Library
My library

+ Add to library

Contact us
24/7 Tech support | Rules regarding submitting

Send a message

Your tickets

Profile

Trojan.InstallCore.2716

Added to the Dr.Web virus database: 2016-09-20

Virus description added:

Technical Information

To ensure autorun and distribution
Modifies the following registry keys
  • [<HKLM>\Software\Classes\jamak\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.k3g\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.EXE" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.3gp\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.EXE" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.skm\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.EXE" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.dmskm\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.EXE" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.lmp4\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.EXE" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.rm\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.EXE" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.rmvb\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.EXE" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.mkv\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.EXE" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.ogm\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.EXE" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.wmv\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.EXE" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.ogv\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.EXE" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.flv\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.EXE" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.mqv\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.EXE" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.mov\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.EXE" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.mpeg\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.EXE" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.trp\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.EXE" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.ts\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.EXE" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.mts\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.EXE" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.m2ts\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.EXE" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.m2t\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.EXE" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.mp4\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.EXE" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.m4v\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.EXE" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.dmb\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.EXE" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.tp\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.EXE" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.dvd\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.EXE" /open "%1"'
  • [<HKLM>\Software\Classes\gomcmd\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" %1'
  • [<HKLM>\Software\Classes\avis\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" "%1"'
  • [<HKLM>\Software\Classes\ogms\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.gom\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.EXE" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.avi\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.EXE" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.svi\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.EXE" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.divx\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.EXE" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.asx\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.EXE" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.asf\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.EXE" /open "%1"'
  • [<HKLM>\Software\CLASSES\Gomplayer.Skinfile\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.EXE" "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.swf\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.EXE" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.wmx\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.EXE" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.wm\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.EXE" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.wmp\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.EXE" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.mpg\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.EXE" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.mpe\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.EXE" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.dat\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.EXE" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.ifo\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.EXE" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.vob\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.EXE" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.m1v\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.EXE" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.m2v\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.EXE" /open "%1"'
  • [<HKLM>\Software\Classes\gomlogo\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.wvx\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.EXE" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.MediaFile\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.EXE" /open "%1"'
Malicious functions
Executes the following
  • '%ProgramFiles(x86)%\internet explorer\iexplore.exe' http://www.go##ab.com/gom/installThanks.gom?la#####
Modifies file system
Creates the following files
  • %TEMP%\7zipsfx.000\gomplayeressetup.exe
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\btn_sys_close7.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\btn_sys_close.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\btn_sys_border.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\btn_subfind.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\btn_stream.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\btn_stop.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\btn_search.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\btn_screenshot.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\btn_rew.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\btn_playlist.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\btn_play.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\btn_pause.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\btn_open.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\btn_ontopplay.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\btn_ontopalways.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\btn_sys_mainicon.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\btn_mute_on.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\btn_mute_off.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\btn_miniapps_home_white.png
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\btn_miniapps_home_black.png
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\btn_miniapps_favor_on_white.png
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\btn_miniapps_favor_on_black.png
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\btn_miniapps_favor_off_white.png
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\btn_miniapps_favor_off_black.png
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\btn_ff.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\btn_controlpanel.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\btn_ch_open.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\btn_ch_close.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\btn_channel_toggle_r.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\btn_ontopnone.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\pl\list_slider_main_knob.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\btn_sys_maximize.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\static_bg_miniapps.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\slider_volume_knob_hot.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\slider_volume_knob.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\slider_volume_fill.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\slider_volume_empty.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\slider_main_range.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\slider_main_knob_hot.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\slider_main_knob.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\slider_main.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\skin.xml.bak
