The look.txt was blank.
The gmerrk.txt:
GMER 1.0.15.15077 [scan.exe] -
http://www.gmer.netRootkit scan 2009-08-20 08:34:13
Windows 5.1.2600 Service Pack 3
---- System - GMER 1.0.15 ----
Code 8A8E2590 ZwEnumerateKey
Code 8A7C78B8 ZwFlushInstructionCache
Code 8A627E16 IofCallDriver
Code 8A75088E IofCompleteRequest
Code 8A7C42C5 ZwSaveKey
Code 8A7D94F5 ZwSaveKeyEx
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!IofCallDriver 804EF1A6 5 Bytes JMP 8A627E1B
.text ntkrnlpa.exe!IofCompleteRequest 804EF236 5 Bytes JMP 8A750893
.text ntkrnlpa.exe!ZwSaveKey 80500D68 5 Bytes JMP 8A7C42CA
.text ntkrnlpa.exe!ZwSaveKeyEx 80500D7C 5 Bytes JMP 8A7D94FA
PAGE ntkrnlpa.exe!ZwFlushInstructionCache 805B6812 5 Bytes JMP 8A7C78BC
PAGE ntkrnlpa.exe!ZwEnumerateKey 80623FF0 4 Bytes JMP 8A8E2594
? SYMEFA.SYS The system cannot find the file specified. !
---- User code sections - GMER 1.0.15 ----
.text C:\Program Files\Internet Explorer\Iexplore.exe[2408] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E2151FD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\Iexplore.exe[2408] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2ED3AC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\Iexplore.exe[2408] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E3C10 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\Iexplore.exe[2408] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E3B42 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\Iexplore.exe[2408] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E3BAD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\Iexplore.exe[2408] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E3A13 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\Iexplore.exe[2408] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E3A75 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\Iexplore.exe[2408] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E3C73 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\Iexplore.exe[2408] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E3AD7 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\Iexplore.exe[2408] WS2_32.dll!closesocket 71AB3E2B 5 Bytes JMP 100129A0
.text C:\Program Files\Internet Explorer\Iexplore.exe[2408] WS2_32.dll!connect 71AB4A07 5 Bytes JMP 100127E0
.text C:\Program Files\Internet Explorer\Iexplore.exe[2408] WS2_32.dll!send 71AB4C27 5 Bytes JMP 100127C0
.text C:\Program Files\Internet Explorer\Iexplore.exe[2408] WS2_32.dll!recv 71AB676F 5 Bytes JMP 100127A0
.text C:\Program Files\Internet Explorer\Iexplore.exe[2408] WININET.dll!HttpAddRequestHeadersA 3D94CF40 5 Bytes JMP 00FB000A
.text C:\Program Files\Internet Explorer\Iexplore.exe[2408] WININET.dll!HttpAddRequestHeadersW 3D94FE49 5 Bytes JMP 010A000A
.text C:\Program Files\Internet Explorer\Iexplore.exe[3976] kernel32.dll!VirtualProtect + 1C 7C801AF0 7 Bytes JMP 0442007D
.text C:\Program Files\Internet Explorer\Iexplore.exe[3976] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E2151FD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\Iexplore.exe[3976] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 3E2E9521 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\Iexplore.exe[3976] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 3E2DCB69 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\Iexplore.exe[3976] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2ED3AC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\Iexplore.exe[3976] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 3E2543F6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\Iexplore.exe[3976] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E3C10 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\Iexplore.exe[3976] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E3B42 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\Iexplore.exe[3976] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E3BAD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\Iexplore.exe[3976] USER32.dll!MessageBoxExW 7E450838 5 Byte
