Forum Home
Press F1
Thread ID: 110084	2010-06-02 11:30:00	Help! Freezing of computer	sunjae429 (15805)	Press F1

Post ID	Timestamp	Content	User
1106362	2010-06-02 12:23:00	This is the logfile: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 오후 11:17:05, on 2010-06-02 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18372) Boot mode: Safe mode with network support Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Documents and Settings\Designer\Desktop\Everything... lol\Portable_Google_Chrome_4.0.201.1\ChromeLoader. exe C:\Documents and Settings\Designer\Desktop\Everything... lol\Portable_Google_Chrome_4.0.201.1\Chrome\chrome .exe C:\Documents and Settings\Designer\Desktop\Everything... lol\Portable_Google_Chrome_4.0.201.1\Chrome\chrome .exe C:\HijackThis.exe O2 - BHO: Octh Class - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1106f674-97f1-447c-9bc8-a26ddcd1f8ab} - C:\Program Files\Guidesh\guidesh.dll O2 - BHO: Flashget Catch Url Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FlashGet\jccatch.dll O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: ALToolBar BHO - {7F1A79F9-78D1-4186-9F60-EE0B63DF042A} - C:\Program Files\ESTsoft\ALToolBar\ALToolBand_1520.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: bonusgd - {A58DEAE0-19B2-482f-B1EA-4348F9518145} - C:\Program Files\bonusgd\bonusgd.DLL (file missing) O2 - BHO: (no name) - {db27beb2-b127-4753-8207-40818c27a6f3} - C:\Program Files\bonusgood\bngood.dll O2 - BHO: Reganam Toolbar - {db9d7a78-a76c-4bf2-97c6-258925ee1542} - C:\Program Files\Reganam\tbRega.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll O3 - Toolbar: FlashGet - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\Program Files\FlashGet\fgiebar.dll O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll O3 - Toolbar: ALToolBar - {38FBE93D-4CA1-4414-AF6A-94920C5BD8DA} - C:\Program Files\ESTsoft\ALToolBar\ALToolBand_1520.dll O4 - HKLM\..\Run: [Dell Wireless Manager UI] C:\WINDOWS\system32\WLTRAY O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [Korean IME Migration] C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMEKR\IMKRMIG. EXE /UNINSTALL O4 - HKLM\..\Run: [imekrmig7.0] "C:\Program Files\Common Files\Microsoft Shared\IME\IMKR7\IMEKRMIG.EXE" O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.ex e" -launchedbylogin O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [SmartRAM] C:\Program Files\IObit\Advanced WindowsCare V2\MemCleaner.exe /m O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [BC-MacChange8] C:\Documents and Settings\Designer\Application Data\efg.exe sgi O4 - HKLM\..\Run: [guidesh] C:\Program Files\Guidesh\guidesh.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKCU\..\Run: [Extend-Supporter-idprotect] C:\WINDOWS\system32\smartsupporter_idprotectEx.exe sgi O4 - HKCU\..\Run: [badakencoder] "C:\Program Files\BadakEncoder\Badakencoder_update.exe" -o O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: LaunchU3.exe.lnk = ?SystemRoot%\Installer\{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}\_294823.exe O4 - Global Startup: Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe O8 - Extra context menu item: &플래쉬겟으로 모두 받기 - C:\PROGRA~1\FlashGet\jc_all.htm O8 - Extra context menu item: &플래쉬겟으로 받기 - C:\PROGRA~1\FlashGet\jc_link.htm O8 - Extra context menu item: Microsoft Excel로 내보내기(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: 알툴바 빠른검색(&Q) - res://C:\Program Files\ESTsoft\ALToolBar\ALToolBand_1520.dll/23/SEARCH.HTML O9 - Extra button: 리서치 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O15 - ESC Trusted Zone: http://*.update.microsoft.com O16 - DPF: {00001025-A15C-11D4-97A4-0050BF0FBE67} (NetmarbleStarter25 Class) - download.netmarble.net O16 - DPF: {00001026-A15C-11D4-97A4-0050BF0FBE67} (NetmarbleStarter26 Class) - download.netmarble.net O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - www.musicnotes.com O16 - DPF: {18D63578-EA2F-4A59-A49A-7F62E6B3DF3E} (ImP3 Control) - activexdown.paran.com O16 - DPF: {2022EE84-1E1F-45B0-8D35-FF9DA75366BC} (ExpressViewer Class) - download.softforum.co.kr O16 - DPF: {2931566C-B8A6-46C5-BF4D-E6AB9251E953} (Nexon Package Manager Control) - s.nx.com O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - dlm.tools.akamai.com O16 - DPF: {4EFA317A-8569-4788-B175-5BAF9731A549} (Microsoft Virtual Server VMRC Advanced Control) - www.microsoft.com O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - gfx2.hotmail.com O16 - DPF: {5267557D-D090-44EA-BCAA-8576A24810C5} (NetmarbleSystemInformer Class) - download.netmarble.net O16 - DPF: {5C1B293E-DA77-4AFF-8B52-63DEF8C8A071} (NetmarbleAutoUpdater Class) - download.netmarble.net O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - messenger.zone.msn.com O16 - DPF: {6CE20149-ABE3-462E-A1B4-5B549971AA38} (XecureCKKB Class) - ck.softforum.co.kr O16 - DPF: {7E9FDB80-5316-11D4-B02C-00C04F0CD404} (XecureWeb 4.0 Client Control) - www.keb.co.kr O16 - DPF: {81D55AD8-8C9F-426F-9E15-38213391AAFB} (NoriboxStarter Control) - gamepack.netmarble.net O16 - DPF: {8768D5EA-5412-4810-A032-09AD2A726C69} (DownStarter2 Control) - bgweb.nowcdn.co.kr O16 - DPF: {89F434A7-4A49-4394-AC02-007480331AE2} (NetmarbleSystemIDInfo Class) - download.netmarble.net O16 - DPF: {917D7D2D-C7BD-4CDB-A3C4-7084FBE6DE78} (Mfile File Share Control) - www.mfile.co.kr O16 - DPF: {92E82FBB-DA00-41E0-ABFE-95482E21A4F6} (NMTransX Module) - download.netmarble.net O16 - DPF: {9709739B-4909-489B-A1F7-148C74F16EEE} (CNxSysInfoCtrl Object) - s.nx.com O16 - DPF: {99C709C7-4F58-46C1-855B-90213C760395} (V3D Client Control) - v3d.kcp.co.kr O16 - DPF: {A00B2A53-60D9-4477-ADA3-60490770C5E0} (Hanmail Upload Control) - mail2.daum.net O16 - DPF: {A047BE6C-A1CE-41C7-A6EC-85FC184D16F1} (nmDownloadCtrl Class) - download.netmarble.net O16 - DPF: {A1D886C6-4039-4451-97A9-515F5BE5D4C2} (mkdplusCtrl Class) - platform.nx.com O16 - DPF: {A4508A45-F1C4-40F3-99B4-0CA08AC77E3B} (Kdfense8 Control) - download.netmarble.net O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - www.sibelius.com O16 - DPF: {AC6D4501-1A42-4E5D-91AF-395406EF4303} (NowSmartLauncher Control) - ff.nopp.co.kr O16 - DPF: {B0A75875-3622-48BA-B5FF-45AD77AC2D0E} (BankPayEFTCtrl Control) - www.bankpay.or.kr O16 - DPF: {B9B38E70-EEF6-4E3A-AE84-DDE59A053B7C} (Daum ActiveX manager Class) - mail.daum.net O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - messenger.zone.msn.com O16 - DPF: {C49134CC-B5EF-458C-A442-E8DFE7B4645F} (YYGInstantPlay Control) - www.yoyogames.com O16 - DPF: {CBB45291-871B-4ADA-81D0-40D0C89ABD20} (NetmarbleDownloaderExCtrl Class) - download.netmarble.net O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} (NPKCX Control) - update.nprotect.net O16 - DPF: {E78928A6-3D2A-4BF7-A100-F3FBAA351B49} (KvpIspCtlD Control) - www.vpay.co.kr O16 - DPF: {F30E6BE6-F620-4DD7-B67C-47920AEC2F4E} (SystemInfo Control) - ff.nopp.co.kr O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: ALYac_PZSrv - Unknown owner - C:\Program.exe (file missing) O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: iPod 서비스 (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: npkcmsvc - INCA Internet Co., Ltd. - C:\WINDOWS\system32\npkcmsvc.exe O23 - Service: wampapache - Unknown owner - c:\wamp\bin\apache\apache2.2.6\bin\httpd.exe (file missing) O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.0.45\bin\mysqld-nt.exe (file missing) O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe O24 - Desktop Component 0: (no name) - C:\Documents and Settings\Designer\My Documents\GomPlayer\Capture\新聞部.jpg -- End of file - 14361 bytes I got the teamviewer as well. I am installing it right now. Warning, since i'm really into anime, my computer is loaded with those kind of stuff. Hope you dont misunderstand XD	sunjae429 (15805)