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\skin.xml
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\pl_mainframe.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\main_rgn_rt.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\main_rgn_rb.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\btn_channel_toggle_l.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\btn_sys_fullscreen.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\list.xml
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\gommain_v2.swf
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\gominfo_v2.swf
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\btn_web_reload_white.png
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\btn_web_reload_black.png
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\btn_web_pre_white.png
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\btn_web_pre_black.png
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\btn_web_next_white.png
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\btn_web_next_black.png
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\btn_sys_set.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\btn_sys_restore7.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\btn_sys_restore.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\btn_sys_minimize7.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\btn_sys_minimize.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\main_rgn_lb.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\btn_sys_maximize7.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\btn_channel_fs_toggle_r.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\btn_channel_fs_toggle_l.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\btn_ch.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\video_btn_subb_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\logo\static_ad.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\logo\soundonly.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\logo\side.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\logo\gom_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\logo\gomremocon_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\logo\btn_ad.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\video_st_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\video_slider_knob.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\video_slider_fill.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\video_slider_empty.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\video_line.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\video_ct_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\video_bt_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\static_bottom_border.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\music\slider_main_empty.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\video_btn_reset.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\video_btn_pstoggle_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\video_btn_langnext_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\video_btn_cap_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\video_btn_cap2_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\sub_size_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\sub_pos_updn_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\sub_pos_ltrt_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\main_video_on_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\main_video_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\main_sub_on_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\main_sub_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\main_dvd_on.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\main_dvd.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\video_btn_subf_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\main_rgn_lt.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\music\slider_main_fill.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\music\slider_volume_fill.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\music\slider_main_knob.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\btn_360vr.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\bkgnd_search.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\pl\slider_volume_knob.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\pl\pl_playlist_selitem_frame.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\pl\pl_playlist_item_frame.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\pl\pl_playlist_header_column2.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\pl\pl_playlist_header_column1.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\pl\pl_btn_sort_menu_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\pl\pl_btn_sel_menu_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\pl\pl_btn_list_menu_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\pl\pl_btn_del_menu_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\pl\pl_btn_add_menu_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\pl\minimize.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\music\slider_volume_empty.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\pl\mainframe_temp.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\music\info_frame.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\pl\list_slider_main.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\pl\list_frame.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\pl\list_bkgnd.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\pl\close.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\pl\btn_sys_minimize.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\pl\btn_stop.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\pl\btn_repeat_on.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\pl\btn_repeat.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\pl\btn_playlistprev.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\pl\btn_playlistnext.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\pl\btn_play.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\pl\btn_pause.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\music\slider_volume_knob.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\pl\mainframe.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\static_caption_act.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\static_caption_frame.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\static_caption_noact.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\pl\pl_playlist_header_column2.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\pl\pl_playlist_header_column1.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\pl\pl_btn_sort_menu_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\pl\pl_btn_sel_menu_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\pl\pl_btn_list_menu_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\pl\pl_btn_dotline_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\pl\pl_btn_del_menu_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\pl\pl_btn_add_menu_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\pl\mainframe2.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\pl\list_slider_main_knob.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\pl\list_slider_main.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\pl\list_bkgnd.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\pl\btn_shuffle_on.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\pl\btn_shuffle.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\pl\pl_playlist_item_frame.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\pl\btn_repeat_on.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\logo\soundonly.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\logo\gommain.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\infoline\infoline.html
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\infoline\background.png
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\cp\vol_slider_fill.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\cp\vol_slider_empty.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\cp\video_st_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\cp\video_slider_knob.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\cp\video_slider_fill.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\cp\video_slider_empty.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\cp\video_ct_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\cp\video_bt_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\cp\video_btn_subf_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\cp\video_btn_subb_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\pl\btn_repeat.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\gomtvstrm.dll
