Virus ili nesto drugo?

2

Virus ili nesto drugo?

offline
  • Pridružio: 10 Mar 2011
  • Poruke: 27

Napisano: 13 Mar 2011 11:34

Hvala puno na izdvojenom vremenu i trudu. Pozdrav

Dopuna: 17 Mar 2011 7:59

Pozdrav

Ponovo ja. Sada mi se pojavio konkretan problem. Kada se prijavim na hotmail primjetim da su nekakve poruke poslane nekim kontaktima same. Kada sam usao na jednu od tih poruka da vidim sta je poslao, pokrenuo mi je nekakav comp scan i nasao viruse u my documents, shared doc, loc disc c i local disc d. Sada mi predlaze da instaliram nekakav on line scan i nisam to uradio. Je li mogu ovdje zapoceti ili da otvorim novu temu?

offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Postavi sveže logove da vidimo da li je PC još uvek čist.

offline
  • Pridružio: 10 Mar 2011
  • Poruke: 27

Napisano: 17 Mar 2011 21:27

.
DDS (Ver_11-03-05.01) - FAT32x86
Run by Ermin at 21:23:12.57 on čet 17.03.2011
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.2.1250.385.1033.18.512.257 [GMT 1:00]
.
AV: AntiVir Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
SVCHOST.EXE
C:\WINDOWS\System32\svchost.exe -k netsvcs
SVCHOST.EXE
SVCHOST.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Ermin\My Documents\Downloads\dds.scr
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.ba/
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 5.0\reader\activex\AcroIEHelper.ocx
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: ST: {9394ede7-c8b5-483e-8773-474bf36af6e4} - c:\program files\msn apps\st\01.03.0000.1005\en-xu\stmain.dll
BHO: MSNToolBandBHO: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\msn apps\msn toolbar\01.02.5000.1021\en-us\msntb.dll
TB: MSN: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\msn apps\msn toolbar\01.02.5000.1021\en-us\msntb.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB: {147D6308-0614-4112-89B1-31402F9B82C4} - No File
TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\OSA9.EXE
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab
DPF: Internet Explorer Classes for Java - file://c:\windows\system\iejava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} - hxxp://floridakeysmedia.tv/axiscam/Codebase/AxisCamControl.ocx
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\docume~1\ermin\applic~1\mozilla\firefox\profiles\482r4v2m.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2405280&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.ba/
FF - prefs.js: keyword.URL - hxxp://vshare.toolbarhome.com/search.aspx?srch=ku&q=
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nprpjplug.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: vShare: vshare@toolbar - %profile%\extensions\vshare@toolbar
.
============= SERVICES / DRIVERS ===============
.
R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2010-11-26 11608]
R1 SysTool;SysTool Overclocking Utility;c:\windows\system32\drivers\SysTool.sys [2005-8-20 19968]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2010-11-26 135336]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-11-26 267944]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-11-26 61960]
.
=============== Created Last 30 ================
.
2011-03-10 14:48:50 -------- d-sh--w- C:\Recycled
2011-03-10 08:09:26 -------- d-sha-r- C:\cmdcons
2011-03-09 20:04:25 -------- d-----w- c:\docume~1\ermin\applic~1\DAEMON Tools Lite
2011-03-09 20:04:25 -------- d-----w- c:\docume~1\alluse~1\applic~1\DAEMON Tools Lite
.
==================== Find3M ====================
.
.
============= FINISH: 21:24:17.12 ===============



UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 22.8.2004 21:52:41
System Uptime: 17.3.2011 16:48:46 (5 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | P4SE
Processor: Intel(R) Pentium(R) 4 CPU 2.40GHz | PGA 478 | 1816/100mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (FAT32) - 34 GiB total, 14.436 GiB free.
D: is FIXED (FAT32) - 4 GiB total, 2.888 GiB free.
E: is CDROM ()
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
Adobe Acrobat 5.0
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Ahead Nero Burning ROM
Audiograbber 1.83 SE
AutoUpdate
Avira AntiVir Personal - Free Antivirus
BSPlayer
C-Media Audio
Conduit Engine
DivX Player
EVEREST Ultimate Edition v5.30
Football Manager 2011
hp deskjet 5550 series
HP LaserJet P1000 series
HP Photo and Imaging 1.0 - Scanjet 3500c Series
hppMSRedist
hppusgP1000
HPSSupply
Islamic HDR Screen Saver
K-Lite Mega Codec Pack 4.3.1
Macromedia Shockwave Player
MarketResearch
Microsoft .NET Framework 1.1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office 2000 Professional
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Mozilla Firefox (3.6.15)
Mp3tag v2.47b
MrvlUsgTracking
MSN Toolbar
MSVCRT
Need for Speed™ Most Wanted
NVIDIA Display Driver
NVIDIA Drivers
Postal 2
QuickPar 0.9
QuickTime
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358-)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896428-)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588-)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB903235)
Segoe UI
ShareIns
Skype™ 3.6
SopCast 3.0.3
TVAnts 1.0
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
WebFldrs XP
Winamp
Winamp Toolbar for Firefox
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Media Format Runtime
Windows XP Hotfix - KB867282
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185