The gmerautos.txt:
GMER 1.0.15.15077 -
http://www.gmer.netAutostart scan 2009-08-20 08:36:53
Windows 5.1.2600 Service Pack 3
HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems@Windows = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon@Userinit = C:\WINDOWS\system32\userinit.exe,
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ >>>
AtiExtEvent@DLLName = Ati2evxx.dll
dimsntfy@DLLName = %SystemRoot%\System32\dimsntfy.dll
WgaLogon@DLLName = WgaLogon.dll
HKLM\SYSTEM\CurrentControlSet\Services\ >>>
Ati HotKey Poller@ = %SystemRoot%\system32\Ati2evxx.exe
Fax@ = %systemroot%\system32\fxssvc.exe
McAfeeFramework@ = C:\Program Files\Network Associates\Common Framework\FrameworkService.exe /ServiceStart /*file not found*/
McShield@ = "C:\Program Files\Network Associates\VirusScan\Mcshield.exe"
McTaskManager@ = "C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe"
MDM@ = "C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
Norton Internet Security@ = "C:\Program Files\Norton Internet Security\Engine\16.7.2.10\ccSvcHst.exe" /s "Norton Internet Security" /m "C:\Program Files\Norton Internet Security\Engine\16.7.2.10\diMaster.dll" /prefetch:1
ScsiPort@ = %SystemRoot%\system32\drivers\scsiport.sys
wltrysvc@ = %SystemRoot%\System32\WLTRYSVC.EXE %SystemRoot%\System32\bcmwltry.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run >>>
@SynTPEnhC:\Program Files\Synaptics\SynTP\SynTPEnh.exe = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
@Broadcom Wireless Manager UIC:\WINDOWS\system32\WLTRAY.exe = C:\WINDOWS\system32\WLTRAY.exe
@SigmatelSysTrayAppstsystra.exe = stsystra.exe
@pdfFactory Pro Dispatcher v3"C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis3a.exe" /source=HKLM = "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis3a.exe" /source=HKLM
@Adobe Photo Downloader"C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" /*file not found*/ = "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" /*file not found*/
@TDxVGAUTILC:\WINDOWS\system32\TDxVGAUTIL.EXE = C:\WINDOWS\system32\TDxVGAUTIL.EXE
@CmUsbSoundRunDll32 cmcnfgu.cpl,CMICtrlWnd = RunDll32 cmcnfgu.cpl,CMICtrlWnd
@QuickTime Task"C:\Program Files\QuickTime\qttask.exe" -atboottime = "C:\Program Files\QuickTime\qttask.exe" -atboottime
@HP Software UpdateC:\Program Files\HP\HP Software Update\HPWuSchd2.exe = C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
@WinampAgent"C:\Program Files\Winamp\winampa.exe" /*file not found*/ = "C:\Program Files\Winamp\winampa.exe" /*file not found*/
@UDC Integration /*file not found*/ = /*file not found*/
@SSBkgdUpdate"C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot = "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
@PaperPort PTD"C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" = "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
@IndexSearch"C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" = "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
@PPort11reminder"C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini = "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini
@BrMfcWndC:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN /*file not found*/ = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN /*file not found*/
@ControlCenter3C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun /*file not found*/ = C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun /*file not found*/
@ShStatEXE"C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE = "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
@ISUSPM StartupC:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup = C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
@RealTrayC:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER /*file not found*/ = C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER /*file not found*/
@PCMService"C:\Program Files\Dell\MediaDirect\PCMService.exe" = "C:\Program Files\Dell\MediaDirect\PCMService.exe"
