canon Utilities MyCamera DC
Canon Utilities PhotoStitch
Canon Utilities RemoteCapture DC
Canon Utilities RemoteCapture Task for ZoomBrowser EX
Canon Utilities Solution Menu
Canon Utilities ZoomBrowser EX
Canon ZoomBrowser EX Memory Card Utility
CDDRV_Installer
CDSpace
Convert AVI to MP4 1.3
Critical Update for Windows Media Player 11 (KB959772)
dBpowerAMP WMA V9.1 Codec
Dell Media Experience
Dell Support Center (Support Software)
DellSupport
DivX Setup
Drag-to-Disc
Easy-WebPrint
Free Download Manager 3.0
GOM Audio
GOM Player
Google Earth
Google Earth Plug-in
Google Update Helper
Graboid Video 2.01
Graph 4.3
GraphCalc v4.0.1
High Definition Audio Driver Package - KB835221
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
install-us 2010
Intel(R) Graphics Media Accelerator Driver
Intel(R) PRO Network Connections Drivers
Intel(R) PROSet for Wired Connections
iTunes
Java Auto Updater
Java(TM) 6 Update 2
Java(TM) 6 Update 23
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) 6 Update 7
Junk Mail filter update
KhalInstallWrapper
Knight Online
Korean Fonts Support For Adobe Reader 8
Korean Language Support
League of Legends
LG PC Suite
LimeWire 5.5.13
Logitech SetPoint
Logitech Updater
Malwarebytes' Anti-Malware
MapleStory
MathGV 4
MCU
Messenger Plus! Live
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft .NET Framework 3.0
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft DirectX SDK (June 2010)
Microsoft Games for Windows - LIVE
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Search Enhancement Pack
Microsoft Software Update for Web Folders (English) 12
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft User-Mode Driver Framework Feature Pack 1.5
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Mozilla Firefox (3.6.13)
MSN
MSVCRT
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6.0 Parser (KB925673)
MSXML4 Parser
Music Frost Toolbar
MusicFrost 2.7
My Way Search Assistant
MySidesearch Search Assistant Bfinding
NBA 2K10
Nero 7 Ultra Edition
Nokia Connectivity Cable Driver
Norton 360
OGA Notifier 1.7.0105.35.0
OpenMG Limited Patch 4.7-07-14-05-01
OpenMG Secure Module 4.7.00
Otto
Pando Media Booster
PC Connectivity Solution
PDF Manual NW-A800 Series
PhotoPad Image Editor
QuickTime
RealPlayer
RealUpgrade 1.0
SAMSUNG Mobile Composite Device Software
Samsung Mobile Modem Device Software
SAMSUNG Mobile Modem Driver Set
SAMSUNG Mobile Modem V2 Software
Samsung Mobile phone USB driver Software
SAMSUNG Mobile USB Download Driver Software
SAMSUNG Mobile USB Driver
SAMSUNG Mobile USB Modem 1.0 Software
Samsung Mobile USB Modem Device Software
SAMSUNG Mobile USB Modem Software
Samsung New PC Studio
SAMSUNG SYMBIAN USB Download Driver
SAMSUNG USB Mobile Device Software
SamsungConnectivityCableDriver
ScanSoft OmniPage SE 4
Security Task Manager 1.7h
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office Outlook 2007 (KB2288953)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Windows Internet Explorer 7 (KB2183461)
Security Update for Windows Internet Explorer 7 (KB2360131)
Security Update for Windows Internet Explorer 7 (KB2416400)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Segoe UI
Smart Menus (Windows Live Toolbar)
Sonic Encoders
Sony Video Shared Library
Standard Edition
Steam
SUPER © Version 2010.bld.42 (Nov 7, 2010)
System Requirements Lab
Tabbed Browsing (Windows Live Toolbar)
TomTom HOME 2.7.3.1894
TomTom HOME Visual Studio Merge Modules
Uniblue RegistryBooster
Update for 2007 Microsoft Office System (KB967642)
Update for Outlook 2007 Junk Email Filter (KB2466076)
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows Internet Explorer 7 (KB980182)
Update for Windows Media Player 10 (KB910393)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Rollup 2 for Windows XP Media Center Edition 2005
VC80CRTRedist - 8.0.50727.4053
Video Downloader
VLC media player 1.0.1
WebFldrs XP
Windows Communication Foundation
Windows Driver Package - MobileTop (sshpmdm) Modem (01/26/2008 2.6.0.0)
Windows Driver Package - Nokia Modem (02/15/2007 3.1)
Windows Driver Package - Nokia pccsmcfd (10/12/2007 6.85.4.0)
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Live Sign-in Assistant
Windows Live Toolbar
Windows Live Toolbar Extension (Windows Live Toolbar)
Windows Live Toolbar Feed Detector (Windows Live Toolbar)
Windows Live Upload Tool
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player Firefox Plugin
Windows Presentation Foundation
Windows Workflow Foundation
Windows XP Media Center Edition 2005 KB908246
Windows XP Media Center Edition 2005 KB925766
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3
WinPcap 3.1
WinRAR archiver
XML Paper Specification Shared Components Pack 1.0

==== Event Viewer Messages From Past Week ========

9/01/2011 10:26:35 PM, error: Service Control Manager [7034] - The TomTomHOMEService service terminated unexpectedly. It has done this 1 time(s).
9/01/2011 10:26:35 PM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
9/01/2011 10:26:35 PM, error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s).
9/01/2011 10:26:35 PM, error: Service Control Manager [7034] - The Canon Camera Access Library 8 service terminated unexpectedly. It has done this 1 time(s).
9/01/2011 10:26:35 PM, error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
9/01/2011 10:26:35 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/01/2011 9:32:24 AM, error: Dhcp [1002] - The IP address lease 10.1.1.2 for the Network Card with network address 001320C1F94E has been denied by the DHCP server 10.1.1.1 (The DHCP Server sent a DHCPNACK message).
6/01/2011 11:19:42 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
5/01/2011 2:31:11 PM, error: Service Control Manager [7000] - The procguard service failed to start due to the following error: The system cannot find the file specified.
5/01/2011 2:30:55 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000243' while processing the file 'SrtETmp' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.
4/01/2011 5:52:06 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)

==== End Of File ===========================


DDS (Ver_10-12-12.02) - NTFSx86
Run by Chuan-Chun at 22:53:46.75 on Sun 09/01/2011
Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_23
Microsoft Windows XP Professional 5.1.2600.3.1252.61.1033.18.2038.1238 [GMT 11:00]

AV: Norton 360 *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton 360 *Enabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\Pando Networks\Media Booster\PMB.exe
C:\Program Files\MusicFrost\MusicFrost.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\FREEDO~1\fdm.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Norton 360\Engine\3.8.0.41\ccSvcHst.exe
C:\Program Files\Norton 360\Engine\3.8.0.41\ccSvcHst.exe
C:\Documents and Settings\Chuan-Chun\Desktop\dds.scr

