Here is the gmerrk log:
GMER 1.0.13.12551 - http://www.gmer.net
Rootkit scan 2007-08-01 13:36:08
Windows 5.1.2600 Service Pack 2
---- Devices - GMER 1.0.13 ----
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_CREATE [F8A77416] EABFiltr.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_CLOSE [F8A77416] EABFiltr.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_READ [F8A779B8] EABFiltr.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_DEVICE_CONTROL [F8A77A16] EABFiltr.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_POWER [F8A77B8A] EABFiltr.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_SYSTEM_CONTROL [F8A77CBC] EABFiltr.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_CREATE [F8A77416] EABFiltr.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_CLOSE [F8A77416] EABFiltr.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_READ [F8A779B8] EABFiltr.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_DEVICE_CONTROL [F8A77A16] EABFiltr.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_POWER [F8A77B8A] EABFiltr.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_SYSTEM_CONTROL [F8A77CBC] EABFiltr.sys
---- Registry - GMER 1.0.13 ----
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ThreadingModel Apartment
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@cd042efbbd7f7af1647644e76e06692b 0xC8 0x28 0x51 0xAF ...
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ThreadingModel Apartment
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@bca643cdc5c2726b20d2ecedcc62c59b 0x6A 0x9C 0xD6 0x61 ...
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ThreadingModel Apartment
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@2c81e34222e8052573023a60d06dd016 0xFF 0x7C 0x85 0xE0 ...
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ThreadingModel Apartment
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@2582ae41fb52324423be06337561aa48 0x6B 0x65 0x49 0x6A ...
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ThreadingModel Apartment
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@caaeda5fd7a9ed7697d9686d4b818472 0xF5 0x1D 0x4D 0x73 ...
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ThreadingModel Apartment
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@a4a1bcf2cc2b8bc3716b74b2b4522f5d 0xDF 0x20 0x58 0x62 ...
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ThreadingModel Apartment
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@4d370831d2c43cd13623e232fed27b7b 0xFB 0xA7 0x78 0xE6 ...
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ThreadingModel Apartment
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@1d68fe701cdea33e477eb204b76f993d 0x83 0x6C 0x56 0x8B ...
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ThreadingModel Apartment
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@1fac81b91d8e3c5aa4b0a51804d844a3 0x51 0xFA 0x6E 0x91 ...
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ThreadingModel Apartment
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@f5f62a6129303efb32fbe080bb27835b 0x37 0xA4 0xAA 0xC3 ...
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ThreadingModel Apartment
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@fd4e2e1a3940b94dceb5a6a021f2e3c6 0xE3 0x0E 0x66 0xD5 ...
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ThreadingModel Apartment
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@8a8aec57dd6508a385616fbc86791ec2 0x6C 0x43 0x2D 0x1E ...
---- EOF - GMER 1.0.13 ----
Here is the gmerautos.txt log:
GMER 1.0.13.12551 - http://www.gmer.net
Autostart scan 2007-08-01 13:52:11
Windows 5.1.2600 Service Pack 2
HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems@Windows = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon@Userinit = C:\WINDOWS\system32\userinit.exe,
HKLM\SYSTEM\CurrentControlSet\Services\ >>>
AOL ACS /*AOL Connectivity Service*/@ = "C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe"
Creative Service for CDROM Access /*Creative Service for CDROM Access*/@ = C:\WINDOWS\system32\CTsvcCDA.EXE
LexBceS /*LexBce Server*/@ = C:\WINDOWS\system32\LEXBCES.EXE
LightScribeService /*LightScribeService Direct Disc Labeling Service*/@ = "C:\Program Files\Common Files\LightScribe\LSSrvc.exe"