Dopuna: 17 Mar 2011 21:39

GMER 1.0.15.15530 - gmer.net
Rootkit scan 2011-03-17 21:30:40
Windows 5.1.2600 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 Maxtor_6E040L0 rev.NAR61590
Running: n8s768cs.exe; Driver: C:\DOCUME~1\Ermin\LOCALS~1\Temp\axtdapod.sys


---- System - GMER 1.0.15 ----

SSDT F8B6157E ZwCreateKey
SSDT F8B61574 ZwCreateThread
SSDT F8B61583 ZwDeleteKey
SSDT F8B6158D ZwDeleteValueKey
SSDT F8B61592 ZwLoadKey
SSDT F8B61560 ZwOpenProcess
SSDT F8B61565 ZwOpenThread
SSDT F8B6159C ZwReplaceKey
SSDT F8B61597 ZwRestoreKey
SSDT F8B61588 ZwSetValueKey

---- Kernel code sections - GMER 1.0.15 ----

.text C:\WINDOWS\System32\DRIVERS\nv4_mini.sys section is writeable [0xF7D4E360, 0x37388D, 0xE8000020]
pnidata C:\WINDOWS\System32\DRIVERS\secdrv.sys unknown last section [0xBAAD7F00, 0x24000, 0x48000000]
? C:\DOCUME~1\Ermin\LOCALS~1\Temp\mbr.sys The system cannot find the file specified. !

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Mozilla Firefox\firefox.exe[1076] ntdll.dll!LdrLoadDll 7C9161CA 5 Bytes JMP 004013F0 C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[3328] USER32.dll!TrackPopupMenu 77D94ED6 5 Bytes JMP 10406373 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x8F 0x9E 0xD8 0x36 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x01 0xA0 0xBF 0x49 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 1
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x8F 0x9E 0xD8 0x36 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x01 0xA0 0xBF 0x49 ...

---- EOF - GMER 1.0.15 ----



GMER 1.0.15.15530 - gmer.net
Rootkit scan 2011-03-17 21:32:44
Windows 5.1.2600 Service Pack 2
Running: n8s768cs.exe; Driver: C:\DOCUME~1\Ermin\LOCALS~1\Temp\axtdapod.sys


---- Modules - GMER 1.0.15 ----

Module PxHelp20.sys (Px Engine Device Driver for Windows 2000/XP/Sonic Solutions) F8585000-F858E000 (36864 bytes)
Module sisagp.sys (SiS NT AGP Filter/Silicon Integrated Systems Corporation) F8595000-F85A0000 (45056 bytes)
Module \SystemRoot\system32\DRIVERS\SysTool.sys (SysTool Low-Level Driver/W1zzard) F85C5000-F85D0000 (45056 bytes)
Module \SystemRoot\System32\DRIVERS\nv4_mini.sys (NVIDIA Compatible Windows 2000 Miniport Driver, Version 175.19 /NVIDIA Corporation) F7D4E000-F838F000 (6557696 bytes)
Module \SystemRoot\System32\Drivers\AFS2K.SYS (Audio File System/Oak Technology Inc.) F8615000-F8623000 (57344 bytes)
Module \SystemRoot\system32\drivers\cmuda.sys (C-Media Audio WDM Driver/C-Media Inc) F7C7A000-F7CE0000 (417792 bytes)
Module \SystemRoot\system32\DRIVERS\Rtlnic51.sys (Realtek 10/100/1000 NDIS 5.1 Driver /Realtek Semiconductor Corporation ) F8655000-F8665000 (65536 bytes)
Module \SystemRoot\System32\DRIVERS\ptilink.sys (Parallel Technologies DirectParallel IO Library/Parallel Technologies, Inc.) F87FD000-F8802000 (20480 bytes)
Module \SystemRoot\system32\DRIVERS\ssmdrv.sys (AVIRA SnapShot Driver/Avira GmbH) F8835000-F883B000 (24576 bytes)
Module \SystemRoot\system32\DRIVERS\avipbb.sys (Avira Driver for Security Enhancement/Avira GmbH) F68CE000-F68F4000 (155648 bytes)
Module \??\C:\Program_Files\Avira\AntiVir_Desktop\avgio.sys (Avira AntiVir Support for Minifilter/Avira GmbH) F8A4B000-F8A4D000 (8192 bytes)
Module \SystemRoot\System32\nv4_disp.dll (NVIDIA Compatible Windows 2000 Display driver, Version 175.19 /NVIDIA Corporation) BF9D3000-BFFA7000 (6111232 bytes)
Module \SystemRoot\system32\DRIVERS\avgntflt.sys (Avira Minifilter Driver/Avira GmbH) BAED3000-BAEE8000 (86016 bytes)
Module \SystemRoot\System32\DRIVERS\secdrv.sys (Macrovision SECURITY Driver/Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) BAAD4000-BAAFC000 (163840 bytes)
Module \??\C:\DOCUME~1\Ermin\LOCALS~1\Temp\mbr.sys F888D000-F8894000 (28672 bytes)
Module \??\C:\DOCUME~1\Ermin\LOCALS~1\Temp\axtdapod.sys (GMER) B9CC7000-B9CDF000 (98304 bytes)

