Unsolved
This post is more than 5 years old
25 Posts
0
319
October 31st, 2007 15:00
HJT Log; system clock resets itself
Bugbatter-
Per last reply on previous thread, I ran anti-virus software and removed adwares it found. It also removed tracking cookies, but problem persists.
Followed is fresh HJT log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:27:15 AM, on 10/31/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Scan saved at 8:27:15 AM, on 10/31/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Maxtor\Schedule2\schedul2.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Common Files\Maxtor\Schedule2\schedhlp.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Maxtor\Schedule2\schedul2.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Common Files\Maxtor\Schedule2\schedhlp.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O1 - Hosts: 64.237.37.47 auto.search.msn.com
O1 - Hosts: ind.com
O1 - Hosts: u.com
O1 - Hosts: r.com
O1 - Hosts: 127.
O1 - Hosts: 64.237.37.47 auto.search.msn.com
O1 - Hosts: 64.237.37.47 auto.search.msn.com
O1 - Hosts: 64.237.37.47 auto.search.msn.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {55E301E5-BA44-4095-BB0B-14E0123CCF71} - (no file)
O2 - BHO: (no name) - {72AC6865-B1D3-4C32-A27B-4B3BF04DE655} - (no file)
O2 - BHO: (no name) - {79C03BC5-6C55-4B5B-921F-C02B6F1ABD7B} - (no file)
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptcl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {870B70D4-F6DA-47AE-9158-D146440A0A4D} - (no file)
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb06.exe
O4 - HKLM\..\Run: [tcplog] C:\WINDOWS\Web\PRINTERS\tcplog.exe
O4 - HKLM\..\Run: [mcc] C:\WINDOWS\msagent\mcc.exe
O4 - HKLM\..\Run: [ncfwecbkl] C:\WINDOWS\System32\pyhgqyd.exe
O4 - HKLM\..\Run: [*tcplog] C:\WINDOWS\Web\PRINTERS\tcplog.exe
O4 - HKLM\..\Run: [*mcc] C:\WINDOWS\msagent\mcc.exe
O4 - HKLM\..\Run: [*ftpbak] C:\WINDOWS\java\CLASSES\ftpbak.exe
O4 - HKLM\..\Run: [*vssmsvc] C:\WINDOWS\Tasks\vssmsvc.exe
O4 - HKLM\..\Run: [*faxbak] C:\WINDOWS\msagent\faxbak.exe
O4 - HKLM\..\Run: [*svrnet] C:\WINDOWS\system\svrnet.exe
O4 - HKLM\..\Run: [*dvdurl] C:\WINDOWS\Microsoft.NET\dvdurl.exe
O4 - HKLM\..\Run: [*abrwave] C:\WINDOWS\security\Database\abrwave.exe
O4 - HKLM\..\Run: [*srvdb] C:\WINDOWS\security\Database\srvdb.exe
O4 - HKLM\..\Run: [*cabc] C:\WINDOWS\Web\PRINTERS\cabc.exe
O4 - HKLM\..\Run: [*tcpms] C:\WINDOWS\Config\tcpms.exe
O4 - HKLM\..\Run: [*antitapi] C:\WINDOWS\Cursors\antitapi.exe
O4 - HKLM\..\Run: [*eulatapi] C:\WINDOWS\eulatapi.exe
O4 - HKLM\..\Run: [*unxml] C:\WINDOWS\msagent\unxml.exe
O4 - HKLM\..\Run: [*libftp] C:\WINDOWS\java\libftp.exe
O4 - HKLM\..\Run: [*bakjava] C:\WINDOWS\system\bakjava.exe
O4 - HKLM\..\Run: [*fontdrv] C:\WINDOWS\Cursors\fontdrv.exe
O4 - HKLM\..\Run: [*libdoc] C:\WINDOWS\inf\libdoc.exe
O4 - HKLM\..\Run: [*winun] C:\WINDOWS\system32\IME\CINTLGNT\winun.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Maxtor\Schedule2\schedhlp.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: cpcScanner -