============== Pseudo HJT Report ===============

uSearch Bar = hxxp://dellsearchedit.myway.com/samisc/dellsidebar.jhtml?p=DA
uStart Page = hxxp://google.com/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
uURLSearchHooks: CSearchBHO Class: {25a6edbf-c0fd-4ff7-b6a7-c6edea3b0b55} - c:\program files\musicfrost\music frost toolbar\SearchBHO.dll
BHO: {0141AD86-750D-4E9D-84C8-E71941CE4D9A} - No File
BHO: {016E8B25-169A-4BE9-8FE0-F573BE0E562C} - No File
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: CSearchBHO Class: {25a6edbf-c0fd-4ff7-b6a7-c6edea3b0b55} - c:\program files\musicfrost\music frost toolbar\SearchBHO.dll
BHO: {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - No File
BHO: ShowBarObj Class: {2863e737-dd3f-4280-9af8-e9e79c16f312} - c:\program files\musicfrost\music frost toolbar\MinBHO.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\npdivx32.dll
BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - c:\program files\divx\divx plus web player\npdivx32.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton 360\engine\3.8.0.41\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton 360\engine\3.8.0.41\IPSBHO.DLL
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: {8E61BBF6-6E3C-4E06-B816-42AC5F951335} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: {C872E221-2E6B-428D-93A0-D06CB488DF33} - No File
BHO: FDMIECookiesBHO Class: {cc59e0f9-7e43-44fa-9faa-8377850bf205} - c:\program files\free download manager\iefdm2.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: {36d3149b-9e68-2d2a-15b4-43fb32893b9e}: {e9b39823-bf34-4b51-a2d2-86e9b9413d63} -
BHO: Nate Search Class: {ffde727f-3330-45eb-b9f9-c1668e6e08b2} - c:\program files\nate\addresssearch\sch.dll
TB: Easy-WebPrint: {327c2873-e90d-4c37-aa9d-10ac9baba46c} - c:\program files\canon\easy-webprint\Toolband.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton 360\engine\3.8.0.41\coIEPlg.dll
TB: MF Google Search: {f2b3e4c7-a7cf-4c62-aed7-adc5ed52016d} - c:\program files\musicfrost\music frost toolbar\SaveTubeVideo.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
TB: {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Steam] "c:\program files\steam\Steam.exe" -silent
uRun: [TomTomHOME.exe] "c:\program files\tomtom home 2\TomTomHOMERunner.exe"
uRun: [UniblueRegistryBooster] "c:\program files\uniblue\registrybooster\launcher.exe" delay 20000
uRun: [Pando Media Booster] c:\program files\pando networks\media booster\PMB.exe
uRunOnce: [Shockwave Updater] c:\windows\system32\adobe\shockw~1\SWHELP~1.EXE -Update -1103472 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; .NET CLR 1.0.3705; .NET CLR 1.1.4322; Media Center PC 4.0; SeekmoToolbar 4.8.4; .NET CLR 3.0.04506.30; .NET CLR 2.0.50727)" -"http://www.freearcade.com/WedgeWars.shock/WedgeWars.html"
mRun: [dellsupportcenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P dellsupportcenter
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [DivX Download Manager] "c:\program files\divx\divx plus web player\DDmService.exe" start
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\chuan-~1\startm~1\programs\startup\limewi~1.lnk - c:\program files\limewire\LimeWire.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\musicf~1.lnk - c:\program files\musicfrost\MusicFrost.exe
IE: &Search - http://edits.mywebsearch.com/toolba...000&si=&a=QZjrWUVCdWsLf0eiLNQHEg&n=2010103100
IE: Download all with Free Download Manager - file://c:\program files\free download manager\dlall.htm
IE: Download selected with Free Download Manager - file://c:\program files\free download manager\dlselected.htm
IE: Download video with Free Download Manager - file://c:\program files\free download manager\dlfvideo.htm
IE: Download with Free Download Manager - file://c:\program files\free download manager\dllink.htm
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
Trusted Zone: kuaiche.com\software
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} -
DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file:///C:/Program%20Files/Plants%20vs.%20Zombies/Images/stg_drm.ocx
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} - hxxp://www.systemrequirementslab.com/srl_bin/sysreqlab_srl.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {1F9079B1-CB38-4DC0-9DAD-080BD2255698} - hxxp://wvw.kongdisk.com/activex/KongdiskControl.CAB
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {48ECCD73-123C-4C25-A64C-76E8E8A30CAF} - hxxp://mpi.dacom.net/XPayMPI/XPayMPI.cab
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8942.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1234096613953
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1234096598156
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {99CAAA27-FA0C-4FA4-B88A-4AB1CC7A17FE} - hxxp://www.netgame.com/mplugin/mglaunch_USAv1004.cab
DPF: {9F84D013-66B3-4AB7-946B-11A920A55F06} - hxxp://www.melon.com/cab/sktload.cab
DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} - hxxp://crucial.com/controls/cpcScanner.cab
DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} - hxxp://dist.globalgamecdn.com/dist/neffy/NeffyLauncher.cab
DPF: {C0B2F53E-5E61-4856-B314-FE9AE262A796} - hxxp://www.melon.com/cab/P3MelWebInstall.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files/Plants%20vs.%20Zombies/Images/armhelper.ocx
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://www.popcap.com/webgames/popcaploader_v10.cab
DPF: {DFBBCB52-4D9F-4D0E-BF4A-A51223FC2541} - hxxp://patch.mnet.com/Ver2/App/totalApp/mnethelper/MnetHelper2_20090923.cab
DPF: {E0F0958B-C5EB-49E3-8567-E018D2407F35} - hxxp://patch.kongdisk.com/install/kongdisk.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E78928A6-3D2A-4BF7-A100-F3FBAA351B49} - hxxps://www.vpay.co.kr/kvpfiles/KVPISPCTLD.cab
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - c:\program files\norton 360\engine\3.8.0.41\CoIEPlg.dll
Notify: awtsTMGX - awtsTMGX.dll
Notify: igfxcui - igfxdev.dll
Notify: LBTWlgn - c:\program files\common files\logitech\bluetooth\LBTWlgn.dll
AppInit_DLLs: c:\windows\system32\__c0068B44.dat
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: {73259091-9574-4ED8-A40F-7F65AFC28634} - No File
SEH: ShellHook Class: {88485281-8b4b-4f8d-9ede-82e29a064277} - c:\progra~1\markany\conten~1\MACSMA~1.DLL
LSA: Authentication Packages = msv1_0 c:\windows\system32\fccyvUkL
LSA: Notification Packages = :\windows\syste

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\chuan-~1\applic~1\mozilla\firefox\profiles\613cn2um.default\
FF - prefs.js: browser.search.selectedEngine - MFGSearch.NET
FF - prefs.js: browser.startup.homepage - google.com
FF - prefs.js: keyword.URL - hxxp://search.musicfrost.com/results.php?q=
FF - component: c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\coffplgn\components\coFFPlgn.dll
FF - component: c:\program files\free download manager\firefox\extension\components\vmsfdmff.dll
FF - component: c:\program files\musicfrost\music frost toolbar\ff\components\swslib.dll
FF - plugin: c:\documents and settings\all users\application data\nexonus\ngm\npNxGameUS.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npPandoWebInst.dll
FF - plugin: c:\program files\quicktime\plugins\npqtplugin8.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: Norton Toolbar: {7BA52691-1876-45ce-9EE6-54BCB3B04BBC} - c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\coFFPlgn
FF - Ext: FlashGot: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34} - %profile%\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
FF - Ext: DownThemAll!: {DDC359D1-844A-42a7-9AA1-88A850A938A8} - %profile%\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
FF - Ext: MF Custom Search: MFToolbar@skywebsearch.com - c:\program files\musicfrost\music frost toolbar\FF

============= SERVICES / DRIVERS ===============

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0308000.029\SymEFA.sys [2010-2-21 310320]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\n360\0308000.029\BHDrvx86.sys [2010-2-21 259632]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\n360\0308000.029\cchpx86.sys [2010-2-21 482432]
R1 cdspacex;CDSPACEX;c:\windows\system32\drivers\CDSPACEX.sys [2009-7-13 53248]
R1 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\ipsdefs\20110107.002\IDSXpx86.sys [2011-1-8 341944]
R1 XSpaceWg;XSpaceWg;c:\windows\system32\drivers\xspacewg.sys [2009-7-13 3798]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2009-11-13 92008]
R3 N360;Norton 360;c:\program files\norton 360\engine\3.8.0.41\ccSvcHst.exe [2010-2-21 117640]
R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20110107.021\NAVENG.SYS [2011-1-8 86008]
R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20110107.021\NAVEX15.SYS [2011-1-8 1360760]
R4 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2011-1-9 38224]
S0 N10;iriver Internet Audio Player N10;c:\windows\system32\drivers\n10.sys --> c:\windows\system32\drivers\N10.sys [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-7-21 133104]
S2 procguard;procguard;\??\c:\windows\system32\drivers\procguard.sys --> c:\windows\system32\drivers\procguard.sys [?]
S3 AhnRptTfFRegFNT;AhnRptTfFRegFNT;\??\c:\docume~1\chuan-~1\locals~1\temp\nso502.tmp\tffregnt.sys --> c:\docume~1\chuan-~1\locals~1\temp\nso502.tmp\TfFRegNt.sys [?]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2009-9-26 36608]
S3 geebers12;geebers12;\??\c:\program files\maple-fun\vicious\nvid888.sys --> c:\program files\maple-fun\vicious\nvid888.sys [?]
S3 k600bus;Sony Ericsson 600i driver (WDM);c:\windows\system32\drivers\k600bus.sys [2005-5-11 52384]
S3 k600mdfl;Sony Ericsson 600i USB WMC Modem Filter;c:\windows\system32\drivers\k600mdfl.sys [2005-5-11 6096]
S3 k600mdm;Sony Ericsson 600i USB WMC Modem Drivers;c:\windows\system32\drivers\k600mdm.sys [2005-5-11 87456]
S3 k600mgmt;Sony Ericsson 600i USB WMC Device Management Drivers;c:\windows\system32\drivers\k600mgmt.sys [2005-5-11 79248]
S3 k600obex;Sony Ericsson 600i USB WMC OBEX Interface Drivers;c:\windows\system32\drivers\k600obex.sys [2005-5-11 77072]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2005-8-3 32512]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 ShadowDefence;Shadow Defence;\??\c:\docume~1\chuan-~1\locals~1\temp\sdef.sys --> c:\docume~1\chuan-~1\locals~1\temp\SDef.sys [?]
S3 TwoRabts;Two Rabbits Live Bus;c:\windows\system32\drivers\tworabts.sys --> c:\windows\system32\drivers\TwoRabts.sys [?]
S3 XDva136;XDva136;\??\c:\windows\system32\xdva136.sys --> c:\windows\system32\XDva136.sys [?]
S3 XDva219;XDva219;\??\c:\windows\system32\xdva219.sys --> c:\windows\system32\XDva219.sys [?]
S3 XDva224;XDva224;\??\c:\windows\system32\xdva224.sys --> c:\windows\system32\XDva224.sys [?]
S3 XDva248;XDva248;\??\c:\windows\system32\xdva248.sys --> c:\windows\system32\XDva248.sys [?]
S3 XDva273;XDva273;\??\c:\windows\system32\xdva273.sys --> c:\windows\system32\XDva273.sys [?]
S3 XDva279;XDva279;\??\c:\windows\system32\xdva279.sys --> c:\windows\system32\XDva279.sys [?]
S4 DCSPGSRV;DiamondCS ProcessGuard Service v3.410;"c:\program files\processguard\dcsuserprot.exe" --> c:\program files\processguard\dcsuserprot.exe [?]
S4 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2009-9-26 237984]