@ISUSScheduler"C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start = "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
@Google Desktop Search"C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup /*file not found*/ = "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup /*file not found*/
@dlaC:\WINDOWS\system32\dla\tfswctrl.exe = C:\WINDOWS\system32\dla\tfswctrl.exe
@Dell QuickSetC:\Program Files\Dell\QuickSet\quickset.exe = C:\Program Files\Dell\QuickSet\quickset.exe
@ATICCC"C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay = "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
HKCU\Software\Microsoft\Windows\CurrentVersion\Run >>>
@ModemOnHoldC:\Program Files\NetWaiting\netWaiting.exe = C:\Program Files\NetWaiting\netWaiting.exe
@ctfmon.exeC:\WINDOWS\system32\ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe
@MSMSGS"C:\Program Files\Messenger\msmsgs.exe" /background = "C:\Program Files\Messenger\msmsgs.exe" /background
HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad@WPDShServiceObj = C:\WINDOWS\system32\WPDShServiceObj.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>>
@{42071714-76d4-11d1-8b24-00a0c9068ff3} /*Display Panning CPL Extension*/deskpan.dll /*file not found*/ = deskpan.dll /*file not found*/
@{596AB062-B4D2-4215-9F74-E9109B0A8153} /*Previous Versions Property Page*/C:\WINDOWS\system32\twext.dll = C:\WINDOWS\system32\twext.dll
@{9DB7A13C-F208-4981-8353-73CC61AE2783} /*Previous Versions*/C:\WINDOWS\system32\twext.dll = C:\WINDOWS\system32\twext.dll
@{30D02401-6A81-11d0-8274-00C04FD5AE38} /*IE Search Band*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{E7E4BC40-E76A-11CE-A9BB-00AA004AE837} /*Shell DocObject Viewer*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{FBF23B40-E3F0-101B-8488-00AA003E56F8} /*InternetShortcut*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{3C374A40-BAE4-11CF-BF7D-00AA006946EE} /*Microsoft Url History Service*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{FF393560-C2A7-11CF-BFF4-444553540000} /*History*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{7BD29E00-76C1-11CF-9DD0-00A0C9034933} /*Temporary Internet Files*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{7BD29E01-76C1-11CF-9DD0-00A0C9034933} /*Temporary Internet Files*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{CFBFAE00-17A6-11D0-99CB-00C04FD64497} /*Microsoft Url Search Hook*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{3DC7A020-0ACD-11CF-A9BB-00AA004AE837} /*The Internet*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{871C5380-42A0-1069-A2EA-08002B30309D} /*Internet Name Space*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} /*Autoplay for SlideShow*/(null) =
@{692F0339-CBAA-47e6-B5B5-3B84DB604E87} /*Extensions Manager Folder*/C:\WINDOWS\system32\extmgr.dll = C:\WINDOWS\system32\extmgr.dll
@{2F603045-309F-11CF-9774-0020AFD0CFF6} /*Synaptics Control Panel*/C:\Program Files\Synaptics\SynTP\SynTPCpl.dll = C:\Program Files\Synaptics\SynTP\SynTPCpl.dll
@{BDEADF00-C265-11D0-BCED-00A0C90AB50F} /*Web Folders*/C:\Program Files\Common Files\Microsoft Shared\Web Folders\MSONSEXT.DLL = C:\Program Files\Common Files\Microsoft Shared\Web Folders\MSONSEXT.DLL
@{00020D75-0000-0000-C000-000000000046} /*Microsoft Office Outlook Desktop Icon Handler*/C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL = C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL
@{0006F045-0000-0000-C000-000000000046} /*Microsoft Office Outlook Custom Icon Handler*/C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL = C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL
@{42042206-2D85-11D3-8CFF-005004838597} /*Microsoft Office HTML Icon Handler*/C:\Program Files\Microsoft Office\OFFICE11\msohev.dll = C:\Program Files\Microsoft Office\OFFICE11\msohev.dll
@{5CA3D70E-1895-11CF-8E15-001234567890} /*DriveLetterAccess*/C:\WINDOWS\system32\dla\tfswshx.dll = C:\WINDOWS\system32\dla\tfswshx.dll
