GMER 1.0.15.15530 - http://www.gmer.net
Autostart scan 2011-02-01 09:38:54
Windows 5.1.2600 Service Pack 3


HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems@Windows = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon@Userinit = C:\WINDOWS\system32\userinit.exe,

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ >>>
!SASWinLogon@DLLName = C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
AtiExtEvent@DLLName = Ati2evxx.dll
dimsntfy@DLLName = %SystemRoot%\System32\dimsntfy.dll
WgaLogon@DLLName = WgaLogon.dll

HKLM\SYSTEM\CurrentControlSet\Services\ >>>
AntiVirScheduler@ = "C:\Program Files\Avira\AntiVir Desktop\sched.exe"
AntiVirService@ = "C:\Program Files\Avira\AntiVir Desktop\avguard.exe"
Ati HotKey Poller@ = %SystemRoot%\system32\Ati2evxx.exe
clr_optimization_v4.0.30319_32@ = C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
JavaQuickStarterService@ = "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"
ScReadSpool@ = C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
ScsiPort@ = %SystemRoot%\system32\drivers\scsiport.sys

HKLM\Software\Microsoft\Windows\CurrentVersion\Run >>>
@RTHDCPLRTHDCPL.EXE = RTHDCPL.EXE
@avgnt"C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min = "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

HKCU\Software\Microsoft\Windows\CurrentVersion\Run >>>
@MCShieldC:\Program Files\MCShield\MCShieldRTM.exe = C:\Program Files\MCShield\MCShieldRTM.exe
@MCShieldTrayC:\Program Files\MCShield\MCShieldTray.exe = C:\Program Files\MCShield\MCShieldTray.exe

HKLM\Software\Classes\.hta@ = "C:\WINDOWS\system32\mshta.exe" "%1"

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks@{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} = C:\Program Files\SUPERAntiSpyware\SASSEH.DLL