=============== Created Last 30 ================

2011-01-09 11:50:48 -------- d-----w- c:\docume~1\chuan-~1\applic~1\Malwarebytes
2011-01-09 11:50:41 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-09 11:50:40 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2011-01-09 11:50:37 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-09 11:50:36 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-01-08 07:17:48 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-01-08 07:17:48 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-01-08 07:17:48 472808 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll
2011-01-07 11:19:18 719872 ----a-w- c:\windows\system32\devil.dll
2011-01-07 11:19:16 369152 ----a-w- c:\windows\system32\avisynth.dll
2011-01-07 11:19:13 70656 ----a-w- c:\windows\system32\yv12vfw.dll
2011-01-07 11:19:13 27648 ----a-w- c:\windows\system32\AVSredirect.dll
2011-01-07 11:19:12 70656 ----a-w- c:\windows\system32\i420vfw.dll
2011-01-07 11:19:11 -------- d-----w- c:\program files\AviSynth 2.5
2011-01-07 09:48:46 -------- d-----w- c:\docume~1\chuan-~1\applic~1\ImTOO Software Studio
2011-01-07 09:44:53 -------- d-----w- c:\program files\Convert AVI to MP4
2011-01-07 09:37:42 -------- d-----w- c:\program files\uTorrent
2011-01-07 09:37:19 -------- d-----w- c:\docume~1\chuan-~1\applic~1\uTorrent
2011-01-07 07:01:39 -------- d-----w- c:\docume~1\chuan-~1\locals~1\applic~1\Graboid_Inc
2011-01-07 07:01:34 -------- d-----w- c:\docume~1\chuan-~1\locals~1\applic~1\Graboid
2011-01-07 07:00:00 -------- d-----w- c:\docume~1\chuan-~1\locals~1\applic~1\Geckofx
2011-01-07 06:51:31 -------- d-----w- c:\program files\Graboid
2011-01-07 06:49:36 -------- d-----w- c:\docume~1\chuan-~1\applic~1\Local
2011-01-07 06:48:13 126448 ------w- c:\windows\system32\pxinsi64.exe
2011-01-07 06:48:13 123888 ------w- c:\windows\system32\pxcpyi64.exe
2011-01-07 06:44:19 -------- d-----w- c:\program files\DivX
2011-01-07 06:42:57 -------- d-----w- c:\docume~1\alluse~1\applic~1\DivX
2011-01-07 00:31:42 -------- d-----w- c:\program files\iPod
2011-01-07 00:31:35 -------- d-----w- c:\program files\iTunes
2011-01-07 00:30:45 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2011-01-07 00:30:45 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
2011-01-07 00:30:14 -------- d-----w- c:\program files\Bonjour
2010-12-31 10:10:10 -------- d-----w- c:\docume~1\chuan-~1\locals~1\applic~1\AutoTyperMurGee
2010-12-18 23:48:54 40960 ------w- c:\windows\system32\dllcache\ndproxy.sys
2010-12-18 23:47:00 45568 ------w- c:\windows\system32\dllcache\wab.exe

==================== Find3M ====================

2010-11-29 06:38:30 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-11-29 06:38:30 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-11-18 18:12:44 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-12 00:44:54 94208 ----a-w- c:\windows\system32\dpl100.dll
2010-11-08 22:57:04 353592 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl
2010-11-06 00:34:04 841216 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:34:04 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-06 00:34:03 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-11-06 00:34:03 17408 ----a-w- c:\windows\system32\corpol.dll
2010-11-03 12:00:49 389120 ----a-w- c:\windows\system32\html.iec
2010-10-28 13:13:22 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:25:00 1853312 ----a-w- c:\windows\system32\win32k.sys
2006-05-03 10:06:54 163328 --sh--r- c:\windows\system32\flvDX.dll
2007-02-21 11:47:16 31232 --sh--r- c:\windows\system32\msfDX.dll
2008-03-16 13:30:52 216064 --sh--r- c:\windows\system32\nbDX.dll

============= FINISH: 22:59:23.07 ===============
 
Welcome aboard
yahooo.gif


Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.

Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running tools or applying updates other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
 
Forgot to add the gmer.log
Is there anything else needed? I completed all the necessary steps.




GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2011-01-10 08:10:53
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-e HDS728080PLA380 rev.PF2OA63A
Running: my776dc1.exe; Driver: C:\DOCUME~1\CHUAN-~1\LOCALS~1\Temp\pgtdapog.sys


---- System - GMER 1.0.15 ----

SSDT 8A8BC290 ZwAlertResumeThread
SSDT 8AD62218 ZwAlertThread
SSDT 8AC62960 ZwAllocateVirtualMemory
SSDT 8AC1F278 ZwAssignProcessToJobObject
SSDT 8ACD24D0 ZwConnectPort
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwCreateKey [0xA7D4F130]
SSDT 8ACCB2C8 ZwCreateMutant
SSDT 8A8B2200 ZwCreateSymbolicLinkObject
SSDT 8A8C1CF8 ZwCreateThread
SSDT 8A918410 ZwDebugActiveProcess
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwDeleteKey [0xA7D4F3B0]
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwDeleteValueKey [0xA7D4F910]
SSDT 8AC94820 ZwDuplicateObject
SSDT 8ADE6810 ZwFreeVirtualMemory
SSDT 8AC4C258 ZwImpersonateAnonymousToken
SSDT 8AC4C318 ZwImpersonateThread
SSDT 8A8EF6E0 ZwLoadDriver
SSDT 8ACC59B0 ZwMapViewOfSection
SSDT 8A8B4318 ZwOpenEvent
SSDT 8A8D69C0 ZwOpenProcess
SSDT 8AB76D58 ZwOpenProcessToken
SSDT 8A8C12D8 ZwOpenSection
SSDT 8A916430 ZwOpenThread
SSDT 8A8B22D0 ZwProtectVirtualMemory
SSDT 8AD4FCD0 ZwResumeThread
SSDT 8A8B2490 ZwSetContextThread
SSDT 8AC70768 ZwSetInformationProcess
SSDT 8A9184F0 ZwSetSystemInformation
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwSetValueKey [0xA7D4FB60]
SSDT 8A8B4258 ZwSuspendProcess
SSDT 8AD622D8 ZwSuspendThread
SSDT 8AC4C4E0 ZwTerminateProcess
SSDT 8A916598 ZwTerminateThread
SSDT 8AC3B400 ZwUnmapViewOfSection
SSDT 8AC3B4C0 ZwWriteVirtualMemory

---- Kernel code sections - GMER 1.0.15 ----

? SYMEFA.SYS The system cannot find the file specified. !

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Internet Explorer\iexplore.exe[3444] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E1DF4D1 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3444] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E353086 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3444] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E353007 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3444] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E35304B C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3444] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E352F93 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3444] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E352FCD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3444] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3530C1 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3444] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E2017C2 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3444] ole32.dll!OleLoadFromStream 7752981B 5 Bytes JMP 3E353283 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

Device Ntfs.sys (NT File System Driver/Microsoft Corporation)
Device Fastfat.SYS (Fast FAT File System Driver/Microsoft Corporation)

AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)

Device \Driver\atapi \Device\Ide\IdePort0 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort1 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort2 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\USBSTOR \Device\00000091 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\USBSTOR \Device\00000092 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)

AttachedDevice \Driver\Tcpip \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)

Device mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation)
Device \Driver\cdspacex \Device\Scsi\cdspacex1Port3Path0Target0Lun0 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\cdspacex \Device\Scsi\cdspacex1 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)