O16 - DPF: {04E7BADF-F3B9-420D-B82D-8D8CADEFE4F9} (CyImage2Ctl Class) - http://cyimg8.cyworld.com/ImageUpload/CyImageUpload_10217.cab
O16 - DPF: {0CD2EC08-3CF6-4BC4-BF48-824F4C1994F1} (SecureSession Class) - http://www.samsungfn.com/contents/trustnet/TNWebToolkitForIE.cab
O16 - DPF: {19928674-38A3-44A0-8EBB-C42EE81C2524} -
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -
O16 - DPF: {24A04430-81DA-467A-BE87-774DFAECBBF6} -
O16 - DPF: {286A75C3-11FB-4FB4-AC4A-4DD1B0750050} (INISAFEWeb6 V6 Class) - http://www.bestez.com/initech/plugin/down/INIS60.cab
O16 - DPF: {32D94A9F-9A18-4E12-863D-8AABA8CBDA78} (NateOnMMSAtx3 Class) -
O16 - DPF: {49EA1597-4149-42FC-A01D-A03E07980D37} (WiseInstaller Class) - http://www.booktopia.com/booktopia/mylibrary/WiseInstaller/WiseInstaller.dll
O16 - DPF: {4F17A0E3-ABCC-45BF-B859-6DE2A24D890C} (BTContain Class) - http://download.pcsmile.co.kr/PCSmile/PCSmilePack.CAB
O16 - DPF: {83682BF2-2351-45C1-963C-9BB635A05178} (IssacWebSE2 Class) - http://www.bestez.com/issacweb/Client/Auto2/ISSACWebSE2.cab
O16 - DPF: {90D1D09A-EE24-4284-8A97-D5E4C189AC10} -
O16 - DPF: {A1832535-5218-42F9-8959-19E2BCABFABF} (INIwallet50 Control) - http://plugin.inicis.com/wallet50/INIwallet50.cab
O16 - DPF: {A4508A45-F1C4-40F3-99B4-0CA08AC77E3B} - http://kings.nefficient.co.kr/kings/kdfx/kdfx238/kdfense8.cab
O16 - DPF: {A671DC03-71D0-4CF0-895C-7D4A248FC1F1} -
O16 - DPF: {A996E48C-D3DC-4244-89F7-AFA33EC60679} -
O16 - DPF: {CA9E3910-9502-405E-87BD-DE844FFBCE62} (EJisuChart Control) - http://edaily.naver.com/StockChart/eSiseChart3.CAB
O16 - DPF: {CB5C683C-416A-4701-B018-0F1B21D64D6B} (SKCInst1 Class) - http://cyimg7.cyworld.com/cymusic/package/skcinst.cab
O16 - DPF: {CEB5C2A3-180A-4121-BDAC-B9B92859D652} (MaPrtRail Class) - http://www.korail.com/ht/markany/client/MaPrtChk_KRAIL.cab
O16 - DPF: {D923AE0C-190D-4EDF-B07A-76AC571FBFD4} (SCSKEx Control) - http://www.bestez.com/keystroke/scskex.cab
O16 - DPF: {EC5D5118-9FDE-4A3E-84F3-C2B711740E70} (SKCommAX Control) - http://www.bestez.com/download/sign/SKCommAX.cab
O16 - DPF: {EDEB4C33-5320-42B3-838C-ADF6A0D2055B} -
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} -
O16 - DPF: {FA628600-4381-4B88-B354-7019604D6E5A} -
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = MarathonFunding.com
O17 - HKLM\Software\..\Telephony: DomainName = MarathonFunding.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{C2D58BEB-34BD-4C64-8DAB-91965B9F264A}: NameServer = 192.168.1.200,192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = MarathonFunding.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = MarathonFunding.com
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Maxtor\Schedule2\schedul2.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O24 - Desktop Component 0: (no name) - http://images.meredith.com/bhg/images/wallpaper/BHG125236_800.jpg
O24 - Desktop Component 1: (no name) - http://www.imgag.com/product/full/ap/3054890/graphic1.jpg
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O1 - Hosts: 64.237.37.47 auto.search.msn.com
O1 - Hosts: ind.com
O1 - Hosts: u.com
O1 - Hosts: r.com
O1 - Hosts: 127.