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>>
@{42071714-76d4-11d1-8b24-00a0c9068ff3} /*Display Panning CPL Extension*/deskpan.dll /*file not found*/ = deskpan.dll /*file not found*/
@{596AB062-B4D2-4215-9F74-E9109B0A8153} /*Previous Versions Property Page*/C:\WINDOWS\system32\twext.dll = C:\WINDOWS\system32\twext.dll
@{9DB7A13C-F208-4981-8353-73CC61AE2783} /*Previous Versions*/C:\WINDOWS\system32\twext.dll = C:\WINDOWS\system32\twext.dll
@{30D02401-6A81-11d0-8274-00C04FD5AE38} /*IE Search Band*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{3028902F-6374-48b2-8DC6-9725E775B926} /*IE AutoComplete*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{E7E4BC40-E76A-11CE-A9BB-00AA004AE837} /*Shell DocObject Viewer*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{FBF23B40-E3F0-101B-8488-00AA003E56F8} /*InternetShortcut*/%WINDIR%\system32\ieframe.dll = %WINDIR%\system32\ieframe.dll
@{3C374A40-BAE4-11CF-BF7D-00AA006946EE} /*Microsoft Url History Service*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{FF393560-C2A7-11CF-BFF4-444553540000} /*History*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{7BD29E00-76C1-11CF-9DD0-00A0C9034933} /*Temporary Internet Files*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{7BD29E01-76C1-11CF-9DD0-00A0C9034933} /*Temporary Internet Files*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{CFBFAE00-17A6-11D0-99CB-00C04FD64497} /*Microsoft Url Search Hook*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{3DC7A020-0ACD-11CF-A9BB-00AA004AE837} /*The Internet*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{871C5380-42A0-1069-A2EA-08002B30309D} /*Internet Name Space*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} /*Autoplay for SlideShow*/(null) = 
@{692F0339-CBAA-47e6-B5B5-3B84DB604E87} /*Extensions Manager Folder*/C:\WINDOWS\system32\extmgr.dll = C:\WINDOWS\system32\extmgr.dll
@{BDEADF00-C265-11D0-BCED-00A0C90AB50F} /*Web-mape*/C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL = C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
@{e82a2d71-5b2f-43a0-97b8-81be15854de8} /*ShellLink for Application References*/c:\WINDOWS\system32\dfshim.dll = c:\WINDOWS\system32\dfshim.dll
@{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} /*Shell Icon Handler for Application References*/c:\WINDOWS\system32\dfshim.dll = c:\WINDOWS\system32\dfshim.dll
@{5E2121EE-0300-11D4-8D3B-444553540000} /*Catalyst Context Menu extension*/C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll = C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll
@{00020D75-0000-0000-C000-000000000046} /*Microsoft Office Outlook Desktop Icon Handler*/C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL = C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL
@{0006F045-0000-0000-C000-000000000046} /*Microsoft Office Outlook Custom Icon Handler*/C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL = C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL
@{42042206-2D85-11D3-8CFF-005004838597} /*Microsoft Office HTML Icon Handler*/C:\Program Files\Microsoft Office\OFFICE11\msohev.dll = C:\Program Files\Microsoft Office\OFFICE11\msohev.dll
@{07C45BB1-4A8C-4642-A1F5-237E7215FF66} /*IE Microsoft BrowserBand*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{1C1EDB47-CE22-4bbb-B608-77B48F83C823} /*IE Fade Task*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{205D7A97-F16D-4691-86EF-F3075DCCA57D} /*IE Menu Desk Bar*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{43886CD5-6529-41c4-A707-7B3C92C05E68} /*IE Navigation Bar*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{44C76ECD-F7FA-411c-9929-1B77BA77F524} /*IE Menu Site*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{4B78D326-D922-44f9-AF2A-07805C2A3560} /*IE Menu Band*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{6038EF75-ABFC-4e59-AB6F-12D397F6568D} /*IE Microsoft History AutoComplete List*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{6B4ECC4F-16D1-4474-94AB-5A763F2A54AE} /*IE Tracking Shell Menu*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{6CF48EF8-44CD-45d2-8832-A16EA016311B} /*IE IShellFolderBand*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{73CFD649-CD48-4fd8-A272-2070EA56526B} /*IE BandProxy*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{98FF6D4B-6387-4b0a-8FBD-C5C4BB17B4F8} /*IE MRU AutoComplete List*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{9A096BB5-9DC3-4D1C-8526-C3CBF991EA4E} /*IE RSS Feeder Folder*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{9D958C62-3954-4b44-8FAB-C4670C1DB4C2} /*IE Microsoft Shell Folder AutoComplete List*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{B31C5FAE-961F-415b-BAF0-E697A5178B94} /*IE Microsoft Multiple AutoComplete List Container*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{BC476F4C-D9D7-4100-8D4E-E043F6DEC409} /*Microsoft Browser Architecture*/(null) = 
@{BFAD62EE-9D54-4b2a-BF3B-76F90697BD2A} /*IE Shell Rebar BandSite*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{E6EE9AAC-F76B-4947-8260-A9F136138E11} /*IE Shell Band Site Menu*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{F2CF5485-4E02-4f68-819C-B92DE9277049} /*&Links*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{F83DAC1C-9BB9-4f2b-B619-09819DA81B0E} /*IE Registry Tree Options Utility*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} /*IE User Assist*/(null) = 
@{FDE7673D-2E19-4145-8376-BBD58C4BC7BA} /*IE Custom MRU AutoCompleted List*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{E0D79304-84BE-11CE-9641-444553540000} /*WinZip*/C:\PROGRA~1\WINZIP\WZSHLSTB.DLL = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
@{E0D79305-84BE-11CE-9641-444553540000} /*WinZip*/C:\PROGRA~1\WINZIP\WZSHLSTB.DLL = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
@{E0D79306-84BE-11CE-9641-444553540000} /*WinZip*/C:\PROGRA~1\WINZIP\WZSHLSTB.DLL = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
@{E0D79307-84BE-11CE-9641-444553540000} /*WinZip*/C:\PROGRA~1\WINZIP\WZSHLSTB.DLL = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
@{B41DB860-8EE4-11D2-9906-E49FADC173CA} /*WinRAR shell extension*/C:\Program Files\WinRAR\rarext.dll = C:\Program Files\WinRAR\rarext.dll
@{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} /*Microsoft Office Metadata Handler*/C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
@{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} /*Microsoft Office Thumbnail Handler*/C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
@{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} /*PowerISO*/C:\Program Files\PowerISO\PWRISOSH.DLL = C:\Program Files\PowerISO\PWRISOSH.DLL
@{45AC2688-0253-4ED8-97DE-B5370FA7D48A} /*Shell Extension for Malware scanning*/C:\Program Files\Avira\AntiVir Desktop\shlext.dll = C:\Program Files\Avira\AntiVir Desktop\shlext.dll
@{45670FA8-ED97-4F44-BC93-305082590BFB} /*Microsoft.XPS.Shell.Metadata.1*/%SystemRoot%\System32\XPSSHHDR.DLL = %SystemRoot%\System32\XPSSHHDR.DLL
@{44121072-A222-48f2-A58A-6D9AD51EBBE9} /*Microsoft.XPS.Shell.Thumbnail.1*/%SystemRoot%\System32\XPSSHHDR.DLL = %SystemRoot%\System32\XPSSHHDR.DLL
@{11016101-E366-4D22-BC06-4ADA335C892B} /*IE History and Feeds Shell Data Source for Windows Search*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{8856f961-340a-11d0-a96b-00c04fd705a2} /*Microsoft Web Browser*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{259F616C-A300-44F5-B04A-ED001A26C85C} /*SolidConverter extension*/(null) = 
@{8A0265BC-EBA5-4F6A-8972-AFCDFB89516A} /*FILEminimizer Shell Extension*/C:\Program Files\FILEminimizer Pictures\FILEMShell.dll = C:\Program Files\FILEminimizer Pictures\FILEMShell.dll

HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ >>>
FILEminimizer@{8A0265BC-EBA5-4F6A-8972-AFCDFB89516A} = C:\Program Files\FILEminimizer Pictures\FILEMShell.dll
PowerISO@{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} = C:\Program Files\PowerISO\PWRISOSH.DLL
Shell Extension for Malware scanning@{45AC2688-0253-4ED8-97DE-B5370FA7D48A} = C:\Program Files\Avira\AntiVir Desktop\shlext.dll
SolidConverterPDF@{259F616C-A300-44F5-B04A-ED001A26C85C} = 
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll
WinZip@{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL

HKLM\Software\Classes\*\shellex\ContextMenuHandlers >>>
@{CA8ACAFA-5FBB-467B-B348-90DD488DE003}C:\Program Files\SUPERAntiSpyware\SASCTXMN.DLL = C:\Program Files\SUPERAntiSpyware\SASCTXMN.DLL
@{EB4D3CFE-E2AA-4C6E-B2FE-2A749F95D208}C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll = C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ >>>
PowerISO@{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} = C:\Program Files\PowerISO\PWRISOSH.DLL
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll
WinZip@{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers@{CA8ACAFA-5FBB-467B-B348-90DD488DE003} = C:\Program Files\SUPERAntiSpyware\SASCTXMN.DLL

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ >>>
MBAMShlExt@{57CE581A-0CB6-4266-9CA0-19364C90A0B3} = C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
PowerISO@{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} = C:\Program Files\PowerISO\PWRISOSH.DLL
Shell Extension for Malware scanning@{45AC2688-0253-4ED8-97DE-B5370FA7D48A} = C:\Program Files\Avira\AntiVir Desktop\shlext.dll
SolidConverterPDF@{259F616C-A300-44F5-B04A-ED001A26C85C} = 
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll
WinZip@{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers@{EB4D3CFE-E2AA-4C6E-B2FE-2A749F95D208} = C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll

HKCU\Control Panel\Desktop@SCRNSAVE.EXE = C:\WINDOWS\system32\logon.scr

HKLM\Software\Microsoft\Internet Explorer\Main >>>
@Start Pagehttp://www.msn.com/ = http://www.msn.com/
@Local PageC:\WINDOWS\system32\blank.htm = C:\WINDOWS\system32\blank.htm

HKCU\Software\Microsoft\Internet Explorer\Main >>>
@Start Pagehttp://www.google.hr/ = http://www.google.hr/
@Local PageC:\WINDOWS\system32\blank.htm = C:\WINDOWS\system32\blank.htm

HKLM\Software\Classes\PROTOCOLS\Filter\text/xml@CLSID = C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL

HKLM\Software\Classes\PROTOCOLS\Handler\ >>>
dvd@CLSID = C:\WINDOWS\system32\msvidctl.dll
its@CLSID = C:\WINDOWS\system32\itss.dll
mhtml@CLSID = %SystemRoot%\system32\inetcomm.dll
ms-its@CLSID = C:\WINDOWS\system32\itss.dll
mso-offdap@CLSID = C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
mso-offdap11@CLSID = C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
tv@CLSID = C:\WINDOWS\system32\msvidctl.dll
wia@CLSID = C:\WINDOWS\system32\wiascr.dll

HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{5D904E32-FE8D-46E1-A027-9ADE16DF49C7} /*Local Area Connection*/ >>>
@IPAddress192.168.1.2 = 192.168.1.2
@NameServer195.29.166.116,195.29.166.117 = 195.29.166.116,195.29.166.117
@DefaultGateway192.168.1.1 = 192.168.1.1
@Domain = 

---- EOF - GMER 1.0.15 ----