GMER 1.0.15.15641 - http://www.gmer.net
Autostart scan 2012-11-06 17:27:51
Windows 6.1.7601 Service Pack 1


HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems@Windows = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

HKLM\Software\Microsoft\Windows NT\CurrentVersion\ >>>
Winlogon@Userinit = c:\windows\system32\userinit.exe
Windows@AppInit_DLLs = secuload.dll

HKLM\SYSTEM\CurrentControlSet\Services\ >>>
AdobeARMservice@ = "C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe"
Ati External Event Utility@ = %SystemRoot%\system32\Ati2evxx.exe
Bonjour Service@ = "C:\Program Files\Bonjour\mDNSResponder.exe"
Capture Device Service@ = "C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe"
clr_optimization_v4.0.30319_32@ = C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
DragonUpdater@ = C:\Program Files\Comodo\Dragon\dragon_updater.exe
gupdate@ = "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc
hshld@ = C:\Program Files\Hotspot Shield\bin\openvpnas.exe
HssSrv@ = C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
HssWd@ = C:\Program Files\Hotspot Shield\bin\hsswd.exe -product HSS /*file not found*/
IceDragonUpdater@ = C:\Program Files\Comodo\IceDragon\icedragon_updater.exe
RealNetworks Downloader Resolver Service@ = "C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe"
SafeBox@ = C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
Skype C2C Service@ = "C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
SkypeUpdate@ = "C:\Program Files\Skype\Updater\Updater.exe"
sppsvc@ = %SystemRoot%\system32\sppsvc.exe
VSSERV@ = C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe /service /*file not found*/
wlidsvc@ = "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WSearch@ = %systemroot%\system32\SearchIndexer.exe /Embedding
YahooAUService@ = "C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe"

HKLM\Software\Microsoft\Windows\CurrentVersion\Run >>>
@KraitC:\Program Files\Razer\Krait\razerhid.exe = C:\Program Files\Razer\Krait\razerhid.exe
@SoundMAXPnPC:\Program Files\Analog Devices\Core\smax4pnp.exe = C:\Program Files\Analog Devices\Core\smax4pnp.exe
@StartCCC"C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun = "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
@BdagentC:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe = C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe
@DataGuardC:\Program Files\DataGuard\Dataguard.exe r /*file not found*/ = C:\Program Files\DataGuard\Dataguard.exe r /*file not found*/

HKCU\Software\Microsoft\Windows\CurrentVersion\Run >>>
@SidebarC:\Program Files\Windows Sidebar\sidebar.exe /autoRun /*file not found*/ = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun /*file not found*/
@googletalkC:\Users\S\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart /*file not found*/ = C:\Users\S\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart /*file not found*/

HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad >>>
@WebCheck(null) = 
@EldosMountNotificatorC:\Windows\system32\CbFsMntNtf3.dll = C:\Windows\system32\CbFsMntNtf3.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler@{5FF49FE8-B332-4CB9-B102-FB6951629E55} = C:\Windows\system32\CbFsMntNtf3.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>>
@{80009818-f38f-4af1-87b5-eadab9433e58} /*MF ADTS Property Handler*/%SystemRoot%\System32\mf.dll = %SystemRoot%\System32\mf.dll
@{23170F69-40C1-278A-1000-000100020000} /*7-Zip Shell Extension*/C:\Program Files\7-Zip\7-zip.dll = C:\Program Files\7-Zip\7-zip.dll
@{E6FB5E20-DE35-11CF-9C87-00AA005127ED} /*WebCheck*/(null) = 
@{0563DB41-F538-4B37-A92D-4659049B7766} /*WLMD Message Handler*/(null) = 
@{06A2568A-CED6-4187-BB20-400B8C02BE5A} /**/(null) = 
@{00F33137-EE26-412F-8D71-F84E4C2C6625} /**/C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll = C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
@{2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} /*Windows Live Photo Gallery Autoplay Drop Target*/(null) = 
@{00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} /*Windows Live Photo Gallery Viewer Drop Target*/(null) = 
@{00F374B7-B390-4884-B372-2FC349F2172B} /*Windows Live Photo Gallery Editor Drop Target*/(null) = 
@{00F346CB-35A4-465B-8B8F-65A29DBAB1F6} /*Windows Live Photo Gallery Viewer Drop Target Shim*/C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll = C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
@{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} /*Windows Live Photo Gallery Editor Drop Target Shim*/C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll = C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
@{00F30F90-3E96-453B-AFCD-D71989ECC2C7} /*Windows Live Photo Gallery Autoplay Drop Target Shim*/C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll = C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
@{5FF49FE8-B332-4CB9-B102-FB6951629E55} /*Virtual Storage Mount Notification*/C:\Windows\system32\CbFsMntNtf3.dll = C:\Windows\system32\CbFsMntNtf3.dll
@{7850a720-705f-11d0-a9eb-0080488625e5} /*BestCrypt Shell Extension*/(null) = 
@{42042206-2D85-11D3-8CFF-005004838597} /*Microsoft Office HTML Icon Handler*/C:\Program Files\Microsoft Office\OFFICE11\msohev.dll = C:\Program Files\Microsoft Office\OFFICE11\msohev.dll
@{6E03277D-7B81-43A2-A2B9-FE3CD33BF37E} /*LANSecure Icon Overlay Identifier*/(null) = 
@{23AC8431-A464-4DCB-A920-0334D522109A} /*SafeLan*/(null) = 
@{F97A2FE0-8092-43F3-87A8-4372F91FE5CC} /*DriveCrypt Context Menu*/(null) = 
@{9408B05E-CCBF-4B54-93A6-ACC2D68163EA} /*DataCryptMenu*/(null) = 
@{90264A4E-C4B9-4D83-9827-A69630961C45} /*CEIIcon Icon Overlay Identifier*/(null) = 
@{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} /*Shell Extensions for RealOne Player*/c:\program files\real\realplayer\rpshell.dll = c:\program files\real\realplayer\rpshell.dll
@{5E2121EE-0300-11D4-8D3B-444553540000} /*Catalyst Context Menu extension*/C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll = C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll
@{0244E652-07EF-43C2-8AAD-ABA3CF40DF16} /*Bitdefender SafeBox*/C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll = C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll
@{57595DAE-1AE1-4D97-A49E-67CBB53B52DF} /**/C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll = C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll
@{342DAA0B-D796-460D-8566-901E08A1CCAD} /**/C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll = C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll
@{2F46275A-B9C5-4C8F-94C0-71BD2B28220C} /**/C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll = C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll
@{33816773-98AE-4723-ADE0-EBE54C8B5A67} /**/C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll = C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll
@{152C96EB-288E-4EDC-B7C6-D21F8250ADF3} /**/C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll = C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll
@{9E96C1F5-0EFA-4348-9460-15D6802C70AA} /*BDFVCtxMenuExt*/C:\Program Files\Bitdefender\Bitdefender 2013\bdfvsctx.dll = C:\Program Files\Bitdefender\Bitdefender 2013\bdfvsctx.dll

HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ >>>
7-Zip@{23170F69-40C1-278A-1000-000100020000} = C:\Program Files\7-Zip\7-zip.dll
ALZip@{4EB37360-49E8-11D3-95B5-004033382980} = C:\Program Files\ESTsoft\ALZip\AZCTM.dll
BDFVCtxMenuExt@{9E96C1F5-0EFA-4348-9460-15D6802C70AA} = C:\Program Files\Bitdefender\Bitdefender 2013\bdfvsctx.dll
SafeBoxContext@{0244E652-07EF-43C2-8AAD-ABA3CF40DF16} = C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll

HKLM\Software\Classes\*\shellex\ContextMenuHandlers >>>
@{4CE485DD-C395-46C4-A929-7B771D8A5655}C:\Program Files\Bitdefender\Bitdefender 2013\fshredctx.dll = C:\Program Files\Bitdefender\Bitdefender 2013\fshredctx.dll
@{D653647D-D607-4df6-A5B8-48D2BA195F7B}C:\Program Files\Bitdefender\Bitdefender 2013\bdshellext.dll = C:\Program Files\Bitdefender\Bitdefender 2013\bdshellext.dll

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ >>>
7-Zip@{23170F69-40C1-278A-1000-000100020000} = C:\Program Files\7-Zip\7-zip.dll
ALZip@{4EB37360-49E8-11D3-95B5-004033382980} = C:\Program Files\ESTsoft\ALZip\AZCTM.dll
BDFVCtxMenuExt@{9E96C1F5-0EFA-4348-9460-15D6802C70AA} = C:\Program Files\Bitdefender\Bitdefender 2013\bdfvsctx.dll