AttachedDevice fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

Device Cdfs.SYS (CD-ROM File System Driver/Microsoft Corporation)
Device DLAIFS_M.SYS (Drive Letter Access Component/Roxio)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SOFTWARE\Classes\.THM@ THM_auto_file
Reg HKLM\SOFTWARE\Classes\.xpl@ RealPlayer.MP3PL.6
Reg HKLM\SOFTWARE\Classes\.xpl@Content Type audio/mpegurl
Reg HKLM\SOFTWARE\Classes\amr_auto_file@
Reg HKLM\SOFTWARE\Classes\amr_auto_file\shell
Reg HKLM\SOFTWARE\Classes\amr_auto_file\shell@ open
Reg HKLM\SOFTWARE\Classes\amr_auto_file\shell\Enqueue
Reg HKLM\SOFTWARE\Classes\amr_auto_file\shell\Enqueue@ ?????? ??(&A)
Reg HKLM\SOFTWARE\Classes\amr_auto_file\shell\Enqueue\Command
Reg HKLM\SOFTWARE\Classes\amr_auto_file\shell\Enqueue\Command@ "C:\Program Files\GRETECH\GomPlayer\GOM.exe" /add "%1"
Reg HKLM\SOFTWARE\Classes\amr_auto_file\shell\Enqueue\DropTarget
Reg HKLM\SOFTWARE\Classes\amr_auto_file\shell\Enqueue\DropTarget@
Reg HKLM\SOFTWARE\Classes\amr_auto_file\shell\Enqueue\DropTarget@Clsid {6B866272-0A95-4EDC-9762-56A447040416}
Reg HKLM\SOFTWARE\Classes\amr_auto_file\shell\open
Reg HKLM\SOFTWARE\Classes\amr_auto_file\shell\open\command
Reg HKLM\SOFTWARE\Classes\amr_auto_file\shell\open\command@ "C:\Program Files\GRETECH\GomPlayer\GOM.exe" /open "%1"
Reg HKLM\SOFTWARE\Classes\amr_auto_file\shell\open\DropTarget
Reg HKLM\SOFTWARE\Classes\amr_auto_file\shell\open\DropTarget@
Reg HKLM\SOFTWARE\Classes\amr_auto_file\shell\open\DropTarget@Clsid {D0F0AD6B-ECCC-401E-8E71-C4363D41399C}
Reg HKLM\SOFTWARE\Classes\CLSID\{2df5c137-3763-427f-a2da-bb22a9e958a5}@Model 314
Reg HKLM\SOFTWARE\Classes\CLSID\{2df5c137-3763-427f-a2da-bb22a9e958a5}@Therad 30
Reg HKLM\SOFTWARE\Classes\CLSID\{2df5c137-3763-427f-a2da-bb22a9e958a5}@MData 0x2B 0x8F 0x78 0x29 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}@scansk 0x56 0x1D 0xA2 0xEA ...
Reg HKLM\SOFTWARE\Classes\CMListControl.List@ List Class
Reg HKLM\SOFTWARE\Classes\CMListControl.List\CLSID
Reg HKLM\SOFTWARE\Classes\CMListControl.List\CLSID@ {C005AD8C-A0C0-450B-8885-4F3562C0B58C}
Reg HKLM\SOFTWARE\Classes\CMListControl.List\CurVer
Reg HKLM\SOFTWARE\Classes\CMListControl.List\CurVer@ CMListControl.List.1
Reg HKLM\SOFTWARE\Classes\CMListControl.List.1@ List Class
Reg HKLM\SOFTWARE\Classes\CMListControl.List.1\CLSID
Reg HKLM\SOFTWARE\Classes\CMListControl.List.1\CLSID@ {C005AD8C-A0C0-450B-8885-4F3562C0B58C}
Reg HKLM\SOFTWARE\Classes\dayon@ URL: dayon Protocol
Reg HKLM\SOFTWARE\Classes\dayon@URL Protocol
Reg HKLM\SOFTWARE\Classes\dayon\DefaultIcon
Reg HKLM\SOFTWARE\Classes\dayon\DefaultIcon@ C:\Program Files\EzSolution\Dayon\Player\Player.exe
Reg HKLM\SOFTWARE\Classes\dayon\shell
Reg HKLM\SOFTWARE\Classes\dayon\shell\open
Reg HKLM\SOFTWARE\Classes\dayon\shell\open\command
Reg HKLM\SOFTWARE\Classes\dayon\shell\open\command@ C:\Program Files\EzSolution\Dayon\Player\Player.exe "%1"
Reg HKLM\SOFTWARE\Classes\EasyShare.EasyShare_AddInHost@ EasyShare_AddInHost Class
Reg HKLM\SOFTWARE\Classes\EasyShare.EasyShare_AddInHost\CLSID
Reg HKLM\SOFTWARE\Classes\EasyShare.EasyShare_AddInHost\CLSID@ {09101CBE-D527-11D6-AD30-0050DAD88A02}
Reg HKLM\SOFTWARE\Classes\EasyShare.EasyShare_AddInHost\CurVer
Reg HKLM\SOFTWARE\Classes\EasyShare.EasyShare_AddInHost\CurVer@ EasyShare.EasyShare_AddInHost.1
Reg HKLM\SOFTWARE\Classes\EasyShare.EasyShare_AddInHost.1@ EasyShare_AddInHost Class
Reg HKLM\SOFTWARE\Classes\EasyShare.EasyShare_AddInHost.1\CLSID
Reg HKLM\SOFTWARE\Classes\EasyShare.EasyShare_AddInHost.1\CLSID@ {09101CBE-D527-11D6-AD30-0050DAD88A02}
Reg HKLM\SOFTWARE\Classes\EasyShare.EasyShare_App@ EasyShare_App Class
Reg HKLM\SOFTWARE\Classes\EasyShare.EasyShare_App\CLSID
Reg HKLM\SOFTWARE\Classes\EasyShare.EasyShare_App\CLSID@ {09101CAF-D527-11D6-AD30-0050DAD88A02}
Reg HKLM\SOFTWARE\Classes\EasyShare.EasyShare_App\CurVer
Reg HKLM\SOFTWARE\Classes\EasyShare.EasyShare_App\CurVer@ EasyShare.EasyShare_App.1
Reg HKLM\SOFTWARE\Classes\EasyShare.EasyShare_App.1@ EasyShare_App Class
Reg HKLM\SOFTWARE\Classes\EasyShare.EasyShare_App.1\CLSID
Reg HKLM\SOFTWARE\Classes\EasyShare.EasyShare_App.1\CLSID@ {09101CAF-D527-11D6-AD30-0050DAD88A02}
Reg HKLM\SOFTWARE\Classes\EasyShare.EasyShare_Image@ EasyShare_Image Class
Reg HKLM\SOFTWARE\Classes\EasyShare.EasyShare_Image\CLSID
Reg HKLM\SOFTWARE\Classes\EasyShare.EasyShare_Image\CLSID@ {00FAE562-DACA-11D6-AD30-0050DAD88A02}
Reg HKLM\SOFTWARE\Classes\EasyShare.EasyShare_Image\CurVer
Reg HKLM\SOFTWARE\Classes\EasyShare.EasyShare_Image\CurVer@ EasyShare.EasyShare_Image.1
Reg HKLM\SOFTWARE\Classes\EasyShare.EasyShare_Image.1@ EasyShare_Image Class
Reg HKLM\SOFTWARE\Classes\EasyShare.EasyShare_Image.1\CLSID
Reg HKLM\SOFTWARE\Classes\EasyShare.EasyShare_Image.1\CLSID@ {00FAE562-DACA-11D6-AD30-0050DAD88A02}
Reg HKLM\SOFTWARE\Classes\EasyShare.EasyShare_ImageCollection@ EasyShare_ImageCollection Class
Reg HKLM\SOFTWARE\Classes\EasyShare.EasyShare_ImageCollection\CLSID
Reg HKLM\SOFTWARE\Classes\EasyShare.EasyShare_ImageCollection\CLSID@ {00FAE568-DACA-11D6-AD30-0050DAD88A02}
Reg HKLM\SOFTWARE\Classes\EasyShare.EasyShare_ImageCollection\CurVer
Reg HKLM\SOFTWARE\Classes\EasyShare.EasyShare_ImageCollection\CurVer@ EasyShare.EasyShare_ImageCollection.1
Reg HKLM\SOFTWARE\Classes\EasyShare.EasyShare_ImageCollection.1@ EasyShare_ImageCollection Class
Reg HKLM\SOFTWARE\Classes\EasyShare.EasyShare_ImageCollection.1\CLSID
Reg HKLM\SOFTWARE\Classes\EasyShare.EasyShare_ImageCollection.1\CLSID@ {00FAE568-DACA-11D6-AD30-0050DAD88A02}
Reg HKLM\SOFTWARE\Classes\EasyShare.EasyShare_ImageControl@ EasyShare_ImageControl Class
Reg HKLM\SOFTWARE\Classes\EasyShare.EasyShare_ImageControl\CLSID
Reg HKLM\SOFTWARE\Classes\EasyShare.EasyShare_ImageControl\CLSID@ {09101CBA-D527-11D6-AD30-0050DAD88A02}
Reg HKLM\SOFTWARE\Classes\EasyShare.EasyShare_ImageControl\CurVer
Reg HKLM\SOFTWARE\Classes\EasyShare.EasyShare_ImageControl\CurVer@ EasyShare.EasyShare_ImageControl.1
Reg HKLM\SOFTWARE\Classes\EasyShare.EasyShare_ImageControl.1@ EasyShare_ImageControl Class
Reg HKLM\SOFTWARE\Classes\EasyShare.EasyShare_ImageControl.1\CLSID
Reg HKLM\SOFTWARE\Classes\EasyShare.EasyShare_ImageControl.1\CLSID@ {09101CBA-D527-11D6-AD30-0050DAD88A02}
Reg HKLM\SOFTWARE\Classes\EasyShare.EasyShare_WorkOrder@ EasyShare_WorkOrder Class
Reg HKLM\SOFTWARE\Classes\EasyShare.EasyShare_WorkOrder\CLSID
Reg HKLM\SOFTWARE\Classes\EasyShare.EasyShare_WorkOrder\CLSID@ {09101CB7-D527-11D6-AD30-0050DAD88A02}
Reg HKLM\SOFTWARE\Classes\EasyShare.EasyShare_WorkOrder\CurVer
Reg HKLM\SOFTWARE\Classes\EasyShare.EasyShare_WorkOrder\CurVer@ EasyShare.EasyShare_WorkOrder.1
Reg HKLM\SOFTWARE\Classes\EasyShare.EasyShare_WorkOrder.1@ EasyShare_WorkOrder Class
Reg HKLM\SOFTWARE\Classes\EasyShare.EasyShare_WorkOrder.1\CLSID
Reg HKLM\SOFTWARE\Classes\EasyShare.EasyShare_WorkOrder.1\CLSID@ {09101CB7-D527-11D6-AD30-0050DAD88A02}
Reg HKLM\SOFTWARE\Classes\ESCom.EasyShare_ImageControl2@ EasyShare_ImageControl2 Class
Reg HKLM\SOFTWARE\Classes\ESCom.EasyShare_ImageControl2\CLSID
Reg HKLM\SOFTWARE\Classes\ESCom.EasyShare_ImageControl2\CLSID@ {3A091B81-8FAF-4B7D-85C7-7CB5D3FDD479}