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\main_control_on_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\vr360\bg_img.png
  • %APPDATA%\microsoft\internet explorer\quick launch\user pinned\taskbar\gom.exe.lnk
  • %TEMP%\gom.exe.lnk
  • %TEMP%\pin2taskbar.exe
  • %APPDATA%\microsoft\windows\start menu\gom player.lnk
  • %APPDATA%\microsoft\internet explorer\quick launch\gom player.lnk
  • C:\users\public\desktop\gom player.lnk
  • %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\gom player\uninstall.lnk
  • %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\gom player\homepage.url
  • %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\gom player\gom player.lnk
  • %ProgramFiles(x86)%\gretech\gomplayer\codecs\mpeg2decfilter.ax
  • %ProgramFiles(x86)%\gretech\gomplayer\codecs\mpadecfilter.ax
  • %ProgramFiles(x86)%\gretech\gomplayer\uninstall.exe
  • %ProgramFiles(x86)%\gretech\gomplayer\gomtvstrmlang\english.ini
  • %ProgramFiles(x86)%\gretech\gomplayer\gomtvstrmlang\controlid.data
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\cp\video_btn_reset.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\gomtvstreamer_grlauncher.ini
  • %ProgramFiles(x86)%\gretech\gomplayer\logos\gom.jpg
  • %ProgramFiles(x86)%\gretech\gomplayer\logos\smile.jpg
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\wv\btn_wview_close.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\web\flx_btn_w.png
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\web\fail.html
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\web\bul_pagereload.gif
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\vr360\vr360_help.xml
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\vr360\img_tip3.png
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\vr360\img_tip1.png
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\vr360\img_tip.png
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\vr360\guide_right.png
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\vr360\guide_center_2.png
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\vr360\guide_center.png
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\vr360\btn_close.png
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\pl\pl_playlist_item_frame_b.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\cp\frame_audio.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\cp\video_btn_pstoggle_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\cp\con_btn_rate_dn_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\cp\con_btn_bigrew.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\cp\con_btn_bigff.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\cp\close.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\tag_r.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\tag_l.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\tagon.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\tag.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\gomsound.swf
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\control_transparent_slider.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\control_transparent_knob_hot.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\control_transparent_knob.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\time_font_gray_slash.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\time_font_gray.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\time_font.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\cp\con_btn_ff.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\static_main_border.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\static_sys_border.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\static_search.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\static_rightframe_top.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\static_rightframe_popup2.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\static_rightframe_c.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\static_rightframe.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\static_leftframe.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\static_inner_frame_t.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\static_gomtv_frame_corner.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\static_gomtv_frame_bottom.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\static_dot_line.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\static_cp_info2.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\static_cp_info.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\static_cp_center.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\static_web_loading.bmp
  • %TEMP%\nsm1066.tmp\inetc.dll
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\cp\video_btn_cap_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\cp\con_btn_rate_up_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\cp\video_btn_cap2_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\cp\sub_size_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\cp\sub_pos_updn_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\cp\sub_pos_ltrt_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\cp\main_video_on_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\cp\main_video_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\cp\main_sub_on_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\cp\main_sub_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\cp\main_control_on_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\cp\main_control_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\cp\main_audio_on_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\cp\main_audio_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\cp\mainframe.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\cp\frame_sub_video.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\cp\video_btn_langnext_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\cp\frame_control_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\cp\eq_slider_knob.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\cp\eq_slider_fill.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\cp\eq_slider_empty.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\cp\eq_btn_use_on.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\cp\eq_btn_use.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\cp\eq_btn_presets_reset_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\cp\eq_btn_presets_list.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\cp\eq_btn_eq_presets_save_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\cp\eq_btn_eq_presets_del_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\cp\con_static_sectionrpt_time.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\cp\con_btn_sectionrpt_unset_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\cp\con_btn_sectionrpt_set_s_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\cp\con_btn_sectionrpt_set_e_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\cp\con_btn_rew.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\cp\con_btn_rate_default_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\gom2013\pl\pl_playlist_selitem_frame.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\main_control_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\static_state_stop.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_cp_right.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_cp_left.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_cp_info2.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_cp_info.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_cp_client.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_channel_frame.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_caption_noact.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_caption_frame.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_caption_act.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\slider_volume_knob_hot.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\slider_volume_knob.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\slider_volume_fill.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\slider_volume_empty.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\slider_main_range.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\slider_main_knob.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_leftframe.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\slider_main.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\skin.xml
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\main_rgn_rt.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\main_rgn_rb.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\main_rgn_lt.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\main_rgn_lb.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\list.xml