@{e82a2d71-5b2f-43a0-97b8-81be15854de8} /*ShellLink for Application References*/c:\WINDOWS\system32\dfshim.dll = c:\WINDOWS\system32\dfshim.dll
@{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} /*Shell Icon Handler for Application References*/c:\WINDOWS\system32\dfshim.dll = c:\WINDOWS\system32\dfshim.dll
@{45670FA8-ED97-4F44-BC93-305082590BFB} /*Microsoft.XPS.Shell.Metadata.1*/%SystemRoot%\System32\XPSSHHDR.DLL = %SystemRoot%\System32\XPSSHHDR.DLL
@{44121072-A222-48f2-A58A-6D9AD51EBBE9} /*Microsoft.XPS.Shell.Thumbnail.1*/%SystemRoot%\System32\XPSSHHDR.DLL = %SystemRoot%\System32\XPSSHHDR.DLL
@{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} /*Microsoft Office Metadata Handler*/C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
@{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} /*Microsoft Office Thumbnail Handler*/C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
@{07C45BB1-4A8C-4642-A1F5-237E7215FF66} /*IE Microsoft BrowserBand*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{1C1EDB47-CE22-4bbb-B608-77B48F83C823} /*IE Fade Task*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{205D7A97-F16D-4691-86EF-F3075DCCA57D} /*IE Menu Desk Bar*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{3028902F-6374-48b2-8DC6-9725E775B926} /*IE AutoComplete*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{43886CD5-6529-41c4-A707-7B3C92C05E68} /*IE Navigation Bar*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{44C76ECD-F7FA-411c-9929-1B77BA77F524} /*IE Menu Site*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{4B78D326-D922-44f9-AF2A-07805C2A3560} /*IE Menu Band*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{6038EF75-ABFC-4e59-AB6F-12D397F6568D} /*IE Microsoft History AutoComplete List*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{6B4ECC4F-16D1-4474-94AB-5A763F2A54AE} /*IE Tracking Shell Menu*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{6CF48EF8-44CD-45d2-8832-A16EA016311B} /*IE IShellFolderBand*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{73CFD649-CD48-4fd8-A272-2070EA56526B} /*IE BandProxy*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{98FF6D4B-6387-4b0a-8FBD-C5C4BB17B4F8} /*IE MRU AutoComplete List*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{9A096BB5-9DC3-4D1C-8526-C3CBF991EA4E} /*IE RSS Feeder Folder*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{9D958C62-3954-4b44-8FAB-C4670C1DB4C2} /*IE Microsoft Shell Folder AutoComplete List*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{B31C5FAE-961F-415b-BAF0-E697A5178B94} /*IE Microsoft Multiple AutoComplete List Container*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{BC476F4C-D9D7-4100-8D4E-E043F6DEC409} /*Microsoft Browser Architecture*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{BFAD62EE-9D54-4b2a-BF3B-76F90697BD2A} /*IE Shell Rebar BandSite*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{E6EE9AAC-F76B-4947-8260-A9F136138E11} /*IE Shell Band Site Menu*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{F2CF5485-4E02-4f68-819C-B92DE9277049} /*&Links*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{F83DAC1C-9BB9-4f2b-B619-09819DA81B0E} /*IE Registry Tree Options Utility*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} /*IE User Assist*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{FDE7673D-2E19-4145-8376-BBD58C4BC7BA} /*IE Custom MRU AutoCompleted List*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{35786D3C-B075-49b9-88DD-029876E11C01} /*Portable Devices*/%SystemRoot%\system32\wpdshext.dll = %SystemRoot%\system32\wpdshext.dll
@{D6791A63-E7E2-4fee-BF52-5DED8E86E9B8} /*Portable Devices Menu*/%SystemRoot%\system32\wpdshext.dll = %SystemRoot%\system32\wpdshext.dll
@{5464D816-CF16-4784-B9F3-75C0DB52B499} /*Yahoo! Mail*/C:\Program Files\Yahoo!\Common\YMMAPI.dll = C:\Program Files\Yahoo!\Common\YMMAPI.dll
@{C815D826-AB21-43C1-A99D-4AE1E2E3D013} /*Context Menu Shell Extension*/(null) =