SoundMAX Agent Service (default) /*SoundMAX Agent Service*/@ = C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
Spooler /*Print Spooler*/@ = %SystemRoot%\system32\spoolsv.exe
SymWSC /*SymWMI Service*/@ = "C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe"
UleadBurningHelper /*Ulead Burning Helper*/@ = C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
UMWdf /*Windows User Mode Driver Framework*/@ = C:\WINDOWS\system32\wdfmgr.exe
wltrysvc /*Broadcom Wireless LAN Tray Service*/@ = %SystemRoot%\System32\wltrysvc.exe %SystemRoot%\System32\bcmwltry.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run >>>
@AGRSMMSGAGRSMMSG.exe = AGRSMMSG.exe
@hpWirelessAssistantC:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe = C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
@eabconfg.cplC:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start /*file not found*/ = C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start /*file not found*/
@PCLEPCIC:\PROGRA~1\PINNAC~1\PPE\PPE.EXE = C:\PROGRA~1\PINNAC~1\PPE\PPE.EXE
@NapsterShellC:\Program Files\Napster\napster.exe /systray /*file not found*/ = C:\Program Files\Napster\napster.exe /systray /*file not found*/
@Lexmark X1100 Series"C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe" = "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
@MMTray"C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe" = "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
HKCU\Software\Microsoft\Windows\CurrentVersion\Run@MySpaceIM = C:\Program Files\MySpace\IM\MySpaceIM.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>>
@{42071714-76d4-11d1-8b24-00a0c9068ff3} /*Display Panning CPL Extension*/deskpan.dll /*file not found*/ = deskpan.dll /*file not found*/
@{596AB062-B4D2-4215-9F74-E9109B0A8153} /*Previous Versions Property Page*/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll
@{9DB7A13C-F208-4981-8353-73CC61AE2783} /*Previous Versions*/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll
@{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} /*Autoplay for SlideShow*/(null) =
@{692F0339-CBAA-47e6-B5B5-3B84DB604E87} /*Extensions Manager Folder*/%SystemRoot%\system32\extmgr.dll = %SystemRoot%\system32\extmgr.dll
@{BF05BB6E-442C-428B-8025-82280B7BC26C} /*Zen Micro Media Explorer*/C:\Program Files\Creative\Creative Zen Micro\Zen Micro Media Explorer\CTJBNS2.dll = C:\Program Files\Creative\Creative Zen Micro\Zen Micro Media Explorer\CTJBNS2.dll
@{BDEADF00-C265-11D0-BCED-00A0C90AB50F} /*Web Folders*/C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL = C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
@{00020D75-0000-0000-C000-000000000046} /*Microsoft Office Outlook Desktop Icon Handler*/C:\PROGRA~1\MICROS~4\OFFICE11\MLSHEXT.DLL = C:\PROGRA~1\MICROS~4\OFFICE11\MLSHEXT.DLL
@{0006F045-0000-0000-C000-000000000046} /*Microsoft Office Outlook Custom Icon Handler*/C:\PROGRA~1\MICROS~4\OFFICE11\OLKFSTUB.DLL = C:\PROGRA~1\MICROS~4\OFFICE11\OLKFSTUB.DLL
@{42042206-2D85-11D3-8CFF-005004838597} /*Microsoft Office HTML Icon Handler*/C:\Program Files\Microsoft Office\OFFICE11\msohev.dll = C:\Program Files\Microsoft Office\OFFICE11\msohev.dll
@{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} /*iTunes*/C:\Program Files\iTunes\iTunesMiniPlayer.dll = C:\Program Files\iTunes\iTunesMiniPlayer.dll
@{5464D816-CF16-4784-B9F3-75C0DB52B499} /*Yahoo! Mail*/C:\PROGRA~1\Yahoo!\Common\ymmapi.dll = C:\PROGRA~1\Yahoo!\Common\ymmapi.dll
HKLM\Software\Classes\*\shellex\ContextMenuHandlers\Yahoo! Mail@{5464D816-CF16-4784-B9F3-75C0DB52B499} = C:\PROGRA~1\Yahoo!\Common\ymmapi.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects >>>
@{02478D38-C3F9-4EFB-9B51-7695ECA05670}C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll = C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
@{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll = C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
@{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}C:\Program Files\BitComet\tools\BitCometBHO.dll = C:\Program Files\BitComet\tools\BitCometBHO.dll
@{53707962-6F74-2D53-2644-206D7942484F}C:\PROGRA~1\SPYBOT~1\SDHelper.dll = C:\PROGRA~1\SPYBOT~1\SDHelper.dll
@{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}C:\PROGRA~1\Yahoo!\Common\yiesrvc.dll = C:\PROGRA~1\Yahoo!\Common\yiesrvc.dll