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\btn_sys_restore.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\btn_sys_minimize.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\btn_sys_maximize.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\btn_sys_mainicon.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\btn_sys_fullscreen.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\btn_sys_close.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\slider_main_knob_hot.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\settingskin\buttonframe.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_leftframe_bottom.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\eq_btn_presets_list.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\eq_btn_eq_presets_save_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\eq_btn_eq_presets_del_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\con_static_sectionrpt.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\con_btn_sectionrpt_unset_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\con_btn_sectionrpt_set_s_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\con_btn_sectionrpt_set_e_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\con_btn_rew.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\con_btn_rate_up_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\con_btn_rate_dn_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\con_btn_rate_default_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\con_btn_ff.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\con_btn_bigrew.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\con_btn_bigff.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\btn_sys_border.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_leftbottom.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\time_font.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_main_logo.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_main_border.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_state_stop.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_state_ready.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_state_play.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_state_pause.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_slider_bg.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_righttop.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_rightframe_bottom.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_rightframe.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_rightbottom.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_main_bg2.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_main_bg.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\gomsound.swf
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_lefttop.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\btn_stop.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\btn_srch.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\btn_rew.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\mediainfo.dll
  • %ProgramFiles(x86)%\gretech\gomplayer\rtparser.exe
  • %ProgramFiles(x86)%\gretech\gomplayer\lgpl.txt
  • %ProgramFiles(x86)%\gretech\gomplayer\gom.ini
  • %ProgramFiles(x86)%\gretech\gomplayer\icon.dll
  • %ProgramFiles(x86)%\gretech\gomplayer\setting.ini
  • %ProgramFiles(x86)%\gretech\gomplayer\dbghelp.dll
  • %ProgramFiles(x86)%\gretech\gomplayer\gwinhttp.dll
  • %ProgramFiles(x86)%\gretech\gomplayer\crashdumpcollector.dll
  • %ProgramFiles(x86)%\gretech\gomplayer\grlauncher.ini
  • %ProgramFiles(x86)%\gretech\gomplayer\grlauncher.exe
  • %ProgramFiles(x86)%\gretech\gomplayer\gom.exe
  • %ProgramFiles(x86)%\gretech\gomplayer\gomweb3.dll
  • %ProgramFiles(x86)%\gretech\gomplayer\gomx.dll
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\eq_btn_presets_reset_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\qscl.dll
  • %ProgramFiles(x86)%\gretech\gomplayer\libmfxsw32.dll
  • %ProgramFiles(x86)%\gretech\gomplayer\avfilter-gp-5.dll
  • %ProgramFiles(x86)%\gretech\gomplayer\swresample-gp-1.dll
  • %ProgramFiles(x86)%\gretech\gomplayer\tbb.dll
  • %ProgramFiles(x86)%\gretech\gomplayer\swscale-gp-3.dll
  • %ProgramFiles(x86)%\gretech\gomplayer\avutil-gp-54.dll
  • %ProgramFiles(x86)%\gretech\gomplayer\avformat-gp-56.dll
  • %ProgramFiles(x86)%\gretech\gomplayer\avcodec-gp-56.dll
  • %ProgramFiles(x86)%\gretech\gomplayer\killgom.exe
  • %TEMP%\nsm1066.tmp\fusion.dll
  • %TEMP%\nsispromotionex.dll
  • %TEMP%\nsm1066.tmp\nsisos.dll
  • %TEMP%\nsm1066.tmp\system.dll
  • %TEMP%\nsx1056.tmp
  • %ProgramFiles(x86)%\gretech\gomplayer\gifmaker.dll
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\close.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\subtitle.dll
  • %ProgramFiles(x86)%\gretech\gomplayer\mfxplugin32_hevcd_sw.dll
  • %ProgramFiles(x86)%\gretech\gomplayer\subtitlefilter.dll
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\btn_preference_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\btn_playlist.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\btn_play.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\btn_pause.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\btn_open.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\btn_mute_on.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\btn_mute_off.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\btn_ff.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\btn_controlpanel.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\lang\controlidesp2.xml
  • %ProgramFiles(x86)%\gretech\gomplayer\lang\controlidesp.xml
  • %ProgramFiles(x86)%\gretech\gomplayer\text.esp\shortcut.txt
  • %ProgramFiles(x86)%\gretech\gomplayer\text.esp\jmdbnotice.txt
  • %ProgramFiles(x86)%\gretech\gomplayer\libass.dll
  • %ProgramFiles(x86)%\gretech\gomplayer\text.esp\history.txt
  • %ProgramFiles(x86)%\gretech\gomplayer\dodge.dll
  • %ProgramFiles(x86)%\gretech\gomplayer\settingskin\skin.xml
  • %ProgramFiles(x86)%\gretech\gomplayer\urls\default.asx
  • %ProgramFiles(x86)%\gretech\gomplayer\grfu.ax
  • %ProgramFiles(x86)%\gretech\gomplayer\gsfu.ax
  • %ProgramFiles(x86)%\gretech\gomplayer\gnf.ax
  • %ProgramFiles(x86)%\gretech\gomplayer\gaf.ax
  • %ProgramFiles(x86)%\gretech\gomplayer\mediasource.ax
  • %ProgramFiles(x86)%\gretech\gomplayer\gvf.ax
  • %ProgramFiles(x86)%\gretech\gomplayer\msvcr71.dll
  • %ProgramFiles(x86)%\gretech\gomplayer\vsutil.dll
  • %ProgramFiles(x86)%\gretech\gomplayer\shellregister.exe
  • %ProgramFiles(x86)%\gretech\gomplayer\gomplayer.com.ico
  • %ProgramFiles(x86)%\gretech\gomplayer\srt2smi.exe
  • %ProgramFiles(x86)%\gretech\gomplayer\text.esp\copyright.txt
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\eq_btn_use.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\eq_btn_use_on.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\eq_slider_empty.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\static_state_pause.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\static_rightframe.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\static_leftframe.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\static_cp_right.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\static_cp_left.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\static_cp_info_right.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\static_cp_info_mid.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\static_cp_info_left.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\static_cp_client.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\static_cp_bottom.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\static_caption_noact.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\static_caption_frame.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\static_caption_act.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\slider_volume_knob.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\static_state_play.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\slider_volume_fill.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\slider_main_range.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\slider_main_knob.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\slider_main.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\skin.xml
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\music.xml
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\main_rgn_rb.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\lite.xml
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\list.xml