---- Processes - GMER 1.0.15 ----

Process C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HP1006MC.EXE (SMLMProxy Module/Software 2000 Limited) 296
Library C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HP1006MC.EXE (SMLMProxy Module/Software 2000 Limited) 0x00400000
Library C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HP1006MP.DLL (SMLMProxy Proxy Stub Module/Software 2000 Limited) 0x10000000

Process C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation) 1076
Library C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation) 0x00400000
Library C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) 0x10000000
Library C:\Program Files\Mozilla Firefox\sqlite3.dll (SQLite Database Library/sqlite.org) 0x002C0000
Library C:\Program Files\Mozilla Firefox\MOZCRT19.dll (User-Generated Microsoft (R) C/C++ Runtime Library/Mozilla Foundation) 0x78130000
Library C:\Program Files\Mozilla Firefox\js3250.dll 0x004E0000
Library C:\Program Files\Mozilla Firefox\nspr4.dll (NSPR Library/Mozilla Foundation) 0x00340000
Library C:\Program Files\Mozilla Firefox\smime3.dll (NSS S/MIME Library/Mozilla Foundation) 0x00380000
Library C:\Program Files\Mozilla Firefox\nss3.dll (NSS Base Library/Mozilla Foundation) 0x005E0000
Library C:\Program Files\Mozilla Firefox\nssutil3.dll (NSS Utility Library/Mozilla Foundation) 0x003A0000
Library C:\Program Files\Mozilla Firefox\plc4.dll (PLC Library/Mozilla Foundation) 0x003C0000
Library C:\Program Files\Mozilla Firefox\plds4.dll (PLDS Library/Mozilla Foundation) 0x003D0000
Library C:\Program Files\Mozilla Firefox\ssl3.dll (NSS SSL Library/Mozilla Foundation) 0x00680000
Library C:\WINDOWS\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x74D90000
Library C:\Program Files\Mozilla Firefox\MOZCPP19.dll (User-Generated Microsoft (R) C/C++ Runtime Library/Mozilla Foundation) 0x7C420000
Library C:\Program Files\Mozilla Firefox\xpcom.dll (Mozilla Foundation) 0x003E0000
Library C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll (Mozilla Foundation) 0x012A0000
Library C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll (Mozilla Foundation) 0x01D30000
Library C:\Program Files\Mozilla Firefox\softokn3.dll (NSS PKCS #11 Library/Mozilla Foundation) 0x02710000
Library C:\Program Files\Mozilla Firefox\nssdbm3.dll (Legacy Database Driver/Mozilla Foundation) 0x02740000
Library C:\Program Files\Mozilla Firefox\freebl3.dll (NSS freebl Library/Mozilla Foundation) 0x02760000
Library C:\Program Files\Mozilla Firefox\nssckbi.dll (NSS Builtin Trusted Root CAs/Mozilla Foundation) 0x03420000
Library C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll 0x05700000

Process C:\WINDOWS\Explorer.EXE (Windows Explorer/Microsoft Corporation) 1156
Library C:\WINDOWS\system32\nvcpl.dll (NVIDIA Display Properties Extension/NVIDIA Corporation) 0x10000000
Library C:\WINDOWS\system32\nvapi.dll (NVIDIA NVAPI Library, Version 175.19 /NVIDIA Corporation) 0x02B30000
Library C:\WINDOWS\system32\nvshell.dll 0x02BA0000

Process C:\WINDOWS\system32\spoolsv.exe (Spooler SubSystem App/Microsoft Corporation) 1200
Library C:\WINDOWS\system32\HP1006LM.DLL (HP LaserJet P1006 Language Monitor/Software 2000 Limited) 0x68410000
Library C:\WINDOWS\system32\hpzlnt06.dll (HP) 0x10000000
Library C:\WINDOWS\System32\spool\PRTPROCS\W32X86\HP1006S.DLL (Hewlett-Packard : Print Processor/Hewlett-Packard ) 0x683A0000
Library C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HP1006MT.DLL (Transport Module/Software 2000 Limited) 0x68C10000
Library C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HP1006MP.DLL (SMLMProxy Proxy Stub Module/Software 2000 Limited) 0x00E40000

Process C:\Program Files\Avira\AntiVir Desktop\sched.exe (Antivirus Scheduler/Avira GmbH) 1272
Library C:\Program Files\Avira\AntiVir Desktop\sched.exe (Antivirus Scheduler/Avira GmbH) 0x00400000
Library C:\Program Files\Avira\AntiVir Desktop\schedr.dll (avschdr Dynamic Link Library/Avira GmbH) 0x10000000
Library C:\Program Files\Avira\AntiVir Desktop\avevtlog.dll (Event Logger/Avira GmbH) 0x00BE0000
Library C:\Program Files\Avira\AntiVir Desktop\cfglib.dll (Antivirus configuration library/Avira GmbH) 0x00BC0000
Library C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll 0x00D30000