Reg HKLM\SOFTWARE\Classes\ESCom.EasyShare_ImageControl2\CurVer
Reg HKLM\SOFTWARE\Classes\ESCom.EasyShare_ImageControl2\CurVer@ ESCom.EasyShare_ImageControl2.1
Reg HKLM\SOFTWARE\Classes\ESCom.EasyShare_ImageControl2.1@ EasyShare_ImageControl2 Class
Reg HKLM\SOFTWARE\Classes\ESCom.EasyShare_ImageControl2.1\CLSID
Reg HKLM\SOFTWARE\Classes\ESCom.EasyShare_ImageControl2.1\CLSID@ {3A091B81-8FAF-4B7D-85C7-7CB5D3FDD479}
Reg HKLM\SOFTWARE\Classes\mailto@ URL:MailTo Protocol
Reg HKLM\SOFTWARE\Classes\mailto@URL Protocol
Reg HKLM\SOFTWARE\Classes\mailto\DefaultIcon
Reg HKLM\SOFTWARE\Classes\mailto\DefaultIcon@ "C:\PROGRA~1\MICROS~3\Office12\OUTLOOK.EXE",7
Reg HKLM\SOFTWARE\Classes\mailto\shell
Reg HKLM\SOFTWARE\Classes\mailto\shell\open
Reg HKLM\SOFTWARE\Classes\mailto\shell\open\command
Reg HKLM\SOFTWARE\Classes\mailto\shell\open\command@ "C:\PROGRA~1\MICROS~3\Office12\OUTLOOK.EXE" -c IPM.Note /m "%1"
Reg HKLM\SOFTWARE\Classes\MDServiceProviderIFP.MDServiceProviderIFP@ MDServiceProviderIFP Class
Reg HKLM\SOFTWARE\Classes\MDServiceProviderIFP.MDServiceProviderIFP\CLSID
Reg HKLM\SOFTWARE\Classes\MDServiceProviderIFP.MDServiceProviderIFP\CLSID@ {00416AA4-D0BC-45cf-AE2A-908BB972E9E4}
Reg HKLM\SOFTWARE\Classes\MDServiceProviderIFP.MDServiceProviderIFP.1@ MDServiceProviderIFP Class
Reg HKLM\SOFTWARE\Classes\MDServiceProviderIFP.MDServiceProviderIFP.1\CLSID
Reg HKLM\SOFTWARE\Classes\MDServiceProviderIFP.MDServiceProviderIFP.1\CLSID@ {00416AA4-D0BC-45cf-AE2A-908BB972E9E4}
Reg HKLM\SOFTWARE\Classes\MDServiceProviderIFP.PropPage@ IFPSPPropPage Class
Reg HKLM\SOFTWARE\Classes\MDServiceProviderIFP.PropPage\CLSID
Reg HKLM\SOFTWARE\Classes\MDServiceProviderIFP.PropPage\CLSID@ {03545A48-C31B-4494-93A1-EFBF75117079}
Reg HKLM\SOFTWARE\Classes\MDServiceProviderIFP.PropPage\CurVer
Reg HKLM\SOFTWARE\Classes\MDServiceProviderIFP.PropPage\CurVer@ MDServiceProviderIFP.PropPage.1
Reg HKLM\SOFTWARE\Classes\MDServiceProviderIFP.PropPage.1@ PropPage Class
Reg HKLM\SOFTWARE\Classes\MDServiceProviderIFP.PropPage.1\CLSID
Reg HKLM\SOFTWARE\Classes\MDServiceProviderIFP.PropPage.1\CLSID@ {03545A48-C31B-4494-93A1-EFBF75117079}
Reg HKLM\SOFTWARE\Classes\NuriDownloaderX.NuriDownloader@ NuriDownloader Control
Reg HKLM\SOFTWARE\Classes\NuriDownloaderX.NuriDownloader\Clsid
Reg HKLM\SOFTWARE\Classes\NuriDownloaderX.NuriDownloader\Clsid@ {436A95AC-A449-4A6B-84AB-6D83C32F512B}
Reg HKLM\SOFTWARE\Classes\p3skcb@Source Filter {CB130CB3-1F63-47e5-B5BB-DE0A2CDCEC4C}
Reg HKLM\SOFTWARE\Classes\p3skcb@URL Protocol
Reg HKLM\SOFTWARE\Classes\Ptswia.WiaEvents@ WiaEvents Class
Reg HKLM\SOFTWARE\Classes\Ptswia.WiaEvents\CLSID
Reg HKLM\SOFTWARE\Classes\Ptswia.WiaEvents\CLSID@ {66A41C80-C64A-45A9-8BC9-0D58DE47C007}
Reg HKLM\SOFTWARE\Classes\Ptswia.WiaEvents\CurVer
Reg HKLM\SOFTWARE\Classes\Ptswia.WiaEvents\CurVer@ Ptswia.WiaEvents.1
Reg HKLM\SOFTWARE\Classes\Ptswia.WiaEvents.1@ WiaEvents Class
Reg HKLM\SOFTWARE\Classes\Ptswia.WiaEvents.1\CLSID
Reg HKLM\SOFTWARE\Classes\Ptswia.WiaEvents.1\CLSID@ {66A41C80-C64A-45A9-8BC9-0D58DE47C007}
Reg HKLM\SOFTWARE\Classes\Ptswia.WiaEvents.1\Shell
Reg HKLM\SOFTWARE\Classes\Ptswia.WiaEvents.1\Shell@
Reg HKLM\SOFTWARE\Classes\Ptswia.WiaEvents.1\Shell\open
Reg HKLM\SOFTWARE\Classes\Ptswia.WiaEvents.1\Shell\open@
Reg HKLM\SOFTWARE\Classes\Ptswia.WiaEvents.1\Shell\open\DropTarget
Reg HKLM\SOFTWARE\Classes\Ptswia.WiaEvents.1\Shell\open\DropTarget@
Reg HKLM\SOFTWARE\Classes\Ptswia.WiaEvents.1\Shell\open\DropTarget@Clsid {66A41C80-C64A-45A9-8BC9-0D58DE47C007}
Reg HKLM\SOFTWARE\Classes\RealPlayer.MP3PL.6@ MP3 PlayLists (.m3u,.pls,.xpl)
Reg HKLM\SOFTWARE\Classes\RealPlayer.MP3PL.6\DefaultIcon
Reg HKLM\SOFTWARE\Classes\RealPlayer.MP3PL.6\DefaultIcon@ C:\Program Files\Real\RealPlayer\RealPlay.exe,0
Reg HKLM\SOFTWARE\Classes\RealPlayer.MP3PL.6\shell
Reg HKLM\SOFTWARE\Classes\RealPlayer.MP3PL.6\shell\open
Reg HKLM\SOFTWARE\Classes\RealPlayer.MP3PL.6\shell\open\command
Reg HKLM\SOFTWARE\Classes\RealPlayer.MP3PL.6\shell\open\command@ "C:\Program Files\Real\RealPlayer\RealPlay.exe" /m audio/mpegurl %1
Reg HKLM\SOFTWARE\Classes\RealPlayer.WAV.6@ WAV Clip
Reg HKLM\SOFTWARE\Classes\RealPlayer.WAV.6\DefaultIcon
Reg HKLM\SOFTWARE\Classes\RealPlayer.WAV.6\DefaultIcon@ C:\Program Files\Real\RealPlayer\RealPlay.exe,0
Reg HKLM\SOFTWARE\Classes\RealPlayer.WAV.6\shell
Reg HKLM\SOFTWARE\Classes\RealPlayer.WAV.6\shell\open
Reg HKLM\SOFTWARE\Classes\RealPlayer.WAV.6\shell\open\command
Reg HKLM\SOFTWARE\Classes\RealPlayer.WAV.6\shell\open\command@ "C:\Program Files\Real\RealPlayer\RealPlay.exe" /m audio/wav %1
Reg HKLM\SOFTWARE\Classes\Ring3.IKodakCameraManager@ IKodakCameraManager Class
Reg HKLM\SOFTWARE\Classes\Ring3.IKodakCameraManager\CLSID
Reg HKLM\SOFTWARE\Classes\Ring3.IKodakCameraManager\CLSID@ {FB803D0D-EC2B-11D2-A4B8-00104BCAB4AB}
Reg HKLM\SOFTWARE\Classes\Ring3.IKodakCameraManager\CurVer
Reg HKLM\SOFTWARE\Classes\Ring3.IKodakCameraManager\CurVer@ Ring3.IKodakCameraManager.1
Reg HKLM\SOFTWARE\Classes\Ring3.IKodakCameraManager.1@ IKodakCameraManager Class
Reg HKLM\SOFTWARE\Classes\Ring3.IKodakCameraManager.1\CLSID
Reg HKLM\SOFTWARE\Classes\Ring3.IKodakCameraManager.1\CLSID@ {FB803D0D-EC2B-11D2-A4B8-00104BCAB4AB}
Reg HKLM\SOFTWARE\Classes\SetPointCOMMM9.SetPointCOM@ SetPointCOM Class
Reg HKLM\SOFTWARE\Classes\SetPointCOMMM9.SetPointCOM\CLSID
Reg HKLM\SOFTWARE\Classes\SetPointCOMMM9.SetPointCOM\CLSID@ {68A362DB-D106-4B53-B613-BA8A1E6B539E}
Reg HKLM\SOFTWARE\Classes\SetPointCOMMM9.SetPointCOM\CurVer
Reg HKLM\SOFTWARE\Classes\SetPointCOMMM9.SetPointCOM\CurVer@ SetPointCOMMM9.SetPointCOM.1
Reg HKLM\SOFTWARE\Classes\SetPointCOMMM9.SetPointCOM.1@ SetPointCOM Class
Reg HKLM\SOFTWARE\Classes\SetPointCOMMM9.SetPointCOM.1\CLSID
Reg HKLM\SOFTWARE\Classes\SetPointCOMMM9.SetPointCOM.1\CLSID@ {68A362DB-D106-4B53-B613-BA8A1E6B539E}
Reg HKLM\SOFTWARE\Classes\SetPointCOMWMP9.SetPointCOM@ SetPointCOM Class
Reg HKLM\SOFTWARE\Classes\SetPointCOMWMP9.SetPointCOM\CLSID
Reg HKLM\SOFTWARE\Classes\SetPointCOMWMP9.SetPointCOM\CLSID@ {68B482DB-D106-4B53-B613-BA8A1E6B539E}
Reg HKLM\SOFTWARE\Classes\SetPointCOMWMP9.SetPointCOM\CurVer
Reg HKLM\SOFTWARE\Classes\SetPointCOMWMP9.SetPointCOM\CurVer@ SetPointCOMWMP9.SetPointCOM.1
Reg HKLM\SOFTWARE\Classes\SetPointCOMWMP9.SetPointCOM.1@ SetPointCOM Class
Reg HKLM\SOFTWARE\Classes\SetPointCOMWMP9.SetPointCOM.1\CLSID
Reg HKLM\SOFTWARE\Classes\SetPointCOMWMP9.SetPointCOM.1\CLSID@ {68B482DB-D106-4B53-B613-BA8A1E6B539E}
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.ClosedCaption@ ClosedCaption Class
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.ClosedCaption\CLSID
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.ClosedCaption\CLSID@ {B359B6EA-E892-4018-8CD2-4ECC9BD477A2}
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.ClosedCaption\CurVer
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.ClosedCaption\CurVer@ SKCBGMCtrl.ClosedCaption.1
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.ClosedCaption.1@ ClosedCaption Class
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.ClosedCaption.1\CLSID
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.ClosedCaption.1\CLSID@ {B359B6EA-E892-4018-8CD2-4ECC9BD477A2}