@{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll = C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
HKLM\Software\Microsoft\Internet Explorer\Main >>>
@Default_Page_URLhttp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=presario&pf=laptop = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=presario&pf=laptop
@Start Pageabout:blank = about:blank
@Local Page%SystemRoot%\system32\blank.htm = %SystemRoot%\system32\blank.htm
HKCU\Software\Microsoft\Internet Explorer\Main >>>
@Start Pagehttp://att.yahoo.com/ = http://att.yahoo.com/
@Local PageC:\WINDOWS\system32\blank.htm = C:\WINDOWS\system32\blank.htm
HKLM\Software\Classes\PROTOCOLS\Filter\text/xml@CLSID = C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
HKLM\Software\Classes\PROTOCOLS\Handler\ >>>
dvd@CLSID = C:\WINDOWS\system32\msvidctl.dll
its@CLSID = C:\WINDOWS\system32\itss.dll
mhtml@CLSID = %SystemRoot%\system32\inetcomm.dll
ms-its@CLSID = C:\WINDOWS\system32\itss.dll
ms-itss@CLSID = C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
mso-offdap11@CLSID = C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
tv@CLSID = C:\WINDOWS\system32\msvidctl.dll
wia@CLSID = C:\WINDOWS\system32\wiascr.dll
HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{70D003E9-9F96-4D76-BF7A-F683DEA8C120} /*Wireless Network Connection 2*/ >>>
@IPAddress69.181.129.117 = 69.181.129.117
@DefaultGateway69.181.128.1 = 69.181.128.1
@Domain =
C:\Documents and Settings\Valued Customer\Start Menu\Programs\Startup = BMA Interactive Desktop Calendar.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Startup >>>
Adobe Gamma Loader.lnk = Adobe Gamma Loader.lnk
SBC Self Support Tool.lnk = SBC Self Support Tool.lnk
ymetray.lnk = ymetray.lnk
---- EOF - GMER 1.0.13 ----
GMER 1.0.13.12551 - http://www.gmer.net
Rootkit scan 2007-08-01 13:36:08
Windows 5.1.2600 Service Pack 2
---- Devices - GMER 1.0.13 ----
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_CREATE [F8A77416] EABFiltr.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_CLOSE [F8A77416] EABFiltr.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_READ [F8A779B8] EABFiltr.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_DEVICE_CONTROL [F8A77A16] EABFiltr.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_POWER [F8A77B8A] EABFiltr.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_SYSTEM_CONTROL [F8A77CBC] EABFiltr.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_CREATE [F8A77416] EABFiltr.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_CLOSE [F8A77416] EABFiltr.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_READ [F8A779B8] EABFiltr.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_DEVICE_CONTROL [F8A77A16] EABFiltr.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_POWER [F8A77B8A] EABFiltr.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_SYSTEM_CONTROL [F8A77CBC] EABFiltr.sys
---- Registry - GMER 1.0.13 ----
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ThreadingModel Apartment
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@cd042efbbd7f7af1647644e76e06692b 0xC8 0x28 0x51 0xAF ...
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ThreadingModel Apartment
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@bca643cdc5c2726b20d2ecedcc62c59b 0x6A 0x9C 0xD6 0x61 ...
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ThreadingModel Apartment
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@2c81e34222e8052573023a60d06dd016 0xFF 0x7C 0x85 0xE0 ...
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ThreadingModel Apartment
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@2582ae41fb52324423be06337561aa48 0x6B 0x65 0x49 0x6A ...
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ThreadingModel Apartment
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@caaeda5fd7a9ed7697d9686d4b818472 0xF5 0x1D 0x4D 0x73 ...
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ThreadingModel Apartment
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@a4a1bcf2cc2b8bc3716b74b2b4522f5d 0xDF 0x20 0x58 0x62 ...
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ThreadingModel Apartment
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@4d370831d2c43cd13623e232fed27b7b 0xFB 0xA7 0x78 0xE6 ...