1106363	2010-06-02 12:24:00	One thing I've noticed recently is that this laptop gets extremely hot after a couple of minutes. About 4 months ago, right before the problem occurred, my laptop started shooting out balls of silica gel. Maybe that is clogging the fan... But my fan doesn't look like in any state of damage... I am eager to fix this problem, Please help me. Thanks It's overheating! Get it cleaned out now! (Silica gel?? More likely to be balls of dust after 5 years of use with little maintenance).	feersumendjinn (64)
1106364	2010-06-02 12:30:00	Wait sorry that was the Safe mode... Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 오후 11:29:18, on 2010-06-02 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18372) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\wltrysvc.exe C:\WINDOWS\System32\bcmwltry.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\WLTRAY.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Multimedia Card Reader\shwicon2k.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\IObit\Advanced WindowsCare V2\MemCleaner.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Documents and Settings\All Users\Application Data\U3\U3Launcher\LaunchU3.exe C:\Program Files\Orbitdownloader\orbitdm.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\cisvc.exe C:\Program Files\Orbitdownloader\orbitnet.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\npkcmsvc.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Documents and Settings\Designer\Desktop\Everything... lol\Portable_Google_Chrome_4.0.201.1\ChromeLoader. exe C:\Documents and Settings\Designer\Desktop\Everything... lol\Portable_Google_Chrome_4.0.201.1\Chrome\chrome .exe C:\WINDOWS\system32\svchost.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\wscntfy.exe C:\Documents and Settings\Designer\Desktop\Everything... lol\Portable_Google_Chrome_4.0.201.1\Chrome\chrome .exe C:\WINDOWS\system32\conime.exe C:\Program Files\TeamViewer\Version5\TeamViewer.exe C:\WINDOWS\system32\cidaemon.exe C:\HijackThis.exe O2 - BHO: Octh Class - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1106f674-97f1-447c-9bc8-a26ddcd1f8ab} - C:\Program Files\Guidesh\guidesh.dll O2 - BHO: Flashget Catch Url Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FlashGet\jccatch.dll O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: ALToolBar BHO - {7F1A79F9-78D1-4186-9F60-EE0B63DF042A} - C:\Program Files\ESTsoft\ALToolBar\ALToolBand_1520.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: bonusgd - {A58DEAE0-19B2-482f-B1EA-4348F9518145} - C:\Program Files\bonusgd\bonusgd.DLL (file missing) O2 - BHO: (no name) - {db27beb2-b127-4753-8207-40818c27a6f3} - C:\Program Files\bonusgood\bngood.dll O2 - BHO: Reganam Toolbar - {db9d7a78-a76c-4bf2-97c6-258925ee1542} - C:\Program Files\Reganam\tbRega.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll O3 - Toolbar: FlashGet - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\Program Files\FlashGet\fgiebar.dll O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll O3 - Toolbar: ALToolBar - {38FBE93D-4CA1-4414-AF6A-94920C5BD8DA} - C:\Program Files\ESTsoft\ALToolBar\ALToolBand_1520.dll O4 - HKLM\..