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.Controls@ Controls Class
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.Controls\CLSID
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.Controls\CLSID@ {F39659CF-699B-47EF-BB19-C15A84BBB143}
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.Controls\CurVer
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.Controls\CurVer@ SKCBGMCtrl.Controls.1
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.Controls.1@ Controls Class
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.Controls.1\CLSID
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.Controls.1\CLSID@ {F39659CF-699B-47EF-BB19-C15A84BBB143}
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.DVD@ DVD Class
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.DVD\CLSID
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.DVD\CLSID@ {37F08BCE-C7B2-48E8-88B0-666BC1C58C36}
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.DVD\CurVer
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.DVD\CurVer@ SKCBGMCtrl.DVD.1
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.DVD.1@ DVD Class
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.DVD.1\CLSID
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.DVD.1\CLSID@ {37F08BCE-C7B2-48E8-88B0-666BC1C58C36}
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.Error@ Error Class
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.Error\CLSID
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.Error\CLSID@ {5E395EC3-30F4-4A0E-A7F6-8878C60E8EB1}
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.Error\CurVer
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.Error\CurVer@ SKCBGMCtrl.Error.1
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.Error.1@ Error Class
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.Error.1\CLSID
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.Error.1\CLSID@ {5E395EC3-30F4-4A0E-A7F6-8878C60E8EB1}
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.ErrorItem@ ErrorItem Class
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.ErrorItem\CLSID
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.ErrorItem\CLSID@ {FA150B05-7510-471D-9AFB-467B94462FDE}
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.ErrorItem\CurVer
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.ErrorItem\CurVer@ SKCBGMCtrl.ErrorItem.1
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.ErrorItem.1@ ErrorItem Class
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.ErrorItem.1\CLSID
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.ErrorItem.1\CLSID@ {FA150B05-7510-471D-9AFB-467B94462FDE}
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.Media@ Media Class
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.Media\CLSID
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.Media\CLSID@ {11921BE2-A0A6-4532-B708-76537C9BB86D}
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.Media\CurVer
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.Media\CurVer@ SKCBGMCtrl.Media.1
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.Media.1@ Media Class
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.Media.1\CLSID
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.Media.1\CLSID@ {11921BE2-A0A6-4532-B708-76537C9BB86D}
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.MediaCollection@ MediaCollection Class
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.MediaCollection\CLSID
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.MediaCollection\CLSID@ {7AA18156-1945-45AF-9AC6-F1A9787ACE06}
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.MediaCollection\CurVer
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.MediaCollection\CurVer@ SKCBGMCtrl.MediaCollection.1
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.MediaCollection.1@ MediaCollection Class
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.MediaCollection.1\CLSID
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.MediaCollection.1\CLSID@ {7AA18156-1945-45AF-9AC6-F1A9787ACE06}
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.Network@ Network Class
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.Network\CLSID
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.Network\CLSID@ {6126A5F4-A096-4F8A-A272-C54FD7F63C17}
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.Network\CurVer
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.Network\CurVer@ SKCBGMCtrl.Network.1
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.Network.1@ Network Class
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.Network.1\CLSID
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.Network.1\CLSID@ {6126A5F4-A096-4F8A-A272-C54FD7F63C17}
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.P3MPInterface@ Cyworld BGM player
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.P3MPInterface\CLSID
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.P3MPInterface\CLSID@ {CFEEFD48-3EF9-4b51-9738-0B54D8E9E5BD}
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.P3MPInterface\CurVer
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.P3MPInterface\CurVer@ SKCBGMCtrl.P3MPInterface.1
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.P3MPInterface.1@ Cyworld BGM player
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.P3MPInterface.1\CLSID
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.P3MPInterface.1\CLSID@ {CFEEFD48-3EF9-4b51-9738-0B54D8E9E5BD}
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.PlayerApplication@ PlayerApplication Class
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.PlayerApplication\CLSID
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.PlayerApplication\CLSID@ {E8CD244F-1836-4FFE-AF58-1776580D1622}
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.PlayerApplication\CurVer
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.PlayerApplication\CurVer@ SKCBGMCtrl.PlayerApplication.1
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.PlayerApplication.1@ PlayerApplication Class
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.PlayerApplication.1\CLSID
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.PlayerApplication.1\CLSID@ {E8CD244F-1836-4FFE-AF58-1776580D1622}
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.Playlist@ Playlist Class
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.Playlist\CLSID
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.Playlist\CLSID@ {69F34BA8-7ED4-4911-97F4-4B88ADF25441}
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.Playlist\CurVer
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.Playlist\CurVer@ SKCBGMCtrl.Playlist.1
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.Playlist.1@ Playlist Class
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.Playlist.1\CLSID
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.Playlist.1\CLSID@ {69F34BA8-7ED4-4911-97F4-4B88ADF25441}
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.PlaylistArray@ PlaylistArray Class
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.PlaylistArray\CLSID
 