Process C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Antivirus On-Access Service/Avira GmbH) 1452
Library C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Antivirus On-Access Service/Avira GmbH) 0x00400000
Library C:\Program Files\Avira\AntiVir Desktop\libdb44.dll (Berkeley DB 4.4 DLL/Sleepycat Software) 0x13000000
Library C:\Program Files\Avira\AntiVir Desktop\AVEvtLog.dll (Event Logger/Avira GmbH) 0x10000000
Library C:\Program Files\Avira\AntiVir Desktop\guardmsg.dll (AntiVir Guard Messages (Deutsch)/Avira GmbH) 0x00D70000
Library C:\Program Files\Avira\AntiVir Desktop\cfglib.dll (Antivirus configuration library/Avira GmbH) 0x00D80000
Library C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll 0x00DA0000
Library C:\Program Files\Avira\AntiVir Desktop\AVPREF.DLL (Prefix DLL/Avira GmbH) 0x00F10000
Library C:\Program Files\Avira\AntiVir Desktop\avsmtp.dll (Antivirus email sender library/Avira GmbH) 0x00F30000
Library C:\Program Files\Avira\AntiVir Desktop\AVGIO.DLL (On-access scan support/Avira GmbH) 0x00F80000
Library C:\Program Files\Avira\AntiVir Desktop\aecore.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x010B0000
Library C:\Program Files\Avira\AntiVir Desktop\aevdf.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01100000
Library C:\Program Files\Avira\AntiVir Desktop\aescript.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01130000
Library C:\Program Files\Avira\AntiVir Desktop\aescn.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01280000
Library C:\Program Files\Avira\AntiVir Desktop\aesbx.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x012B0000
Library C:\Program Files\Avira\AntiVir Desktop\aerdl.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01300000
Library C:\Program Files\Avira\AntiVir Desktop\aepack.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x013B0000
Library C:\Program Files\Avira\AntiVir Desktop\unacev2.dll (UNACE Dynamic Link Library/ACE Compression Software) 0x01450000
Library C:\Program Files\Avira\AntiVir Desktop\aeoffice.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x014B0000
Library C:\Program Files\Avira\AntiVir Desktop\aeheur.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01500000
Library C:\Program Files\Avira\AntiVir Desktop\aehelp.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01850000
Library C:\Program Files\Avira\AntiVir Desktop\aegen.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01AA0000
Library C:\Program Files\Avira\AntiVir Desktop\aeemu.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01B20000
Library C:\Program Files\Avira\AntiVir Desktop\aebb.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01BA0000
Library C:\Program Files\Avira\AntiVir Desktop\avipc.dll (AVIRA IPC Library/Avira GmbH) 0x01ED0000

Process C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Driver Helper Service, Version 175.19/NVIDIA Corporation) 1492
Library C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Driver Helper Service, Version 175.19/NVIDIA Corporation) 0x00400000
Library C:\WINDOWS\system32\nvapi.dll (NVIDIA NVAPI Library, Version 175.19 /NVIDIA Corporation) 0x00950000

Process C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (AntiVir shadow copy service/Avira GmbH) 1740
Library C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (AntiVir shadow copy service/Avira GmbH) 0x00400000
Library C:\Program Files\Avira\AntiVir Desktop\avipc.dll (AVIRA IPC Library/Avira GmbH) 0x10000000

Process C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Antivirus System Tray Tool/Avira GmbH) 1804
Library C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Antivirus System Tray Tool/Avira GmbH) 0x00400000
Library C:\Program Files\Avira\AntiVir Desktop\ccwkrlib.dll (Antivirus Control Center Common Worker Library/Avira GmbH) 0x10000000
Library c:\program files\avira\antivir desktop\cfglib.dll (Antivirus configuration library/Avira GmbH) 0x00B00000
Library c:\program files\avira\antivir desktop\ccgen.dll (Control Center General Plugin/Avira GmbH) 0x00BD0000
Library c:\program files\avira\antivir desktop\ccgenrc.dll (Control Center General Plugin Resources/Avira GmbH) 0x00CD0000
Library c:\program files\avira\antivir desktop\ccguard.dll (Control Center Guard Plugin/Avira GmbH) 0x00EE0000
Library c:\program files\avira\antivir desktop\ccgrdrc.dll (Control Center Guard Plugin Resources/Avira GmbH) 0x00F70000
Library c:\program files\avira\antivir desktop\ccgrdw.dll (Control Center Guard Worker Plugin/Avira GmbH) 0x00F80000
Library C:\Program Files\Avira\AntiVir Desktop\avipc.dll (AVIRA IPC Library/Avira GmbH) 0x00FB0000
Library c:\program files\avira\antivir desktop\ccupdate.dll (Control Center Updater Plugin/Avira GmbH) 0x00FE0000
Library c:\program files\avira\antivir desktop\ccupdrc.dll (Control Center Updater Plugin Resources/Avira GmbH) 0x01050000
Library c:\program files\avira\antivir desktop\cclic.dll (Control Center License Plugin/Avira GmbH) 0x01060000
Library c:\program files\avira\antivir desktop\cclicrc.dll (Control Center License Plugin Resources/Avira GmbH) 0x011B0000
Library c:\program files\avira\antivir desktop\ccmsg.dll (Control Center Message Plugin/Avira GmbH) 0x011C0000
Library c:\program files\avira\antivir desktop\ccmsgrc.dll (Control Center MSG Plugin Resources/Avira GmbH) 0x01230000
Library C:\Program Files\Avira\AntiVir Desktop\rcimage.dll (Avira AntiVir PersonalEdition Classic Master Resource File (English)/Avira GmbH) 0x01550000
Library c:\program files\avira\antivir desktop\ccmainrc.dll (Control Center Resources/Avira GmbH) 0x01930000