O1 - Hosts: 64.237.37.47 auto.search.msn.com
O1 - Hosts: 64.237.37.47 auto.search.msn.com
O1 - Hosts: 64.237.37.47 auto.search.msn.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {55E301E5-BA44-4095-BB0B-14E0123CCF71} - (no file)
O2 - BHO: (no name) - {72AC6865-B1D3-4C32-A27B-4B3BF04DE655} - (no file)
O2 - BHO: (no name) - {79C03BC5-6C55-4B5B-921F-C02B6F1ABD7B} - (no file)
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptcl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {870B70D4-F6DA-47AE-9158-D146440A0A4D} - (no file)
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb06.exe
O4 - HKLM\..\Run: [tcplog] C:\WINDOWS\Web\PRINTERS\tcplog.exe
O4 - HKLM\..\Run: [mcc] C:\WINDOWS\msagent\mcc.exe
O4 - HKLM\..\Run: [ncfwecbkl] C:\WINDOWS\System32\pyhgqyd.exe
O4 - HKLM\..\Run: [*tcplog] C:\WINDOWS\Web\PRINTERS\tcplog.exe
O4 - HKLM\..\Run: [*mcc] C:\WINDOWS\msagent\mcc.exe
O4 - HKLM\..\Run: [*ftpbak] C:\WINDOWS\java\CLASSES\ftpbak.exe
O4 - HKLM\..\Run: [*vssmsvc] C:\WINDOWS\Tasks\vssmsvc.exe
O4 - HKLM\..\Run: [*faxbak] C:\WINDOWS\msagent\faxbak.exe
O4 - HKLM\..\Run: [*svrnet] C:\WINDOWS\system\svrnet.exe
O4 - HKLM\..\Run: [*dvdurl] C:\WINDOWS\Microsoft.NET\dvdurl.exe
O4 - HKLM\..\Run: [*abrwave] C:\WINDOWS\security\Database\abrwave.exe
O4 - HKLM\..\Run: [*srvdb] C:\WINDOWS\security\Database\srvdb.exe
O4 - HKLM\..\Run: [*cabc] C:\WINDOWS\Web\PRINTERS\cabc.exe
O4 - HKLM\..\Run: [*tcpms] C:\WINDOWS\Config\tcpms.exe
O4 - HKLM\..\Run: [*antitapi] C:\WINDOWS\Cursors\antitapi.exe
O4 - HKLM\..\Run: [*eulatapi] C:\WINDOWS\eulatapi.exe
O4 - HKLM\..\Run: [*unxml] C:\WINDOWS\msagent\unxml.exe
O4 - HKLM\..\Run: [*libftp] C:\WINDOWS\java\libftp.exe
O4 - HKLM\..\Run: [*bakjava] C:\WINDOWS\system\bakjava.exe
O4 - HKLM\..\Run: [*fontdrv] C:\WINDOWS\Cursors\fontdrv.exe
O4 - HKLM\..\Run: [*libdoc] C:\WINDOWS\inf\libdoc.exe
O4 - HKLM\..\Run: [*winun] C:\WINDOWS\system32\IME\CINTLGNT\winun.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Maxtor\Schedule2\schedhlp.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: cpcScanner -
O16 - DPF: {04E7BADF-F3B9-420D-B82D-8D8CADEFE4F9} (CyImage2Ctl Class) - http://cyimg8.cyworld.com/ImageUpload/CyImageUpload_10217.cab
O16 - DPF: {0CD2EC08-3CF6-4BC4-BF48-824F4C1994F1} (SecureSession Class) - http://www.samsungfn.com/contents/trustnet/TNWebToolkitForIE.cab
O16 - DPF: {19928674-38A3-44A0-8EBB-C42EE81C2524} -
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -
O16 - DPF: {24A04430-81DA-467A-BE87-774DFAECBBF6} -