gmer.log (continued)


Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.PlaylistArray\CLSID@ {841643D5-D102-4B24-917C-0CAF6D9DFBF1}
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.PlaylistArray\CurVer
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.PlaylistArray\CurVer@ SKCBGMCtrl.PlaylistArray.1
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.PlaylistArray.1@ PlaylistArray Class
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.PlaylistArray.1\CLSID
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.PlaylistArray.1\CLSID@ {841643D5-D102-4B24-917C-0CAF6D9DFBF1}
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.playlistCollection@ playlistCollection Class
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.playlistCollection\CLSID
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.playlistCollection\CLSID@ {5B2F6A77-8A7E-4AA7-B6D7-FAC7657F58BD}
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.playlistCollection\CurVer
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.playlistCollection\CurVer@ SKCBGMCtrl.playlistCollection.1
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.playlistCollection.1@ playlistCollection Class
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.playlistCollection.1\CLSID
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.playlistCollection.1\CLSID@ {5B2F6A77-8A7E-4AA7-B6D7-FAC7657F58BD}
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.Settings@ Settings Class
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.Settings\CLSID
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.Settings\CLSID@ {0D37433C-8C73-458E-A7D6-15DE1CEC0F91}
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.Settings\CurVer
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.Settings\CurVer@ SKCBGMCtrl.Settings.1
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.Settings.1@ Settings Class
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.Settings.1\CLSID
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.Settings.1\CLSID@ {0D37433C-8C73-458E-A7D6-15DE1CEC0F91}
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.StringCollection@ StringCollection Class
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.StringCollection\CLSID
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.StringCollection\CLSID@ {CBABF241-9875-46C8-BB0B-6F90CC8D12FE}
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.StringCollection\CurVer
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.StringCollection\CurVer@ SKCBGMCtrl.StringCollection.1
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.StringCollection.1@ StringCollection Class
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.StringCollection.1\CLSID
Reg HKLM\SOFTWARE\Classes\SKCBGMCtrl.StringCollection.1\CLSID@ {CBABF241-9875-46C8-BB0B-6F90CC8D12FE}
Reg HKLM\SOFTWARE\Classes\SKCBGMLoad.P3WLoader@ skcbgmset Class
Reg HKLM\SOFTWARE\Classes\SKCBGMLoad.P3WLoader\CLSID
Reg HKLM\SOFTWARE\Classes\SKCBGMLoad.P3WLoader\CLSID@ {A671DC03-71D0-4cf0-895C-7D4A248FC1F1}
Reg HKLM\SOFTWARE\Classes\SKCBGMLoad.P3WLoader\CurVer
Reg HKLM\SOFTWARE\Classes\SKCBGMLoad.P3WLoader\CurVer@ SKCBGMLoad.P3WLoader.1
Reg HKLM\SOFTWARE\Classes\SKCBGMLoad.P3WLoader.1@ skcbgmset Class
Reg HKLM\SOFTWARE\Classes\SKCBGMLoad.P3WLoader.1\CLSID
Reg HKLM\SOFTWARE\Classes\SKCBGMLoad.P3WLoader.1\CLSID@ {A671DC03-71D0-4cf0-895C-7D4A248FC1F1}
Reg HKLM\SOFTWARE\Classes\SKCBGMSvr.P3CacheMgrSvr@ P3CacheMgrSvr Class
Reg HKLM\SOFTWARE\Classes\SKCBGMSvr.P3CacheMgrSvr\CLSID
Reg HKLM\SOFTWARE\Classes\SKCBGMSvr.P3CacheMgrSvr\CLSID@ {C5D4D4F4-049F-4781-AFF0-7352D293BB0E}
Reg HKLM\SOFTWARE\Classes\SKCBGMSvr.P3CacheMgrSvr\CurVer
Reg HKLM\SOFTWARE\Classes\SKCBGMSvr.P3CacheMgrSvr\CurVer@ SKCBGMSvr.P3CacheMgrSvr.1
Reg HKLM\SOFTWARE\Classes\SKCBGMSvr.P3CacheMgrSvr.1@ P3CacheMgrSvr Class
Reg HKLM\SOFTWARE\Classes\SKCBGMSvr.P3CacheMgrSvr.1\CLSID
Reg HKLM\SOFTWARE\Classes\SKCBGMSvr.P3CacheMgrSvr.1\CLSID@ {C5D4D4F4-049F-4781-AFF0-7352D293BB0E}
Reg HKLM\SOFTWARE\Classes\SKCBGMSvr.P3URLInfoSvr@ P3URLInfoSvr Class
Reg HKLM\SOFTWARE\Classes\SKCBGMSvr.P3URLInfoSvr\CLSID
Reg HKLM\SOFTWARE\Classes\SKCBGMSvr.P3URLInfoSvr\CLSID@ {C05646C3-8A82-4351-8560-D3FC7FA1E33F}
Reg HKLM\SOFTWARE\Classes\SKCBGMSvr.P3URLInfoSvr\CurVer
Reg HKLM\SOFTWARE\Classes\SKCBGMSvr.P3URLInfoSvr\CurVer@ SKCBGMSvr.P3URLInfoSvr.1
Reg HKLM\SOFTWARE\Classes\SKCBGMSvr.P3URLInfoSvr.1@ P3URLInfoSvr Class
Reg HKLM\SOFTWARE\Classes\SKCBGMSvr.P3URLInfoSvr.1\CLSID
Reg HKLM\SOFTWARE\Classes\SKCBGMSvr.P3URLInfoSvr.1\CLSID@ {C05646C3-8A82-4351-8560-D3FC7FA1E33F}
Reg HKLM\SOFTWARE\Classes\SKCBGMSvr.WebCtrl@ SK Communications Cyworld BGM Player
Reg HKLM\SOFTWARE\Classes\SKCBGMSvr.WebCtrl\CLSID
Reg HKLM\SOFTWARE\Classes\SKCBGMSvr.WebCtrl\CLSID@ {C7E8E423-90F1-4052-A366-04CC6C1BF18A}
Reg HKLM\SOFTWARE\Classes\SKCBGMSvr.WebCtrl\CurVer
Reg HKLM\SOFTWARE\Classes\SKCBGMSvr.WebCtrl\CurVer@ SKCBGMSvr.WebCtrl.1
Reg HKLM\SOFTWARE\Classes\SKCBGMSvr.WebCtrl.1@ SK Communications Cyworld BGM Player
Reg HKLM\SOFTWARE\Classes\SKCBGMSvr.WebCtrl.1\CLSID
Reg HKLM\SOFTWARE\Classes\SKCBGMSvr.WebCtrl.1\CLSID@ {C7E8E423-90F1-4052-A366-04CC6C1BF18A}
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.ClosedCaption@ ClosedCaption Class
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.ClosedCaption\CLSID
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.ClosedCaption\CLSID@ {B359B6EA-E892-4018-8CD2-4ECC9BD477A2}
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.ClosedCaption\CurVer
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.ClosedCaption\CurVer@ SKCPPLCtrl.ClosedCaption.1
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.ClosedCaption.1@ ClosedCaption Class
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.ClosedCaption.1\CLSID
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.ClosedCaption.1\CLSID@ {B359B6EA-E892-4018-8CD2-4ECC9BD477A2}
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.Controls@ Controls Class
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.Controls\CLSID
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.Controls\CLSID@ {F39659CF-699B-47EF-BB19-C15A84BBB143}
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.Controls\CurVer
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.Controls\CurVer@ SKCPPLCtrl.Controls.1
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.Controls.1@ Controls Class
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.Controls.1\CLSID
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.Controls.1\CLSID@ {F39659CF-699B-47EF-BB19-C15A84BBB143}
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.DVD@ DVD Class
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.DVD\CLSID
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.DVD\CLSID@ {37F08BCE-C7B2-48E8-88B0-666BC1C58C36}
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.DVD\CurVer
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.DVD\CurVer@ SKCPPLCtrl.DVD.1
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.DVD.1@ DVD Class
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.DVD.1\CLSID
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.DVD.1\CLSID@ {37F08BCE-C7B2-48E8-88B0-666BC1C58C36}
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.Error@ Error Class
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.Error\CLSID
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.Error\CLSID@ {5E395EC3-30F4-4A0E-A7F6-8878C60E8EB1}
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.Error\CurVer
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.Error\CurVer@ SKCPPLCtrl.Error.1
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.Error.1@ Error Class
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.Error.1\CLSID
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.Error.1\CLSID@ {5E395EC3-30F4-4A0E-A7F6-8878C60E8EB1}
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.ErrorItem@ ErrorItem Class
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.ErrorItem\CLSID
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.ErrorItem\CLSID@ {FA150B05-7510-471D-9AFB-467B94462FDE}
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.ErrorItem\CurVer
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.ErrorItem\CurVer@ SKCPPLCtrl.ErrorItem.1
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.ErrorItem.1@ ErrorItem Class
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.ErrorItem.1\CLSID
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.ErrorItem.1\CLSID@ {FA150B05-7510-471D-9AFB-467B94462FDE}
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.Media@ Media Class
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.Media\CLSID
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.Media\CLSID@ {11921BE2-A0A6-4532-B708-76537C9BB86D}
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.Media\CurVer
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.Media\CurVer@ SKCPPLCtrl.Media.1
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.Media.1@ Media Class
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.Media.1\CLSID
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.Media.1\CLSID@ {11921BE2-A0A6-4532-B708-76537C9BB86D}
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.MediaCollection@ MediaCollection Class
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.MediaCollection\CLSID
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.MediaCollection\CLSID@ {7AA18156-1945-45AF-9AC6-F1A9787ACE06}
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.MediaCollection\CurVer
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.MediaCollection\CurVer@ SKCPPLCtrl.MediaCollection.1
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.MediaCollection.1@ MediaCollection Class
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.MediaCollection.1\CLSID
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.MediaCollection.1\CLSID@ {7AA18156-1945-45AF-9AC6-F1A9787ACE06}
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.Network@ Network Class
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.Network\CLSID
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.Network\CLSID@ {6126A5F4-A096-4F8A-A272-C54FD7F63C17}
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.Network\CurVer
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.Network\CurVer@ SKCPPLCtrl.Network.1
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.Network.1@ Network Class
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.Network.1\CLSID
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.Network.1\CLSID@ {6126A5F4-A096-4F8A-A272-C54FD7F63C17}
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.P3MPInterface@ Cyworld PPL player
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.P3MPInterface\CLSID
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.P3MPInterface\CLSID@ {D214C260-15A4-4772-83EE-59AC3EBF662C}
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.P3MPInterface\CurVer
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.P3MPInterface\CurVer@ SKCPPLCtrl.P3MPInterface.1
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.P3MPInterface.1@ Cyworld PPL player
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.P3MPInterface.1\CLSID
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.P3MPInterface.1\CLSID@ {D214C260-15A4-4772-83EE-59AC3EBF662C}
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.PlayerApplication@ PlayerApplication Class
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.PlayerApplication\CLSID
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.PlayerApplication\CLSID@ {E8CD244F-1836-4FFE-AF58-1776580D1622}
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.PlayerApplication\CurVer
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.PlayerApplication\CurVer@ SKCPPLCtrl.PlayerApplication.1
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.PlayerApplication.1@ PlayerApplication Class
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.PlayerApplication.1\CLSID
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.PlayerApplication.1\CLSID@ {E8CD244F-1836-4FFE-AF58-1776580D1622}
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.Playlist@ Playlist Class
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.Playlist\CLSID
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.Playlist\CLSID@ {69F34BA8-7ED4-4911-97F4-4B88ADF25441}
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.Playlist\CurVer
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.Playlist\CurVer@ SKCPPLCtrl.Playlist.1
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.Playlist.1@ Playlist Class
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.Playlist.1\CLSID
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.Playlist.1\CLSID@ {69F34BA8-7ED4-4911-97F4-4B88ADF25441}
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.PlaylistArray@ PlaylistArray Class
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.PlaylistArray\CLSID
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.PlaylistArray\CLSID@ {841643D5-D102-4B24-917C-0CAF6D9DFBF1}
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.PlaylistArray\CurVer
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.PlaylistArray\CurVer@ SKCPPLCtrl.PlaylistArray.1
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.PlaylistArray.1@ PlaylistArray Class
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.PlaylistArray.1\CLSID
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.PlaylistArray.1\CLSID@ {841643D5-D102-4B24-917C-0CAF6D9DFBF1}
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.playlistCollection@ playlistCollection Class
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.playlistCollection\CLSID
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.playlistCollection\CLSID@ {5B2F6A77-8A7E-4AA7-B6D7-FAC7657F58BD}
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.playlistCollection\CurVer
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.playlistCollection\CurVer@ SKCPPLCtrl.playlistCollection.1
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.playlistCollection.1@ playlistCollection Class
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.playlistCollection.1\CLSID
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.playlistCollection.1\CLSID@ {5B2F6A77-8A7E-4AA7-B6D7-FAC7657F58BD}
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.Settings@ Settings Class
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.Settings\CLSID
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.Settings\CLSID@ {0D37433C-8C73-458E-A7D6-15DE1CEC0F91}
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.Settings\CurVer
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.Settings\CurVer@ SKCPPLCtrl.Settings.1
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.Settings.1@ Settings Class
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.Settings.1\CLSID
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.Settings.1\CLSID@ {0D37433C-8C73-458E-A7D6-15DE1CEC0F91}
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.StringCollection@ StringCollection Class
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.StringCollection\CLSID
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.StringCollection\CLSID@ {CBABF241-9875-46C8-BB0B-6F90CC8D12FE}
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.StringCollection\CurVer
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.StringCollection\CurVer@ SKCPPLCtrl.StringCollection.1
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.StringCollection.1@ StringCollection Class
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.StringCollection.1\CLSID
Reg HKLM\SOFTWARE\Classes\SKCPPLCtrl.StringCollection.1\CLSID@ {CBABF241-9875-46C8-BB0B-6F90CC8D12FE}
Reg HKLM\SOFTWARE\Classes\THM_auto_file@
Reg HKLM\SOFTWARE\Classes\THM_auto_file\shell
Reg HKLM\SOFTWARE\Classes\THM_auto_file\shell@ open
Reg HKLM\SOFTWARE\Classes\THM_auto_file\shell\Enqueue
Reg HKLM\SOFTWARE\Classes\THM_auto_file\shell\Enqueue@ ?????? ??(&A)
Reg HKLM\SOFTWARE\Classes\THM_auto_file\shell\Enqueue\Command
Reg HKLM\SOFTWARE\Classes\THM_auto_file\shell\Enqueue\Command@ "C:\Program Files\GRETECH\GomPlayer\GOM.exe" /add "%1"
Reg HKLM\SOFTWARE\Classes\THM_auto_file\shell\Enqueue\DropTarget
Reg HKLM\SOFTWARE\Classes\THM_auto_file\shell\Enqueue\DropTarget@
Reg HKLM\SOFTWARE\Classes\THM_auto_file\shell\Enqueue\DropTarget@Clsid {6B866272-0A95-4EDC-9762-56A447040416}
Reg HKLM\SOFTWARE\Classes\THM_auto_file\shell\open
Reg HKLM\SOFTWARE\Classes\THM_auto_file\shell\open\command
Reg HKLM\SOFTWARE\Classes\THM_auto_file\shell\open\command@ "C:\Program Files\GRETECH\GomPlayer\GOM.exe" /open "%1"
Reg HKLM\SOFTWARE\Classes\THM_auto_file\shell\open\DropTarget
Reg HKLM\SOFTWARE\Classes\THM_auto_file\shell\open\DropTarget@
Reg HKLM\SOFTWARE\Classes\THM_auto_file\shell\open\DropTarget@Clsid {D0F0AD6B-ECCC-401E-8E71-C4363D41399C}
Reg HKLM\SOFTWARE\Classes\Vdt.VistaPvwDropTarget@ VistaPvwDropTarget Class
Reg HKLM\SOFTWARE\Classes\Vdt.VistaPvwDropTarget\CLSID
Reg HKLM\SOFTWARE\Classes\Vdt.VistaPvwDropTarget\CLSID@ {7961D709-B4F2-4017-8F87-5C2B84632080}
Reg HKLM\SOFTWARE\Classes\Vdt.VistaPvwDropTarget\CurVer
Reg HKLM\SOFTWARE\Classes\Vdt.VistaPvwDropTarget\CurVer@ Vdt.VistaPvwDropTarget.1
Reg HKLM\SOFTWARE\Classes\Vdt.VistaPvwDropTarget.1@ VistaPvwDropTarget Class
Reg HKLM\SOFTWARE\Classes\Vdt.VistaPvwDropTarget.1\CLSID
Reg HKLM\SOFTWARE\Classes\Vdt.VistaPvwDropTarget.1\CLSID@ {7961D709-B4F2-4017-8F87-5C2B84632080}