Process C:\WINDOWS\system32\RUNDLL32.EXE (Run a DLL as an App/Microsoft Corporation) 1840
Library C:\WINDOWS\system32\NvMcTray.dll (NVIDIA Media Center Library/NVIDIA Corporation) 0x10000000
Library C:\WINDOWS\system32\nvapi.dll (NVIDIA NVAPI Library, Version 175.19 /NVIDIA Corporation) 0x00A50000

Process C:\Documents and Settings\Ermin\My Documents\Downloads\n8s768cs.exe 3244
Library C:\Documents and Settings\Ermin\My Documents\Downloads\n8s768cs.exe 0x00400000

Process C:\Program Files\Mozilla Firefox\plugin-container.exe (Plugin Container for Firefox/Mozilla Corporation) 3328
Library C:\Program Files\Mozilla Firefox\plugin-container.exe (Plugin Container for Firefox/Mozilla Corporation) 0x00400000
Library C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) 0x10000000
Library C:\Program Files\Mozilla Firefox\sqlite3.dll (SQLite Database Library/sqlite.org) 0x002C0000
Library C:\Program Files\Mozilla Firefox\MOZCRT19.dll (User-Generated Microsoft (R) C/C++ Runtime Library/Mozilla Foundation) 0x78130000
Library C:\Program Files\Mozilla Firefox\js3250.dll 0x00410000
Library C:\Program Files\Mozilla Firefox\nspr4.dll (NSPR Library/Mozilla Foundation) 0x00340000
Library C:\Program Files\Mozilla Firefox\smime3.dll (NSS S/MIME Library/Mozilla Foundation) 0x00380000
Library C:\Program Files\Mozilla Firefox\nss3.dll (NSS Base Library/Mozilla Foundation) 0x00510000
Library C:\Program Files\Mozilla Firefox\nssutil3.dll (NSS Utility Library/Mozilla Foundation) 0x003A0000
Library C:\Program Files\Mozilla Firefox\plc4.dll (PLC Library/Mozilla Foundation) 0x003C0000
Library C:\Program Files\Mozilla Firefox\plds4.dll (PLDS Library/Mozilla Foundation) 0x003D0000
Library C:\Program Files\Mozilla Firefox\ssl3.dll (NSS SSL Library/Mozilla Foundation) 0x005B0000
Library C:\WINDOWS\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x74D90000
Library C:\Program Files\Mozilla Firefox\MOZCPP19.dll (User-Generated Microsoft (R) C/C++ Runtime Library/Mozilla Foundation) 0x7C420000
Library C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll 0x00F50000