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\btn_sys_restore.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\btn_sys_minimize.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\btn_sys_maximize.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\btn_sys_mainicon.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\btn_sys_fullscreen.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\btn_sys_close.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\slider_volume_empty.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\eq_btn_eq_presets_save_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\main_audio_on_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\time_font.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\mainframe.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\frame_sub_video.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\frame_dvd.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\frame_control_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\frame_audio.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\eq_slider_pan_knob.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\eq_slider_pan_empty.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\eq_slider_knob.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\eq_slider_fill.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\eq_slider_empty.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\eq_font_smallnum.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\eq_btn_use_on.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\eq_btn_use.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\eq_btn_presets_reset_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\btn_stop.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\eq_btn_presets_list.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\eq_btn_eq_presets_menu_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\eq_btn_eq_presets_del_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\con_static_sectionrpt.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\con_btn_sectionrpt_unset_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\con_btn_sectionrpt_set_s_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\con_btn_sectionrpt_set_e_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\con_btn_rew.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\con_btn_rate_up_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\con_btn_rate_dn_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\con_btn_rate_default_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\con_btn_ff.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\con_btn_bigrew.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\con_btn_bigff.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\close.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\static_state_ready.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\pl\pl_btn_add_menu_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\btn_rew.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\video_slider_empty.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\video_bt_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\video_btn_subf_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\video_btn_subb_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\video_btn_reset.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\video_btn_pstoggle_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\video_btn_langnext_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\video_btn_cap_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\video_btn_cap2_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\sub_size_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\sub_pos_updn_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\sub_pos_ltrt_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\main_video_on_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\main_video_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\main_sub_on_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\video_ct_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\main_sub_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\main_dvd.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\main_control_on_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\main_control_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\main_audio_on_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\main_audio_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\mainframe.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\frame_sub_video.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\frame_dvd.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\frame_control_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\frame_audio.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\eq_slider_pan_knob.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\eq_slider_pan_empty.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\eq_slider_knob.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\eq_slider_fill.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\main_dvd_on.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\main_audio_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\btn_playlist_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\video_slider_fill.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\btn_play.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\btn_pause.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\btn_open.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\btn_mute_on.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\btn_mute_off.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\btn_ff.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\btn_controlpanel_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\pl\pl_playlist_selitem_frame.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\pl\pl_playlist_item_frame.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\pl\pl_playlist_header_column2.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\pl\pl_playlist_header_column1.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\pl\pl_btn_sort_menu_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\pl\pl_btn_sel_menu_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\pl\pl_btn_list_menu_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\btn_preference.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\pl\pl_btn_del_menu_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\pl\mainframe2.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\pl\mainframe.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\pl\list_slider_main_knob.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\pl\list_slider_main.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\pl\list_bkgnd.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\pl\btn_shuffle_on.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\pl\btn_shuffle.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\pl\btn_repeat_on.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\pl\btn_repeat.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\logo\soundonly.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\infoline\infoline.html
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\infoline\background.png
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\video_st_es.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\video_slider_knob.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\video_line.bmp
  • %TEMP%\tmp
Deletes the following files
  • %TEMP%\gom.exe.lnk
  • %TEMP%\pin2taskbar.exe
  • %TEMP%\nsispromotionex.dll
  • %TEMP%\tmp
  • %TEMP%\nsm1066.tmp\fusion.dll
  • %TEMP%\nsm1066.tmp\inetc.dll
  • %TEMP%\nsm1066.tmp\nsisos.dll
  • %TEMP%\nsm1066.tmp\system.dll
  • %TEMP%\7zipsfx.000\gomplayeressetup.exe
Network activity
Connects to
  • 'microsoft.com':80
  • 'pr#####on.gomlab.com':80
  • 'go##ab.com':80
  • 'go##ab.com':443
  • 'x.##2.us':80
TCP
HTTP GET requests
  • http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt
  • http://pr#####on.gomlab.com/ini/es/setting.php
  • http://www.go##ab.com/gom/installThanks.gom?la#####
  • http://x.##2.us/x.cer
Other
  • 'go##ab.com':443
UDP
  • DNS ASK microsoft.com
  • DNS ASK pr#####on.gomlab.com
  • DNS ASK go##ab.com
  • DNS ASK x.##2.us
Miscellaneous
Searches for the following windows
  • ClassName: 'RECV_CLASS' WindowName: 'RECV'
  • ClassName: '#32770' WindowName: ''
  • ClassName: 'GomPlayer1.x' WindowName: ''
  • ClassName: 'GomMgr1.x' WindowName: ''
  • ClassName: 'GomWiz1.x' WindowName: ''
  • ClassName: 'Static' WindowName: ''
Creates and executes the following
  • '%TEMP%\7zipsfx.000\gomplayeressetup.exe' /S /NCRC
  • '%ProgramFiles(x86)%\gretech\gomplayer\killgom.exe' GOM.EXE
  • '%ProgramFiles(x86)%\gretech\gomplayer\shellregister.exe'
  • '%ProgramFiles(x86)%\gretech\gomplayer\gom.exe' /RegServer
  • '%ProgramFiles(x86)%\gretech\gomplayer\gom.exe' /showicon
  • '%ProgramFiles(x86)%\gretech\gomplayer\gom.exe' /regassoc
  • '%TEMP%\pin2taskbar.exe' pin "%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.EXE"