---- EOF - GMER 1.0.15 ----
 
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5487

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.11

9/01/2011 11:10:11 PM
mbam-log-2011-01-09 (23-10-11).txt

Scan type: Quick scan
Objects scanned: 169346
Time elapsed: 16 minute(s), 54 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 46
Registry Values Infected: 4
Registry Data Items Infected: 3
Folders Infected: 15
Files Infected: 6

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
c:\program files\musicfrost\music frost toolbar\MinBHO.dll (Adware.SkyMediaPack) -> Delete on reboot.

Registry Keys Infected:
HKEY_CLASSES_ROOT\AppID\{05584B13-CA4B-459B-925B-65D215E5942C} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2863E737-DD3F-4280-9AF8-E9E79C16F312} (Adware.SkyMediaPack) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{27BA317E-7BBD-4EBE-A06A-47F076D9D6F7} (Adware.SkyMediaPack) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2574231F-9D6F-4B0E-9041-5DD7484564AD} (Adware.SkyMediaPack) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MinBHO.ShowBarObj.1 (Adware.SkyMediaPack) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MinBHO.ShowBarObj (Adware.SkyMediaPack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2863E737-DD3F-4280-9AF8-E9E79C16F312} (Adware.SkyMediaPack) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2863E737-DD3F-4280-9AF8-E9E79C16F312} (Adware.SkyMediaPack) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{FFDE727F-3330-45EB-B9F9-C1668E6E08B2} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{DA53E9AA-4A9A-4262-B993-140F6A71B7E4} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1AFF91D8-DE7B-4F4C-9507-B3791AEF058F} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\sch.NateSearch.1 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\sch.NateSearch (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFDE727F-3330-45EB-B9F9-C1668E6E08B2} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{FFDE727F-3330-45EB-B9F9-C1668E6E08B2} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{FFDE727F-3330-45EB-B9F9-C1668E6E08B2} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{5929CD6E-2062-44A4-B2C5-2C7E78FBAB38} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5929CD6E-2062-44A4-B2C5-2C7E78FBAB38} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{09F1ADAC-76D8-4D0F-99A5-5C907DADB988} (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{151C9CC9-4997-D013-C7AF-536FF6E1F284} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MyWaySearchAssistantDE.Auxiliary (Adware.MyWaySearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MyWaySearchAssistantDE.Auxiliary.1 (Adware.MyWaySearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\sch.Gulf (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\sch.Gulf.1 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\sch.DLL (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\SkyMedia (Adware.SkyMedia) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\NateSrch (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\xpre (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{45296DBE-C6F0-44C0-86B4-5AA85C61894B}_is1 (Rogue.AntiSpyware2010) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR (Trojan.DNSChanger) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\WinSock2\Xstudio_Packet_Capture (LSP.Hijacker) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{73259091-9574-4ED8-A40F-7F65AFC28634} (Trojan.Vundo) -> Value: {73259091-9574-4ED8-A40F-7F65AFC28634} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{73259091-9574-4ED8-A40F-7F65AFC28634} (Trojan.Vundo) -> Value: {73259091-9574-4ED8-A40F-7F65AFC28634} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search\(default) (Adware.Hotbar) -> Value: (default) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\rhc1t1j0e72l (Rogue.AntiVirusXP) -> Value: rhc1t1j0e72l -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
c:\documents and settings\chuan-chun\application data\rhc1t1j0e72l (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\documents and settings\chuan-chun\application data\rhc1t1j0e72l\quarantine (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\documents and settings\chuan-chun\application data\rhc1t1j0e72l\quarantine\Autorun (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\documents and settings\chuan-chun\application data\rhc1t1j0e72l\quarantine\Autorun\HKCU (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\documents and settings\chuan-chun\application data\rhc1t1j0e72l\quarantine\Autorun\HKCU\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\documents and settings\chuan-chun\application data\rhc1t1j0e72l\quarantine\Autorun\HKLM (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\documents and settings\chuan-chun\application data\rhc1t1j0e72l\quarantine\Autorun\HKLM\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\documents and settings\chuan-chun\application data\rhc1t1j0e72l\quarantine\Autorun\startmenuallusers (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\documents and settings\chuan-chun\application data\rhc1t1j0e72l\quarantine\Autorun\startmenucurrentuser (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\documents and settings\chuan-chun\application data\rhc1t1j0e72l\quarantine\browserobjects (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\documents and settings\chuan-chun\application data\rhc1t1j0e72l\quarantine\Packages (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\documents and settings\chuan-chun\application data\ni.gscns (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\shien-ling\application data\systemdoctor 2006 free (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
c:\program files\MyWaySA (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\MyWaySA\SrchAsDe (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Files Infected:
c:\program files\musicfrost\music frost toolbar\MinBHO.dll (Adware.SkyMediaPack) -> Delete on reboot.
c:\program files\Nate\addresssearch\sch.dll (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\chgozsejwpfgawel.dll-uninst.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\winpfz33.sys (Malware.Trace) -> Quarantined and deleted successfully.
c:\documents and settings\chuan-chun\application data\ni.gscns\dl.ini (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\chuan-chun\application data\ni.gscns\settings.ini (Trojan.Agent) -> Quarantined and deleted successfully.
 
Download MBRCheck to your desktop

Double click MBRCheck.exe to run (Vista and Windows 7 users, right click and select Run as Administrator).
It will show a black screen with some data on it.
Enter N to exit.
A report called MBRcheckxxxx.txt will be on your desktop
Open this report and post its content in your next reply.

======================================================================

Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
  1. Please, never rename Combofix unless instructed.
  2. Close any open browsers.
  3. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
    NOTE1. If Combofix asks you to install Recovery Console, please allow it.
    NOTE 2. If Combofix asks you to update the program, always do so.
    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
  4. Double click on combofix.exe & follow the prompts.
  5. When finished, it will produce a report for you.
  6. Please post the "C:\ComboFix.txt"
**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG users: ComboFix will not run until AVG is uninstalled as a protective measure against the anti-virus. This is because AVG "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.



Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try one of the following:

1. Run Combofix from Safe Mode.

2. Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.

Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.

There are 4 different versions. If one of them won't run then download and try to run the other one.

Vista and Win7 users need to right click Rkill and choose Run as Administrator

You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

Rkill.com
Rkill.scr
Rkill.exe

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

If normal mode still doesn't work, run BOTH tools from safe mode.

In case #2, please post BOTH logs, rKill and Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!
 
Status
Not open for further replies.

Similar threads

wshknwntlprtmn
  • Locked
Inactive Not sure what's going on here....
Replies
12
Views
2K
Broni
Broni
A
Microsoft breaks users' PCs again with latest Windows 11 update
Replies
19
Views
396
trparky
T
L
Solved Unknown spyware/ Monitoring/ Hijacking of my devices
Replies
15
Views
3K
Broni
Broni

Latest posts

Back