\Run: [Dell Wireless Manager UI] C:\WINDOWS\system32\WLTRAY O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [Korean IME Migration] C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMEKR\IMKRMIG. EXE /UNINSTALL O4 - HKLM\..\Run: [imekrmig7.0] "C:\Program Files\Common Files\Microsoft Shared\IME\IMKR7\IMEKRMIG.EXE" O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.ex e" -launchedbylogin O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [SmartRAM] C:\Program Files\IObit\Advanced WindowsCare V2\MemCleaner.exe /m O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [BC-MacChange8] C:\Documents and Settings\Designer\Application Data\efg.exe sgi O4 - HKLM\..\Run: [guidesh] C:\Program Files\Guidesh\guidesh.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKCU\..\Run: [Extend-Supporter-idprotect] C:\WINDOWS\system32\smartsupporter_idprotectEx.exe sgi O4 - HKCU\..\Run: [badakencoder] "C:\Program Files\BadakEncoder\Badakencoder_update.exe" -o O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: LaunchU3.exe.lnk = ?SystemRoot%\Installer\{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}\_294823.exe O4 - Global Startup: Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe O8 - Extra context menu item: &플래쉬겟으로 모두 받기 - C:\PROGRA~1\FlashGet\jc_all.htm O8 - Extra context menu item: &플래쉬겟으로 받기 - C:\PROGRA~1\FlashGet\jc_link.htm O8 - Extra context menu item: Microsoft Excel로 내보내기(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: 알툴바 빠른검색(&Q) - res://C:\Program Files\ESTsoft\ALToolBar\ALToolBand_1520.dll/23/SEARCH.HTML O9 - Extra button: 리서치 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O15 - ESC Trusted Zone: http://*.update.microsoft.com O16 - DPF: {00001025-A15C-11D4-97A4-0050BF0FBE67} (NetmarbleStarter25 Class) - download.netmarble.net O16 - DPF: {00001026-A15C-11D4-97A4-0050BF0FBE67} (NetmarbleStarter26 Class) - download.netmarble.net O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - www.musicnotes.com O16 - DPF: {18D63578-EA2F-4A59-A49A-7F62E6B3DF3E} (ImP3 Control) - activexdown.paran.com O16 - DPF: {2022EE84-1E1F-45B0-8D35-FF9DA75366BC} (ExpressViewer Class) - download.softforum.co.kr O16 - DPF: {2931566C-B8A6-46C5-BF4D-E6AB9251E953} (Nexon Package Manager Control) - s.nx.com O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - dlm.tools.akamai.com O16 - DPF: {4EFA317A-8569-4788-B175-5BAF9731A549} (Microsoft Virtual Server VMRC Advanced Control) - www.microsoft.com O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - gfx2.hotmail.com O16 - DPF: {5267557D-D090-44EA-BCAA-8576A24810C5} (NetmarbleSystemInformer Class) - download.netmarble.net O16 - DPF: {5C1B293E-DA77-4AFF-8B52-63DEF8C8A071} (NetmarbleAutoUpdater Class) - download.netmarble.net O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - messenger.zone.msn.com O16 - DPF: {6CE20149-ABE3-462E-A1B4-5B549971AA38} (XecureCKKB Class) - ck.softforum.co.kr O16 - DPF: {7E9FDB80-5316-11D4-B02C-00C04F0CD404} (XecureWeb 4.0 Client Control) - www.keb.co.kr O16 - DPF: {81D55AD8-8C9F-426F-9E15-38213391AAFB} (NoriboxStarter Control) - gamepack.netmarble.net O16 - DPF: {8768D5EA-5412-4810-A032-09AD2A726C69} (DownStarter2 Control) - bgweb.nowcdn.co.kr O16 - DPF: {89F434A7-4A49-4394-AC02-007480331AE2} (NetmarbleSystemIDInfo Class) - download.netmarble.net O16 - DPF: {917D7D2D-C7BD-4CDB-A3C4-7084FBE6DE78} (Mfile File Share Control) - www.mfile.co.kr O16 - DPF: {92E82FBB-DA00-41E0-ABFE-95482E21A4F6} (NMTransX Module) - download.netmarble.net O16 - DPF: {9709739B-4909-489B-A1F7-148C74F16EEE} (CNxSysInfoCtrl Object) - s.nx.com O16 - DPF: {99C709C7-4F58-46C1-855B-90213C760395} (V3D Client Control) - v3d.kcp.co.kr