Curing recommendations

  1. If the operating system (OS) can be loaded (either normally or in safe mode), download Dr.Web Security Space and run a full scan of your computer and removable media you use. More about Dr.Web Security Space.
  2. If you cannot boot the OS, change the BIOS settings to boot your system from a CD or USB drive. Download the image of the emergency system repair disk Dr.Web® LiveDisk , mount it on a USB drive or burn it to a CD/DVD. After booting up with this media, run a full scan and cure all the detected threats.
Download Dr.Web

Download by serial number

Use Dr.Web Anti-virus for macOS to run a full scan of your Mac.

After booting up, run a full scan of all disk partitions with Dr.Web Anti-virus for Linux.

Download Dr.Web

Download by serial number

  1. If the mobile device is operating normally, download and install Dr.Web for Android. Run a full system scan and follow recommendations to neutralize the detected threats.
  2. If the mobile device has been locked by Android.Locker ransomware (the message on the screen tells you that you have broken some law or demands a set ransom amount; or you will see some other announcement that prevents you from using the handheld normally), do the following:
    • Load your smartphone or tablet in the safe mode (depending on the operating system version and specifications of the particular mobile device involved, this procedure can be performed in various ways; seek clarification from the user guide that was shipped with the device, or contact its manufacturer);
    • Once you have activated safe mode, install the Dr.Web for Android onto the infected handheld and run a full scan of the system; follow the steps recommended for neutralizing the threats that have been detected;
    • Switch off your device and turn it on as normal.

Find out more about Dr.Web for Android