O16 - DPF: {286A75C3-11FB-4FB4-AC4A-4DD1B0750050} (INISAFEWeb6 V6 Class) - http://www.bestez.com/initech/plugin/down/INIS60.cab
O16 - DPF: {32D94A9F-9A18-4E12-863D-8AABA8CBDA78} (NateOnMMSAtx3 Class) -
O16 - DPF: {49EA1597-4149-42FC-A01D-A03E07980D37} (WiseInstaller Class) - http://www.booktopia.com/booktopia/mylibrary/WiseInstaller/WiseInstaller.dll
O16 - DPF: {4F17A0E3-ABCC-45BF-B859-6DE2A24D890C} (BTContain Class) - http://download.pcsmile.co.kr/PCSmile/PCSmilePack.CAB
O16 - DPF: {83682BF2-2351-45C1-963C-9BB635A05178} (IssacWebSE2 Class) - http://www.bestez.com/issacweb/Client/Auto2/ISSACWebSE2.cab
O16 - DPF: {90D1D09A-EE24-4284-8A97-D5E4C189AC10} -
O16 - DPF: {A1832535-5218-42F9-8959-19E2BCABFABF} (INIwallet50 Control) - http://plugin.inicis.com/wallet50/INIwallet50.cab
O16 - DPF: {A4508A45-F1C4-40F3-99B4-0CA08AC77E3B} - http://kings.nefficient.co.kr/kings/kdfx/kdfx238/kdfense8.cab
O16 - DPF: {A671DC03-71D0-4CF0-895C-7D4A248FC1F1} -
O16 - DPF: {A996E48C-D3DC-4244-89F7-AFA33EC60679} -
O16 - DPF: {CA9E3910-9502-405E-87BD-DE844FFBCE62} (EJisuChart Control) - http://edaily.naver.com/StockChart/eSiseChart3.CAB
O16 - DPF: {CB5C683C-416A-4701-B018-0F1B21D64D6B} (SKCInst1 Class) - http://cyimg7.cyworld.com/cymusic/package/skcinst.cab
O16 - DPF: {CEB5C2A3-180A-4121-BDAC-B9B92859D652} (MaPrtRail Class) - http://www.korail.com/ht/markany/client/MaPrtChk_KRAIL.cab
O16 - DPF: {D923AE0C-190D-4EDF-B07A-76AC571FBFD4} (SCSKEx Control) - http://www.bestez.com/keystroke/scskex.cab
O16 - DPF: {EC5D5118-9FDE-4A3E-84F3-C2B711740E70} (SKCommAX Control) - http://www.bestez.com/download/sign/SKCommAX.cab
O16 - DPF: {EDEB4C33-5320-42B3-838C-ADF6A0D2055B} -
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} -
O16 - DPF: {FA628600-4381-4B88-B354-7019604D6E5A} -
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = MarathonFunding.com
O17 - HKLM\Software\..\Telephony: DomainName = MarathonFunding.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{C2D58BEB-34BD-4C64-8DAB-91965B9F264A}: NameServer = 192.168.1.200,192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = MarathonFunding.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = MarathonFunding.com
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Maxtor\Schedule2\schedul2.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O24 - Desktop Component 0: (no name) - http://images.meredith.com/bhg/images/wallpaper/BHG125236_800.jpg
O24 - Desktop Component 1: (no name) - http://www.imgag.com/product/full/ap/3054890/graphic1.jpg
--
End of file - 10000 bytes
End of file - 10000 bytes
Please advise
No Events found!