---- Services - GMER 1.0.15 ----

Service (Audio File System/Oak Technology Inc.) [SYSTEM] AFS2K
Service C:\Program Files\Avira\AntiVir Desktop\sched.exe (Antivirus Scheduler/Avira GmbH) [AUTO] AntiVirSchedulerService
Service C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Antivirus On-Access Service/Avira GmbH) [AUTO] AntiVirService
Service Aspi32
Service C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira AntiVir Support for Minifilter/Avira GmbH) [SYSTEM] avgio
Service C:\WINDOWS\system32\DRIVERS\avgntflt.sys (Avira Minifilter Driver/Avira GmbH) [AUTO] avgntflt
Service C:\WINDOWS\system32\DRIVERS\avipbb.sys (Avira Driver for Security Enhancement/Avira GmbH) [SYSTEM] avipbb
Service C:\WINDOWS\system32\drivers\cmuda.sys (C-Media Audio WDM Driver/C-Media Inc) [MANUAL] cmuda
Service C:\WINDOWS\System32\Drivers\dtscsi.sys (SCSI miniport/DT Soft Ltd.) [MANUAL] dtscsi
Service C:\WINDOWS\system32\DRIVERS\hamachi.sys (Hamachi Virtual Network Interface Driver/LogMeIn, Inc.) [MANUAL] hamachi
Service C:\WINDOWS\System32\DRIVERS\HCF_MSFT.sys (Modem/Conexant) [MANUAL] HCF_MSFT
Service C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (IDriverT Module/Macrovision Corporation) [MANUAL] IDriverT
Service lanmanworkstation
Service system32\DRIVERS\mcdbus.sys [MANUAL] mcdbus
Service C:\WINDOWS\System32\DRIVERS\nv4_mini.sys (NVIDIA Compatible Windows 2000 Miniport Driver, Version 175.19 /NVIDIA Corporation) [MANUAL] nv
Service C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Driver Helper Service, Version 175.19/NVIDIA Corporation) [AUTO] NVSvc
Service C:\WINDOWS\System32\DRIVERS\ptilink.sys (Parallel Technologies DirectParallel IO Library/Parallel Technologies, Inc.) [MANUAL] Ptilink
Service C:\WINDOWS\System32\DRIVERS\PxHelp20.sys (Px Engine Device Driver for Windows 2000/XP/Sonic Solutions) [BOOT] PxHelp20
Service C:\WINDOWS\system32\DRIVERS\Rtlnic51.sys (Realtek 10/100/1000 NDIS 5.1 Driver /Realtek Semiconductor Corporation ) [MANUAL] RTL8023
Service C:\WINDOWS\System32\DRIVERS\secdrv.sys (Macrovision SECURITY Driver/Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [AUTO] Secdrv
Service C:\WINDOWS\System32\DRIVERS\sisagp.sys (SiS NT AGP Filter/Silicon Integrated Systems Corporation) [BOOT] sisagp
Service System32\Drivers\sptd.sys [DISABLED] sptd
Service C:\WINDOWS\system32\DRIVERS\ssmdrv.sys (AVIRA SnapShot Driver/Avira GmbH) [SYSTEM] ssmdrv
Service C:\WINDOWS\system32\DRIVERS\SysTool.sys (SysTool Low-Level Driver/W1zzard) [SYSTEM] SysTool

---- EOF - GMER 1.0.15 ----



GMER 1.0.15.15530 - gmer.net
Autostart scan 2011-03-17 21:35:56
Windows 5.1.2600 Service Pack 2


HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems@Windows = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon@Userinit = C:\WINDOWS\system32\userinit.exe,

HKLM\SYSTEM\CurrentControlSet\Services\ >>>
AntiVirSchedulerService@ = "C:\Program Files\Avira\AntiVir Desktop\sched.exe"
AntiVirService@ = "C:\Program Files\Avira\AntiVir Desktop\avguard.exe"
NVSvc@ = %SystemRoot%\system32\nvsvc32.exe
ScsiPort@ = %SystemRoot%\system32\drivers\scsiport.sys
UMWdf@ = C:\WINDOWS\system32\wdfmgr.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\Run >>>
@NvCplDaemonRUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup = RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
@QuickTime Task"C:\Program Files\QuickTime\qttask.exe" -atboottime = "C:\Program Files\QuickTime\qttask.exe" -atboottime
@avgnt"C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min = "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
@nwiznwiz.exe /install = nwiz.exe /install
@NvMediaCenterRUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit = RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