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ThreadingModel Apartment
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@1d68fe701cdea33e477eb204b76f993d 0x83 0x6C 0x56 0x8B ...
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ThreadingModel Apartment
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@1fac81b91d8e3c5aa4b0a51804d844a3 0x51 0xFA 0x6E 0x91 ...
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ThreadingModel Apartment
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@f5f62a6129303efb32fbe080bb27835b 0x37 0xA4 0xAA 0xC3 ...
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ThreadingModel Apartment
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@fd4e2e1a3940b94dceb5a6a021f2e3c6 0xE3 0x0E 0x66 0xD5 ...
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ThreadingModel Apartment
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@8a8aec57dd6508a385616fbc86791ec2 0x6C 0x43 0x2D 0x1E ...
---- EOF - GMER 1.0.13 ----
Here is the gmerautos.txt log:
GMER 1.0.13.12551 - http://www.gmer.net
Autostart scan 2007-08-01 13:52:11
Windows 5.1.2600 Service Pack 2
HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems@Windows = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon@Userinit = C:\WINDOWS\system32\userinit.exe,
HKLM\SYSTEM\CurrentControlSet\Services\ >>>
AOL ACS /*AOL Connectivity Service*/@ = "C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe"
Creative Service for CDROM Access /*Creative Service for CDROM Access*/@ = C:\WINDOWS\system32\CTsvcCDA.EXE
LexBceS /*LexBce Server*/@ = C:\WINDOWS\system32\LEXBCES.EXE
LightScribeService /*LightScribeService Direct Disc Labeling Service*/@ = "C:\Program Files\Common Files\LightScribe\LSSrvc.exe"
SoundMAX Agent Service (default) /*SoundMAX Agent Service*/@ = C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
Spooler /*Print Spooler*/@ = %SystemRoot%\system32\spoolsv.exe
SymWSC /*SymWMI Service*/@ = "C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe"
UleadBurningHelper /*Ulead Burning Helper*/@ = C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
UMWdf /*Windows User Mode Driver Framework*/@ = C:\WINDOWS\system32\wdfmgr.exe
wltrysvc /*Broadcom Wireless LAN Tray Service*/@ = %SystemRoot%\System32\wltrysvc.exe %SystemRoot%\System32\bcmwltry.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run >>>
@AGRSMMSGAGRSMMSG.exe = AGRSMMSG.exe
@hpWirelessAssistantC:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe = C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
@eabconfg.cplC:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start /*file not found*/ = C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start /*file not found*/
@PCLEPCIC:\PROGRA~1\PINNAC~1\PPE\PPE.EXE = C:\PROGRA~1\PINNAC~1\PPE\PPE.EXE
@NapsterShellC:\Program Files\Napster\napster.exe /systray /*file not found*/ = C:\Program Files\Napster\napster.exe /systray /*file not found*/
@Lexmark X1100 Series"C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe" = "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
@MMTray"C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe" = "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
HKCU\Software\Microsoft\Windows\CurrentVersion\Run@MySpaceIM = C:\Program Files\MySpace\IM\MySpaceIM.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>>
@{42071714-76d4-11d1-8b24-00a0c9068ff3} /*Display Panning CPL Extension*/deskpan.dll /*file not found*/ = deskpan.dll /*file not found*/
@{596AB062-B4D2-4215-9F74-E9109B0A8153} /*Previous Versions Property Page*/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll
@{9DB7A13C-F208-4981-8353-73CC61AE2783} /*Previous Versions*/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll
@{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} /*Autoplay for SlideShow*/(null) =
@{692F0339-CBAA-47e6-B5B5-3B84DB604E87} /*Extensions Manager Folder*/%SystemRoot%\system32\extmgr.dll = %SystemRoot%\system32\extmgr.dll