O16 - DPF: {A00B2A53-60D9-4477-ADA3-60490770C5E0} (Hanmail Upload Control) - mail2.daum.net O16 - DPF: {A047BE6C-A1CE-41C7-A6EC-85FC184D16F1} (nmDownloadCtrl Class) - download.netmarble.net O16 - DPF: {A1D886C6-4039-4451-97A9-515F5BE5D4C2} (mkdplusCtrl Class) - platform.nx.com O16 - DPF: {A4508A45-F1C4-40F3-99B4-0CA08AC77E3B} (Kdfense8 Control) - download.netmarble.net O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - www.sibelius.com O16 - DPF: {AC6D4501-1A42-4E5D-91AF-395406EF4303} (NowSmartLauncher Control) - ff.nopp.co.kr O16 - DPF: {B0A75875-3622-48BA-B5FF-45AD77AC2D0E} (BankPayEFTCtrl Control) - www.bankpay.or.kr O16 - DPF: {B9B38E70-EEF6-4E3A-AE84-DDE59A053B7C} (Daum ActiveX manager Class) - mail.daum.net O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - messenger.zone.msn.com O16 - DPF: {C49134CC-B5EF-458C-A442-E8DFE7B4645F} (YYGInstantPlay Control) - www.yoyogames.com O16 - DPF: {CBB45291-871B-4ADA-81D0-40D0C89ABD20} (NetmarbleDownloaderExCtrl Class) - download.netmarble.net O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} (NPKCX Control) - update.nprotect.net O16 - DPF: {E78928A6-3D2A-4BF7-A100-F3FBAA351B49} (KvpIspCtlD Control) - www.vpay.co.kr O16 - DPF: {F30E6BE6-F620-4DD7-B67C-47920AEC2F4E} (SystemInfo Control) - ff.nopp.co.kr O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll O18 - Protocol: cdl - {3DD53D40-7B8B-11D0-B013-00AA0059CE02} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll O18 - Protocol: file - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: ftp - {79EAC9E3-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: gopher - {79EAC9E4-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: http - {79EAC9E2-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: https - {79EAC9E5-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: ipp - (no CLSID) - (no file) O18 - Protocol: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: local - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: mailto - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll O18 - Protocol: mhtml - {05300401-BCBC-11D0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll O18 - Protocol: mk - {79EAC9E6-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL O18 - Protocol: msdaipp - (no CLSID) - (no file) O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DL L O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DL L O18 - Protocol: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll O18 - Protocol: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll O18 - Protocol: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll O18 - Protocol: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: ALYac_PZSrv - Unknown owner - C:\Program.exe (file missing) O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: iPod 서비스 (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: npkcmsvc - INCA Internet Co., Ltd. - C:\WINDOWS\system32\npkcmsvc.exe O23 - Service: wampapache - Unknown owner - c:\wamp\bin\apache\apache2.2.6\bin\httpd.exe (file missing) O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.0.45\bin\mysqld-nt.exe (file missing) O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe O24 - Desktop Component 0: (no name) - C:\Documents and Settings\Designer\My Documents\GomPlayer\Capture\新聞部.jpg -- End of file - 18547 bytes	sunjae429 (15805)
1106365	2010-06-02 12:53:00	There's only one slot but the RAM's only available in USA... According to this, you have 2 memory cards, one is under the keyboard. support.dell.com It looks like a standard laptop sodimm card, www.memoryx.net and is available in NZ. www.pp.co.nz Would pay to check in your documentation what memory capacity your laptop takes, may be only 1GB total (or less, unlikely though).	feersumendjinn (64)