HKCU\Software\Microsoft\Windows\CurrentVersion\Run@ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>>
@{42071714-76d4-11d1-8b24-00a0c9068ff3} /*Display Panning CPL Extension*/deskpan.dll /*file not found*/ = deskpan.dll /*file not found*/
@{30D02401-6A81-11d0-8274-00C04FD5AE38} /*IE Search Band*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{32683183-48a0-441b-a342-7c2a440a9478} /*Media Band*/(null) =
@{E7E4BC40-E76A-11CE-A9BB-00AA004AE837} /*Shell DocObject Viewer*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{FBF23B40-E3F0-101B-8488-00AA003E56F8} /*InternetShortcut*/%WINDIR%\system32\ieframe.dll = %WINDIR%\system32\ieframe.dll
@{3C374A40-BAE4-11CF-BF7D-00AA006946EE} /*Microsoft Url History Service*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{FF393560-C2A7-11CF-BFF4-444553540000} /*History*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{7BD29E00-76C1-11CF-9DD0-00A0C9034933} /*Temporary Internet Files*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{7BD29E01-76C1-11CF-9DD0-00A0C9034933} /*Temporary Internet Files*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{CFBFAE00-17A6-11D0-99CB-00C04FD64497} /*Microsoft Url Search Hook*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{3DC7A020-0ACD-11CF-A9BB-00AA004AE837} /*The Internet*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{871C5380-42A0-1069-A2EA-08002B30309D} /*Internet Name Space*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{8BEBB290-52D0-11D0-B7F4-00C04FD706EC} /*Thumbnails*/C:\WINDOWS\SYSTEM32\THUMBVW.DLL = C:\WINDOWS\SYSTEM32\THUMBVW.DLL
@{A70C977A-BF00-412C-90B7-034C51DA2439} /*NvCpl DesktopContext Class*/C:\WINDOWS\system32\nvcpl.dll = C:\WINDOWS\system32\nvcpl.dll
@{1CDB2949-8F65-4355-8456-263E7C208A5D} /*Desktop Explorer*/C:\WINDOWS\system32\nvshell.dll = C:\WINDOWS\system32\nvshell.dll
@{1E9B04FB-F9E5-4718-997B-B8DA88302A47} /*Desktop Explorer Menu*/C:\WINDOWS\system32\nvshell.dll = C:\WINDOWS\system32\nvshell.dll
@{1E9B04FB-F9E5-4718-997B-B8DA88302A48} /*nView Desktop Context Menu*/C:\WINDOWS\system32\nvshell.dll = C:\WINDOWS\system32\nvshell.dll
@{0006F045-0000-0000-C000-000000000046} /*Microsoft Outlook Custom Icon Handler*/C:\PROGRA~1\MICROS~2\Office\OLKFSTUB.DLL = C:\PROGRA~1\MICROS~2\Office\OLKFSTUB.DLL
@{A4DF5659-0801-4A60-9607-1C48695EFDA9} /*Share-to-Web Upload Folder*/C:\Program Files\Hewlett-Packard\HP Share-to-Web\HPGS2WNS.DLL = C:\Program Files\Hewlett-Packard\HP Share-to-Web\HPGS2WNS.DLL
@{E0D79304-84BE-11CE-9641-444553540000} /*WinZip*/C:\PROGRA~1\WINZIP\WZSHLSTB.DLL = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
@{E0D79305-84BE-11CE-9641-444553540000} /*WinZip*/C:\PROGRA~1\WINZIP\WZSHLSTB.DLL = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
@{E0D79306-84BE-11CE-9641-444553540000} /*WinZip*/C:\PROGRA~1\WINZIP\WZSHLSTB.DLL = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
@{E0D79307-84BE-11CE-9641-444553540000} /*WinZip*/C:\PROGRA~1\WINZIP\WZSHLSTB.DLL = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
@{B41DB860-8EE4-11D2-9906-E49FADC173CA} /*WinRAR shell extension*/C:\Program Files\WinRAR\rarext.dll = C:\Program Files\WinRAR\rarext.dll
@{596AB062-B4D2-4215-9F74-E9109B0A8153} /*Previous Versions Property Page*/C:\WINDOWS\System32\twext.dll = C:\WINDOWS\System32\twext.dll
@{9DB7A13C-F208-4981-8353-73CC61AE2783} /*Previous Versions*/C:\WINDOWS\System32\twext.dll = C:\WINDOWS\System32\twext.dll
@{692F0339-CBAA-47e6-B5B5-3B84DB604E87} /*Extensions Manager Folder*/C:\WINDOWS\System32\extmgr.dll = C:\WINDOWS\System32\extmgr.dll
@{32020A01-506E-484D-A2A8-BE3CF17601C3} /*AlcoholShellEx*/(null) =
@{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} /*PowerISO*/(null) =
@{BAF55D20-7BC0-4bcc-A91F-A5223FFFDC9D} /*Sorcerer Shell Extension*/C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HP1006SX.DLL = C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HP1006SX.DLL
@{45AC2688-0253-4ED8-97DE-B5370FA7D48A} /*Shell Extension for Malware scanning*/C:\Program Files\Avira\AntiVir Desktop\shlext.dll = C:\Program Files\Avira\AntiVir Desktop\shlext.dll
@{07C45BB1-4A8C-4642-A1F5-237E7215FF66} /*IE Microsoft BrowserBand*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{11016101-E366-4D22-BC06-4ADA335C892B} /*IE History and Feeds Shell Data Source for Windows Search*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{1C1EDB47-CE22-4bbb-B608-77B48F83C823} /*IE Fade Task*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{205D7A97-F16D-4691-86EF-F3075DCCA57D} /*IE Menu Desk Bar*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{3028902F-6374-48b2-8DC6-9725E775B926} /*IE AutoComplete*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{43886CD5-6529-41c4-A707-7B3C92C05E68} /*IE Navigation Bar*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{44C76ECD-F7FA-411c-9929-1B77BA77F524} /*IE Menu Site*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{4B78D326-D922-44f9-AF2A-07805C2A3560} /*IE Menu Band*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{6038EF75-ABFC-4e59-AB6F-12D397F6568D} /*IE Microsoft History AutoComplete List*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{6B4ECC4F-16D1-4474-94AB-5A763F2A54AE} /*IE Tracking Shell Menu*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{6CF48EF8-44CD-45d2-8832-A16EA016311B} /*IE IShellFolderBand*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{73CFD649-CD48-4fd8-A272-2070EA56526B} /*IE BandProxy*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{8856f961-340a-11d0-a96b-00c04fd705a2} /*Microsoft Web Browser*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{98FF6D4B-6387-4b0a-8FBD-C5C4BB17B4F8} /*IE MRU AutoComplete List*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{9A096BB5-9DC3-4D1C-8526-C3CBF991EA4E} /*IE RSS Feeder Folder*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{9D958C62-3954-4b44-8FAB-C4670C1DB4C2} /*IE Microsoft Shell Folder AutoComplete List*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{B31C5FAE-961F-415b-BAF0-E697A5178B94} /*IE Microsoft Multiple AutoComplete List Container*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{BFAD62EE-9D54-4b2a-BF3B-76F90697BD2A} /*IE Shell Rebar BandSite*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{E6EE9AAC-F76B-4947-8260-A9F136138E11} /*IE Shell Band Site Menu*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{F2CF5485-4E02-4f68-819C-B92DE9277049} /*&Links*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{F83DAC1C-9BB9-4f2b-B619-09819DA81B0E} /*IE Registry Tree Options Utility*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} /*IE User Assist*/(null) =
@{FDE7673D-2E19-4145-8376-BBD58C4BC7BA} /*IE Custom MRU AutoCompleted List*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{FFB699E0-306A-11d3-8BD1-00104B6F7516} /*Play on my TV helper*/C:\WINDOWS\system32\nvcpl.dll = C:\WINDOWS\system32\nvcpl.dll
@{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} /*Autoplay for SlideShow*/(null) =

HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved@{BDEADF00-C265-11d0-BCED-00A0C90AB50F} /*Web Folders*/ = C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL

HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ >>>
DaemonShellExtImage@{40966797-8FFE-46C8-9EF8-7003F33CCF0F} = C:\Program Files\DAEMON Tools Pro\imgshl32.dll /*file not found*/
Shell Extension for Malware scanning@{45AC2688-0253-4ED8-97DE-B5370FA7D48A} = C:\Program Files\Avira\AntiVir Desktop\shlext.dll
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll
WinZip@{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ >>>
PowerISO@{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} =
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll
WinZip@{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ >>>
PowerISO@{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} =
Shell Extension for Malware scanning@{45AC2688-0253-4ED8-97DE-B5370FA7D48A} = C:\Program Files\Avira\AntiVir Desktop\shlext.dll
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll
WinZip@{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects >>>
@{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx = C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
@{30F9B915-B755-4826-820B-08FBA6BD249D}C:\Program Files\ConduitEngine\ConduitEngine.dll = C:\Program Files\ConduitEngine\ConduitEngine.dll
@(null) =
@(null) =
@{9030D464-4C02-4ABF-8ECC-5164760863C6}C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
@{9394EDE7-C8B5-483E-8773-474BF36AF6E4}C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll = C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
@{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll = C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll

HKLM\Software\Microsoft\Internet Explorer\Plugins\Extension\.spop@Location = C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

HKLM\Software\Microsoft\Internet Explorer\Main >>>
@Default_Page_URLhttp://go.microsoft.com/fwlink/?LinkId=69157 = go.microsoft.com/fwlink/?LinkId=69157
@Start Pagehttp://go.microsoft.com/fwlink/?LinkId=69157 = go.microsoft.com/fwlink/?LinkId=69157
@Local PageC:\WINDOWS\system32\blank.htm = C:\WINDOWS\system32\blank.htm

HKCU\Software\Microsoft\Internet Explorer\Main >>>
@Start Pagehttp://www.google.ba/ = google.ba/
@Local PageC:\WINDOWS\system32\blank.htm = C:\WINDOWS\system32\blank.htm

HKLM\Software\Classes\PROTOCOLS\Handler\ >>>
dvd@CLSID = C:\WINDOWS\system32\msvidctl.dll
its@CLSID = C:\WINDOWS\System32\itss.dll
livecall@CLSID = C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
mhtml@CLSID = %SystemRoot%\System32\inetcomm.dll
ms-its@CLSID = C:\WINDOWS\System32\itss.dll
msnim@CLSID = C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
skype4com@CLSID = C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
tv@CLSID = C:\WINDOWS\system32\msvidctl.dll

HKLM\Software\Classes\PROTOCOLS\Handler\wia@CLSID = C:\WINDOWS\System32\wiascr.dll

C:\Documents and Settings\All Users\Start Menu\Programs\Startup = Microsoft Office.lnk

---- EOF - GMER 1.0.15 ----

offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Ovo izgleda ok.


Promeni šifru za hotmail nalog. To bi trebalo da reši problem.

Ko je trenutno na forumu
 

Ukupno su 1424 korisnika na forumu :: 33 registrovanih, 8 sakrivenih i 1383 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., Ageofloneliness, Arahne, babaroga, bagor10, bigfoot, cifra, CikaKURE, Dannyboy, debeli, Dimitrise93, draganca, Georgius, hatman, ILGromovnik, JOntra, lord sir giga, LUDI, Lutvo_Redzepagic, Mixelotti, oganj123, raptorsi, RiV, robert1979, ruma, S2M, Shinobi, shone34, Skywhaler, SlaKoj, Trpe Grozni, Vlada78, zziko