@{11016101-E366-4D22-BC06-4ADA335C892B} /*IE History and Feeds Shell Data Source for Windows Search*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{8856f961-340a-11d0-a96b-00c04fd705a2} /*Microsoft Web Browser*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{52B87208-9CCF-42C9-B88E-069281105805} /*Trojan Remover Shell Extension*/(null) =
HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ >>>
AllVideoConverter@{C815D826-AB21-43C1-A99D-4AE1E2E3D013} =
Symantec.Norton.Antivirus.IEContextMenu@{FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} = "C:\Program Files\Norton Internet Security\Engine\16.7.2.10\NavShExt.dll"
VirusScan@{cda2863e-2497-4c49-9b89-06840e070a87} = C:\Program Files\Network Associates\VirusScan\shext.dll
Yahoo! Mail@{5464D816-CF16-4784-B9F3-75C0DB52B499} = C:\Program Files\Yahoo!\Common\YMMAPI.dll
HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\VirusScan@{cda2863e-2497-4c49-9b89-06840e070a87} = C:\Program Files\Network Associates\VirusScan\shext.dll
HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ >>>
AllVideoConverter@{C815D826-AB21-43C1-A99D-4AE1E2E3D013} =
MBAMShlExt@{57CE581A-0CB6-4266-9CA0-19364C90A0B3} = C:\Program Files\Period\mbamext.dll
Symantec.Norton.Antivirus.IEContextMenu@{FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} = "C:\Program Files\Norton Internet Security\Engine\16.7.2.10\NavShExt.dll"
VirusScan@{cda2863e-2497-4c49-9b89-06840e070a87} = C:\Program Files\Network Associates\VirusScan\shext.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects >>>
@{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll = C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
@{5CA3D70E-1895-11CF-8E15-001234567890}C:\WINDOWS\system32\dla\tfswshx.dll = C:\WINDOWS\system32\dla\tfswshx.dll
@{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}C:\Program Files\Norton Internet Security\Engine\16.7.2.10\coIEPlg.dll = C:\Program Files\Norton Internet Security\Engine\16.7.2.10\coIEPlg.dll
@{6D53EC84-6AAE-4787-AEEE-F4628F01010C}C:\Program Files\Norton Internet Security\Engine\16.7.2.10\IPSBHO.DLL = C:\Program Files\Norton Internet Security\Engine\16.7.2.10\IPSBHO.DLL
@{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll = C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
HKCU\Control Panel\Desktop@SCRNSAVE.EXE = C:\WINDOWS\system32\logon.scr
HKLM\Software\Microsoft\Internet Explorer\Main >>>
@Default_Page_URLhttp://go.microsoft.com/fwlink/?LinkId=69157 =
http://go.microsoft.com/fwlink/?LinkId=69157@Start
Pagehttp://www.msn.com/ =
http://www.msn.com/@Local PageC:\WINDOWS\system32\blank.htm = C:\WINDOWS\system32\blank.htm
HKCU\Software\Microsoft\Internet Explorer\Main >>>
@Default_Page_URLwww.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=0070126 =
www.google.com/ig/dell?hl=en&client=del ... bd=0070126@Start
Pagehttp://www.google.com/ =
http://www.google.com/@Local PageC:\WINDOWS\system32\blank.htm = C:\WINDOWS\system32\blank.htm
HKLM\Software\Classes\PROTOCOLS\Filter\text/xml@CLSID = C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
HKLM\Software\Classes\PROTOCOLS\Handler\ >>>
dvd@CLSID = C:\WINDOWS\system32\msvidctl.dll
its@CLSID = C:\WINDOWS\system32\itss.dll
mhtml@CLSID = %SystemRoot%\system32\inetcomm.dll
ms-help@CLSID = C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
ms-its@CLSID = C:\WINDOWS\system32\itss.dll
ms-itss@CLSID = C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL
mso-offdap11@CLSID = C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
symres@CLSID = C:\Program Files\Norton Internet Security\Engine\16.7.2.10\coIEPlg.dll
tv@CLSID = C:\WINDOWS\system32\msvidctl.dll
vnd.ms.radio@CLSID = C:\WINDOWS\system32\msdxm.ocx
HKLM\Software\Classes\PROTOCOLS\Handler\wia@CLSID = C:\WINDOWS\system32\wiascr.dll
C:\Documents and Settings\user\Start Menu\Programs\Startup = FAXRX.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Startup = Digital Line Detect.lnk
---- EOF - GMER 1.0.15 ----