1106366	2010-06-02 13:00:00	Ok stay in safe mode / networking. Tick these entries then tick fix checked Close browsers Uninstall this C:\Program Files\IObit\Advanced WindowsCare V2\MemCleaner.exe Uninstall this O2 - BHO: ALToolBar BHO - {7F1A79F9-78D1-4186-9F60-EE0B63DF042A} - C:\Program Files\ESTsoft\ALToolBar\ALToolBand_1520.dll Uninstall this O2 - BHO: bonusgd - {A58DEAE0-19B2-482f-B1EA-4348F9518145} - C:\Program Files\bonusgd\bonusgd.DLL (file missing) O2 - BHO: (no name) - {db27beb2-b127-4753-8207-40818c27a6f3} - C:\Program Files\bonusgood\bngood.dll Uninstall this O2 - BHO: Reganam Toolbar - {db9d7a78-a76c-4bf2-97c6-258925ee1542} - C:\Program Files\Reganam\tbRega.dll O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [SmartRAM] C:\Program Files\IObit\Advanced WindowsCare V2\MemCleaner.exe /m O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" Do you know what these do? O4 - HKLM\..\Run: [BC-MacChange8] C:\Documents and Settings\Designer\Application Data\efg.exe sgi O4 - HKLM\..\Run: [guidesh] C:\Program Files\Guidesh\guidesh.exe Do you know what these do? O4 - HKCU\..\Run: [Extend-Supporter-idprotect] C:\WINDOWS\system32\smartsupporter_idprotectEx.exe sgi O4 - HKCU\..\Run: [badakencoder] "C:\Program Files\BadakEncoder\Badakencoder_update.exe" -o O4 - Global Startup: Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe O8 - Extra context menu item: 알툴바 빠른검색(&Q) - res://C:\Program Files\ESTsoft\ALToolBar\ALToolBand_1520.dll/23/SEARCH.HTML O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - dlm.tools.akamai.com I would tick all of these O16 - DPF: {00001025-A15C-11D4-97A4-0050BF0FBE67} (NetmarbleStarter25 Class) - download.netmarble.net O16 - DPF: {00001026-A15C-11D4-97A4-0050BF0FBE67} (NetmarbleStarter26 Class) - download.netmarble.net O16 - DPF: {18D63578-EA2F-4A59-A49A-7F62E6B3DF3E} (ImP3 Control) - activexdown.paran.com O16 - DPF: {2022EE84-1E1F-45B0-8D35-FF9DA75366BC} (ExpressViewer Class) - download.softforum.co.kr O16 - DPF: {2931566C-B8A6-46C5-BF4D-E6AB9251E953} (Nexon Package Manager Control) - s.nx.com O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - dlm.tools.akamai.com O16 - DPF: {5267557D-D090-44EA-BCAA-8576A24810C5} (NetmarbleSystemInformer Class) - download.netmarble.net O16 - DPF: {5C1B293E-DA77-4AFF-8B52-63DEF8C8A071} (NetmarbleAutoUpdater Class) - download.netmarble.net O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - messenger.zone.msn.com O16 - DPF: {6CE20149-ABE3-462E-A1B4-5B549971AA38} (XecureCKKB Class) - ck.softforum.co.kr O16 - DPF: {7E9FDB80-5316-11D4-B02C-00C04F0CD404} (XecureWeb 4.0 Client Control) - www.keb.co.kr O16 - DPF: {81D55AD8-8C9F-426F-9E15-38213391AAFB} (NoriboxStarter Control) - gamepack.netmarble.net O16 - DPF: {8768D5EA-5412-4810-A032-09AD2A726C69} (DownStarter2 Control) - bgweb.nowcdn.co.kr O16 - DPF: {89F434A7-4A49-4394-AC02-007480331AE2} (NetmarbleSystemIDInfo Class) - download.netmarble.net O16 - DPF: {917D7D2D-C7BD-4CDB-A3C4-7084FBE6DE78} (Mfile File Share Control) - www.mfile.co.kr O16 - DPF: {92E82FBB-DA00-41E0-ABFE-95482E21A4F6} (NMTransX Module) - download.netmarble.net O16 - DPF: {9709739B-4909-489B-A1F7-148C74F16EEE} (CNxSysInfoCtrl Object) - s.nx.com O16 - DPF: {99C709C7-4F58-46C1-855B-90213C760395} (V3D Client Control) - v3d.kcp.co.kr O16 - DPF: {A00B2A53-60D9-4477-ADA3-60490770C5E0} (Hanmail Upload Control) - mail2.daum.net O16 - DPF: {A047BE6C-A1CE-41C7-A6EC-85FC184D16F1} (nmDownloadCtrl Class) - download.netmarble.net O16 - DPF: {A1D886C6-4039-4451-97A9-515F5BE5D4C2} (mkdplusCtrl