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers >>>
@{4CE485DD-C395-46C4-A929-7B771D8A5655}C:\Program Files\Bitdefender\Bitdefender 2013\fshredctx.dll = C:\Program Files\Bitdefender\Bitdefender 2013\fshredctx.dll
@{596AB062-B4D2-4215-9F74-E9109B0A8153}%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll
@{D653647D-D607-4df6-A5B8-48D2BA195F7B}C:\Program Files\Bitdefender\Bitdefender 2013\bdshellext.dll = C:\Program Files\Bitdefender\Bitdefender 2013\bdshellext.dll

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ >>>
ALZip@{4EB37360-49E8-11D3-95B5-004033382980} = C:\Program Files\ESTsoft\ALZip\AZCTM.dll
BDFVCtxMenuExt@{9E96C1F5-0EFA-4348-9460-15D6802C70AA} = C:\Program Files\Bitdefender\Bitdefender 2013\bdfvsctx.dll
CtxMenu@{F97A2FE0-8092-43F3-87A8-4372F91FE5CC} = 
DriveCrypt Context Menu@{F97A2FE0-8092-43F3-87A8-4372F91FE5CC} = 
SafeBoxContext@{0244E652-07EF-43C2-8AAD-ABA3CF40DF16} = C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers >>>
@{4CE485DD-C395-46C4-A929-7B771D8A5655}C:\Program Files\Bitdefender\Bitdefender 2013\fshredctx.dll = C:\Program Files\Bitdefender\Bitdefender 2013\fshredctx.dll
@{D653647D-D607-4df6-A5B8-48D2BA195F7B}C:\Program Files\Bitdefender\Bitdefender 2013\bdshellext.dll = C:\Program Files\Bitdefender\Bitdefender 2013\bdshellext.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects >>>
@{18DF081C-E8AD-4283-A596-FA578C2EBDC3}C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll = C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
@{2B9F5787-88A5-4945-90E7-C4B18563BC5E}C:\Program Files\KeyScrambler\KeyScramblerIE.dll = C:\Program Files\KeyScrambler\KeyScramblerIE.dll
@{3049C3E9-B461-4BC5-8870-4C09146192CA}C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll = C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
@{5FF49FE8-B332-4CB9-B102-FB6951629E55}C:\Windows\system32\CbFsMntNtf3.dll = C:\Windows\system32\CbFsMntNtf3.dll
@{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}C:\Program Files\Java\jre7\bin\ssv.dll = C:\Program Files\Java\jre7\bin\ssv.dll
@{9030D464-4C02-4ABF-8ECC-5164760863C6}C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
@{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll = C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
@{DBC80044-A445-435b-BC74-9C25C1C588A9}C:\Program Files\Java\jre7\bin\jp2ssv.dll = C:\Program Files\Java\jre7\bin\jp2ssv.dll
@{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}C:\Program Files\Hotspot Shield\HssIE\HssIE.dll = C:\Program Files\Hotspot Shield\HssIE\HssIE.dll

HKCU\Control Panel\Desktop@SCRNSAVE.EXE = %SYSTEMROOT%\system32\Ubuntu.scr

HKLM\Software\Microsoft\Internet Explorer\Main@Start Page = about:blank

HKCU\Software\Microsoft\Internet Explorer\Main@Start Page = about:blank

HKLM\Software\Classes\PROTOCOLS\Handler\ >>>
dvd@CLSID = C:\Windows\System32\msvidctl.dll
its@CLSID = %SystemRoot%\System32\itss.dll
mhtml@CLSID = %SystemRoot%\system32\inetcomm.dll
ms-its@CLSID = %SystemRoot%\System32\itss.dll
skype-ie-addon-data@CLSID = C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
skype4com@CLSID = C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
tv@CLSID = C:\Windows\System32\msvidctl.dll
wlmailhtml@CLSID = C:\Program Files\Windows Live\Mail\mailcomm.dll
wlpg@CLSID = C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{4C6F7234-FFE0-4EC4-AFDD-D00E193F2752} /*Local Area Connection* 14*/ >>>
@IPAddress10.63.80.19 = 10.63.80.19
@NameServer10.63.80.1 = 10.63.80.1
@Domain = 

HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ >>>
000000000001@LibraryPath = %SystemRoot%\system32\NLAapi.dll
000000000002@LibraryPath = %SystemRoot%\system32\napinsp.dll
000000000003@LibraryPath = %SystemRoot%\system32\pnrpnsp.dll
000000000004@LibraryPath = %SystemRoot%\system32\pnrpnsp.dll
000000000007@LibraryPath = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
000000000008@LibraryPath = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000009@LibraryPath = C:\Program Files\Bonjour\mdnsNSP.dll

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup = RocketDock.lnk

---- EOF - GMER 1.0.15 ----