@{BF05BB6E-442C-428B-8025-82280B7BC26C} /*Zen Micro Media Explorer*/C:\Program Files\Creative\Creative Zen Micro\Zen Micro Media Explorer\CTJBNS2.dll = C:\Program Files\Creative\Creative Zen Micro\Zen Micro Media Explorer\CTJBNS2.dll
@{BDEADF00-C265-11D0-BCED-00A0C90AB50F} /*Web Folders*/C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL = C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
@{00020D75-0000-0000-C000-000000000046} /*Microsoft Office Outlook Desktop Icon Handler*/C:\PROGRA~1\MICROS~4\OFFICE11\MLSHEXT.DLL = C:\PROGRA~1\MICROS~4\OFFICE11\MLSHEXT.DLL
@{0006F045-0000-0000-C000-000000000046} /*Microsoft Office Outlook Custom Icon Handler*/C:\PROGRA~1\MICROS~4\OFFICE11\OLKFSTUB.DLL = C:\PROGRA~1\MICROS~4\OFFICE11\OLKFSTUB.DLL
@{42042206-2D85-11D3-8CFF-005004838597} /*Microsoft Office HTML Icon Handler*/C:\Program Files\Microsoft Office\OFFICE11\msohev.dll = C:\Program Files\Microsoft Office\OFFICE11\msohev.dll
@{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} /*iTunes*/C:\Program Files\iTunes\iTunesMiniPlayer.dll = C:\Program Files\iTunes\iTunesMiniPlayer.dll
@{5464D816-CF16-4784-B9F3-75C0DB52B499} /*Yahoo! Mail*/C:\PROGRA~1\Yahoo!\Common\ymmapi.dll = C:\PROGRA~1\Yahoo!\Common\ymmapi.dll
HKLM\Software\Classes\*\shellex\ContextMenuHandlers\Yahoo! Mail@{5464D816-CF16-4784-B9F3-75C0DB52B499} = C:\PROGRA~1\Yahoo!\Common\ymmapi.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects >>>
@{02478D38-C3F9-4EFB-9B51-7695ECA05670}C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll = C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
@{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll = C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
@{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}C:\Program Files\BitComet\tools\BitCometBHO.dll = C:\Program Files\BitComet\tools\BitCometBHO.dll
@{53707962-6F74-2D53-2644-206D7942484F}C:\PROGRA~1\SPYBOT~1\SDHelper.dll = C:\PROGRA~1\SPYBOT~1\SDHelper.dll
@{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}C:\PROGRA~1\Yahoo!\Common\yiesrvc.dll = C:\PROGRA~1\Yahoo!\Common\yiesrvc.dll
@{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll = C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
HKLM\Software\Microsoft\Internet Explorer\Main >>>
@Default_Page_URLhttp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=presario&pf=laptop = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=presario&pf=laptop
@Start Pageabout:blank = about:blank
@Local Page%SystemRoot%\system32\blank.htm = %SystemRoot%\system32\blank.htm
HKCU\Software\Microsoft\Internet Explorer\Main >>>
@Start Pagehttp://att.yahoo.com/ = http://att.yahoo.com/
@Local PageC:\WINDOWS\system32\blank.htm = C:\WINDOWS\system32\blank.htm
HKLM\Software\Classes\PROTOCOLS\Filter\text/xml@CLSID = C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
HKLM\Software\Classes\PROTOCOLS\Handler\ >>>
dvd@CLSID = C:\WINDOWS\system32\msvidctl.dll
its@CLSID = C:\WINDOWS\system32\itss.dll
mhtml@CLSID = %SystemRoot%\system32\inetcomm.dll
ms-its@CLSID = C:\WINDOWS\system32\itss.dll
ms-itss@CLSID = C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
mso-offdap11@CLSID = C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
tv@CLSID = C:\WINDOWS\system32\msvidctl.dll
wia@CLSID = C:\WINDOWS\system32\wiascr.dll
HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{70D003E9-9F96-4D76-BF7A-F683DEA8C120} /*Wireless Network Connection 2*/ >>>
@IPAddress69.181.129.117 = 69.181.129.117
@DefaultGateway69.181.128.1 = 69.181.128.1
@Domain =
C:\Documents and Settings\Valued Customer\Start Menu\Programs\Startup = BMA Interactive Desktop Calendar.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Startup >>>
Adobe Gamma Loader.lnk = Adobe Gamma Loader.lnk
SBC Self Support Tool.lnk = SBC Self Support Tool.lnk
ymetray.lnk = ymetray.lnk
---- EOF - GMER 1.0.13 ----