Class) - platform.nx.com O16 - DPF: {A4508A45-F1C4-40F3-99B4-0CA08AC77E3B} (Kdfense8 Control) - download.netmarble.net O16 - DPF: {AC6D4501-1A42-4E5D-91AF-395406EF4303} (NowSmartLauncher Control) - ff.nopp.co.kr O16 - DPF: {B0A75875-3622-48BA-B5FF-45AD77AC2D0E} (BankPayEFTCtrl Control) - www.bankpay.or.kr O16 - DPF: {B9B38E70-EEF6-4E3A-AE84-DDE59A053B7C} (Daum ActiveX manager Class) - mail.daum.net O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} O16 - DPF: {C49134CC-B5EF-458C-A442-E8DFE7B4645F} (YYGInstantPlay Control) - www.yoyogames.com O16 - DPF: {CBB45291-871B-4ADA-81D0-40D0C89ABD20} (NetmarbleDownloaderExCtrl Class) - download.netmarble.net O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} (NPKCX Control) - update.nprotect.net O16 - DPF: {E78928A6-3D2A-4BF7-A100-F3FBAA351B49} (KvpIspCtlD Control) - www.vpay.co.kr O16 - DPF: {F30E6BE6-F620-4DD7-B67C-47920AEC2F4E} (SystemInfo Control) - ff.nopp.co.kr O18 - Protocol: ipp - (no CLSID) - (no file) O18 - Protocol: msdaipp - (no CLSID) - (no file O23 - Service: ALYac_PZSrv - Unknown owner - C:\Program.exe (file missing) Then reboot, then get malwarebytes below update it then scan the whole hard drive. If you need help get teamviewer in the link posted before and I'll fix it for you. Post the ID and PW in safe mode / networking in here	Speedy Gonzales (78)
1106367	2010-06-02 13:14:00	can't i stay in normal mode? I am right now... By the way, I'm running Trojan Scan and these pop up: C:\WINDOWS\system32\svchost.exe HKLM\SYSTEM\CurrentControlSet\Services\aqbnxxqh\"ImagePath" C:\WINDOWS\system32\svchost.exe HKLM\SYSTEM\CurrentControlSet\Services\vgvej\"ImagePath" C:\WINDOWS\system32\ConTest.dll Potential Malware PUS.ASCENTIVEPERFORMANCE	sunjae429 (15805)
1106368	2010-06-02 13:16:00	Delete whatever trojan remover picks up then reboot. It'll be better in safe mode, since if malware is in startup, it wont run in safe mode. But since youre in windows now, disable system restore first, then tick the entries then tick fix checked in hijackthis. If you dont know what any of the entries in startup belong to	Speedy Gonzales (78)
1106369	2010-06-02 13:21:00	O4 - HKLM\..\Run: [BC-MacChange8] C:\Documents and Settings\Designer\Application Data\efg.exe sgi I don't know O4 - HKLM\..\Run: [guidesh] C:\Program Files\Guidesh\guidesh.exe I don't know O4 - HKCU\..\Run: [Extend-Supporter-idprotect] C:\WINDOWS\system32\smartsupporter_idprotectEx.exe sgi I don't know O4 - HKCU\..\Run: [badakencoder] "C:\Program Files\BadakEncoder\Badakencoder_update.exe" -o No use... For an old encoder...	sunjae429 (15805)
1106370	2010-06-02 13:23:00	O4 - HKLM\..\Run: [BC-MacChange8] C:\Documents and Settings\Designer\Application Data\efg.exe sgi I don't know O4 - HKLM\..\Run: [guidesh] C:\Program Files\Guidesh\guidesh.exe I don't know O4 - HKCU\..\Run: [Extend-Supporter-idprotect] C:\WINDOWS\system32\smartsupporter_idprotectEx.exe sgi I don't know O4 - HKCU\..\Run: [badakencoder] "C:\Program Files\BadakEncoder\Badakencoder_update.exe" -o No use... For an old encoder... Tick those entries then tick fix checked. If theyre in add/remove programs uninstall them. MAKE SURE you disable system restore first. Or they may come back	Speedy Gonzales (78)
1106371	2010-06-02 23:03:00	Geez all those BHO's can't be helping your system run smoothly. Be careful what you download, and don't install anything that is going to affect your browser, usually they're malicious. I don't even like the Yahoo! Messenger toolbars it's just a waste of space. Despite the name Browser Helper Objects aren't always going to be helpful ;)	GreacherTech (15784)
1 2 3